Lyapunov-Based Economic Model Predictive Control for Detecting and Handling Actuator and Simultaneous Sensor/Actuator Cyberattacks on Process Control Systems

Abstract: The controllers for a cyber-physical system may be impacted by sensor measurement cyberattacks, actuator signal cyberattacks, or both types of attacks. Prior work in our group has developed a theory for handling cyberattacks on process sensors. However, sensor and actuator cyberattacks have a different character from one another. Specifically, sensor measurement attacks prevent proper inputs from being applied to the process by manipulating the measurements that the controller receives, so that the control law… Show more

“…Due to the interconnected nature of a cyber-physical system like a PCS, a comprehensive solution to enhancing the cybersecurity of PCSs may involve adopting a multi-faceted approach that involves both information technology-based and operational technologybased approaches. The approaches proposed in the literature broadly include those that reinforce information technology-based infrastructure (e.g., firewalls [3] and network design-based approaches [4,5]), approaches that involve cybersecure architecture design (e.g., [6]), approaches for process equipment design to mitigate adverse impacts of a cyberattack (e.g., [7,8]), and the design of operational technology (OT)-based approaches for detecting, identifying, and successfully recovering from an ongoing cyberattack [6,[9][10][11][12][13][14][15][16][17][18][19][20].…”

“…Machine learning-based approaches have also been used as methods for cyberattack detection [6,17]. Other examples include residual-based detection strategies that are designed to detect an attack if the attack causes the process states to leave a safe operating region [10][11][12]. Attack detection approaches that utilize random authentication signals to the manipulated input to add a perturbation to the process and reveal the presence of an attack [21][22][23][24][25] have also been proposed.…”

Detection of Multiplicative False Data Injection Cyberattacks on Process Control Systems via Randomized Control Mode Switching

“…Due to the interconnected nature of a cyber-physical system like a PCS, a comprehensive solution to enhancing the cybersecurity of PCSs may involve adopting a multi-faceted approach that involves both information technology-based and operational technologybased approaches. The approaches proposed in the literature broadly include those that reinforce information technology-based infrastructure (e.g., firewalls [3] and network design-based approaches [4,5]), approaches that involve cybersecure architecture design (e.g., [6]), approaches for process equipment design to mitigate adverse impacts of a cyberattack (e.g., [7,8]), and the design of operational technology (OT)-based approaches for detecting, identifying, and successfully recovering from an ongoing cyberattack [6,[9][10][11][12][13][14][15][16][17][18][19][20].…”

“…Machine learning-based approaches have also been used as methods for cyberattack detection [6,17]. Other examples include residual-based detection strategies that are designed to detect an attack if the attack causes the process states to leave a safe operating region [10][11][12]. Attack detection approaches that utilize random authentication signals to the manipulated input to add a perturbation to the process and reveal the presence of an attack [21][22][23][24][25] have also been proposed.…”

Detection of Multiplicative False Data Injection Cyberattacks on Process Control Systems via Randomized Control Mode Switching

Cybersecurity in process control, operations, and supply chain

Development of directed randomization for discussing a minimal security architecture