Input Design for Active Dectection of Integrity Attacks using Set-based Approach

Trapiello, Carlos; Puig, Vicenç

doi:10.1016/j.ifacol.2020.12.254

Cited by 6 publications

(3 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Passive methods are based on operating signals, while active methods require the introduction of an appropriate input signal and an analysis of its influence on the output signals of control systems. Active approaches were presented in [63][64][65]. In this paper, only passive approaches will be used.…”

Section: Detection Based On the Analysis Of Process Data And Indicato...mentioning

confidence: 99%

Integrated Approach to Diagnostics of Failures and Cyber-Attacks in Industrial Control Systems

et al. 2022

View full text Add to dashboard Cite

This paper is concerned with the issue of the diagnostics of process faults and the detection of cyber-attacks in industrial control systems. This problem is of significant importance to energy production and distribution, which, being part of critical infrastructure, is usually equipped with process diagnostics and, at the same time, is often subject to cyber-attacks. A commonly used approach would be to separate the two types of anomalies. The detection of process faults would be handled by a control team, often with a help of dedicated diagnostic tools, whereas the detection of cyber-attacks would be handled by an information technology team. In this article, it is postulated here that the two can be usefully merged together into one, comprehensive, anomaly detection system. For this purpose, firstly, the main types of cyber-attacks and the main methods of detecting cyber-attacks are being reviewed. Subsequently, in the analogy to “process fault”—a term well established in process diagnostics—the term “cyber-fault” is introduced. Within this context a cyber-attack is considered as a vector containing a number of cyber-faults. Next, it is explained how methods used in process diagnostics for fault detection and isolation can be applied to the detection of cyber-attacks and, in some cases, also to isolation of the components of such attacks, i.e., cyber-faults. A laboratory stand and a simulator have been developed to test the proposed approach. Some test results are presented, demonstrating that, similarly to equipment/process faults, residua can be established and cyber-faults can be identified based on the mismatch between the real data from the system and the outputs of the simulation model.

show abstract

Section: Detection Based On the Analysis Of Process Data And Indicato...mentioning

confidence: 99%

Integrated Approach to Diagnostics of Failures and Cyber-Attacks in Industrial Control Systems

et al. 2022

View full text Add to dashboard Cite

show abstract

“…In particular, a set of finite N-step sequences to guarantee the attack detection until the Nth sample. As proposed in [45], the open-loop input sequences are designed by solving a mixed-integer quadratic program to guarantee the separability of the reachable zonotopic set of residuals considering the uncertainties bounded by (2). 1 The sequences are specifically devised to detect replay attacks and exploit the temporal mismatch between the record and replay phases in order to ensure that if under attack, the residual signal must satisfy r k +N / ∈ R H .…”

Section: A Attack Detectormentioning

confidence: 99%

“…Additionally, the sequences are designed to be within a preestablished set E. Notice that it is highly unlikely that the attacker's signal is similar to the watermark since the watermarking signal is inherently random, i.e., a random sequence of the set of designed signals is used every time. For more details on the watermarking design methodology, the reader may refer to [45].…”

Section: A Attack Detectormentioning

confidence: 99%

Dual-Rate Control Framework With Safe Watermarking Against Deception Attacks

Bessa

Trapiello

Puig

et al. 2022

IEEE Trans. Syst. Man Cybern, Syst.

Self Cite

View full text Add to dashboard Cite

This article presents a novel secure-control framework against sensor deception attacks. The vulnerability of cyber-physical systems with respect to sensor deceptive attacks makes that all sensor measurements are not reliable until the system security is assured by an attack detection module. Most of the active attack detection strategies require some time to assess the system security, while injecting a watermark signal to ease the detection. However, the injection of watermark signals deteriorates the performance and stability of the plant. The proposed control framework consists of a dual-rate control (DRC) that is able to stabilize the plant using: 1) a model predictive controller that operates at a slower sampling time; 2) a state-feedback predictor-based controller that operates in the nominal sampling time disregarding the use of the untrustworthy measurements until the attack detector is able to certify the security; and 3) a reconfiguration block (RB) for palliating the effect of the watermarking. Simulation results indicate the efficacy of the proposed DRC framework to defend the system from cyber-attacks and the ability of the RB to improve the closed-loop performance during the watermark injection.

show abstract

A reachable set-based scheme for the detection of false data injection cyberattacks on dynamic processes

Narasimhan¹,

El‐Farra²,

Ellis³

2023

Digital Chemical Engineering

View full text Add to dashboard Cite

Input Design for Active Dectection of Integrity Attacks using Set-based Approach

Cited by 6 publications

References 6 publications

Integrated Approach to Diagnostics of Failures and Cyber-Attacks in Industrial Control Systems

Integrated Approach to Diagnostics of Failures and Cyber-Attacks in Industrial Control Systems

Dual-Rate Control Framework With Safe Watermarking Against Deception Attacks

A reachable set-based scheme for the detection of false data injection cyberattacks on dynamic processes

Contact Info

Product

Resources

About