Control-Theoretic Methods for Cyber-Physical Security

Cyber-physical systems integrate physical processes, computational resources, and communication capabilities. Cyber-physical systems have permeated modern society becoming prevalent in many domains including energy production, health care, and telecommunications. Examples of cyber-physical systems include sensor networks, industrial automation systems , and critical infrastructures such as transportation networks , power generation and distribution networks, water and gas distribution networks, and advanced communication systems. The integration of cyber technologies with physical processes increases systems efficiency and, at the same time, introduces vulnerabilities that undermine the reliability of critical infrastructures. As recently highlighted by the Ma-roochy water breach in March 2000 [1], multiple recent power blackouts in Brazil [2], the SQL Slammer worm attack on the Davis-Besse nuclear plant in January 2003 [3], the StuxNet computer worm in June 2010 [4], and various industrial security incidents [5], cyber-physical systems are prone to failures and attacks on their physical infrastructure, and cyber attacks on their data management and communication layer [6], [7]. Concerns about security of systems are not new, as the numerous manuscripts on systems fault detection, isolation, and recovery testify [8], [9]. Cyber-physical systems, however, suffer from specific vulnerabilities that do not affect classical systems, and for which appropriate detection and identification techniques need to be developed. For instance, the reliance of cyber-physical systems on communication networks and standard communication protocols to transmit measurements and control packets increases the possibility of intentional and unforeseen attacks against physical plants. On the other hand, information security methods, such as authentication, access control, and message integrity, appear inadequate for a satisfactory protection of cyber-physical systems. In fact, these information security methods do not exploit the compatibility of the measurements with the underlying physical process or the control mechanism, and they are ineffective, for instance, against insider attacks and attacks targeting the physical dynamics [1]. The analysis of vulnerabilities of cyber-physical systems to external attacks has received increasing attention in the last years. The general approach has been to study the effect of specific attacks against particular systems. For instance, in [10] deception and denial of service attacks against a networked control system are defined, and, for the latter ones, a countermeasure based on semi-definite programming is proposed. Deception attacks refer to the possibility of compromising the integrity of control packets or measurements, and they are cast by altering the behavior of sensors and actuators. Denial of service attacks, instead, compromise the availability of resources by, for …