Resilient strategy design for cyber-physical system under DoS attack over a multi-channel framework
Introduction
Cyber-physical systems (CPSs) are systems connecting cyber world with physical world seamlessly, which deeply integrate sensing, control, communication and computation techniques [5], [9], [27], [28], [40]. A wide range of applications of CPSs can be found such as smart grid, intelligent transportation, environment monitoring, smart building, etc. CPSs have significantly improved the system operating performances, e.g., stability, efficiency and reliability [41], [42]. However, the increasing connection of CPSs to many critical infrastructures brings a high risk of malicious attacks by adversaries around the globe. The operation and communication based on networks of CPSs make such systems be vulnerable to security threats. Especially, in many application scenarios, wireless communication technology plays an important role in CPSs because of the indispensable demand for remote estimation and control [3], [26], [44], where the CPSs may suffer serious destruction from jamming acts. The security of CPSs, such as the power grids of the nation, is closely related to environment, national economy, national security or even human life. Therefore, it is of great importance to consider the secure issue when designing CPSs, which has been a hot topic in both academic and industrial communities [1], [12], [16], [31].
Recently, many security incidents of CPSs have been reported, for example, the advanced computer worm Stuxnet infected industrial control system of Iran; the operation “Red October” compromised the network systems to steal credential data in various countries across the world. The frequent occurrences and serve damage of incidents motivate intensive efforts on the secure issues of CPSs [10], [43]. In found literature, two categories of cyber attacks are commonly investigated: deception attack and denial-of-service (DoS) attack which corrupt the integrity or availability of transmission data in CPSs. The former one focuses on modifying the information in the transmitted data packet, which needs comprehensive information of systems [11], [21]. However, the latter one blocks the exchange of information among parts of CPSs, which is easy to realize because the prior knowledge of system is not needed for attackers [15]. Additionally, the loss of transmitted information caused by DoS attack will degrade the system performance or even make systems unstable [33]. Therefore, it makes practical sense to exploit the synthetic security issue of CPSs subject to DoS attack.
There are two major lines of the study on securing the CPSs under cyber attacks: attack-tolerant and attack-compensation methods. In the attack-tolerant method, one can verify if the system remains in the safety zone with applied secure control strategy [45]. Considering the comprehensive impact from cyber attacks, a quantifying scenario has been proposed for randomly occurred attacks on networked control systems in [36]. Filtering and control problems aiming at guaranteeing the systems in desired security level have been studied for nonlinear discrete-time systems subject to cyber attacks [4], [24]. One of the most critical problem for deception attacker is to remain stealthy, that is, how to inject falsifying signal without triggering the alarm anomaly detector. Detection schemes are widely exploited to distinguish attacks by checking the characteristics of received data [11], [18]. Note that serious attack may exceed the ability if only the attack-tolerant method is used, hence, the attack-compensation method must be exploited to compensate the degradation of system performance caused by attack-induced phenomena. The distributed detection system has been deployed to defend against DoS attacks in [7]. With energy constraint, attack scheduling problems are studied in [38], [39]. In [39], the optimal scheduling strategies have been addressed for cases that including a single linear quadratic gaussian (LQG) system as well as multiple subsystems. Based on the signal-interference-plus-noise ratio (SINR) in wireless communication networks, problems of “when to attack the communication channel” and “how much power should be used in each time” have be solved for jamming attacker in [38]. Additionally, a two-player Markov game model has been established for transmitter and attacker when multiple power levels are available in remote state estimation via wireless network [10]. Paper [3] extends the results in [10] to a multi-channel transmission case. A markov stochastic game problem has been researched for the channel choice and power level selection of transmitter and attacker by developing a Nash Q-learning algorithm in [3]. Above all, the investigation of compensation strategies of CPSs under cyber attacks has great significance.
Practically, for control system of CPSs, state variables are not available to the controller, but always a disturbance-corrupted output is [35]. Some pioneering results on state estimation have been found in literature, e.g., [14], [23] and the references therein, which are within the Kalman filtering framework. The Kalman filtering scheme is based on statistical properties of the disturbance and sensor noise for the estimator. Linear quadratic gaussian (LQG) optimal control problem with packet losses has been studied in [19]. Generally, without knowing the statistical processes of the disturbance and noise, which are treated as being controlled by adversaries, we can deal with the estimation and control problem by using the minimax control approach [20]. It should be pointed that, the sampling frequency of CPSs, such as smart grid system [32], [36], multi-agent system [29] and space microgravity system [37], becomes higher and higher owing to the development of sensing and computing techniques. The delta operator approach has been recognized in addressing sampling issue. Numerical-stiffness caused by fast sampling can be overcome by using the delta operator approach [29]. The delta-domain controllers in our paper [33] and references [36], [37] exhibit advantages compared with the ones in discrete-domain under finite-word-length constraint when sampling interval tends quite small from numerical simulations and experiments. In a delta operator system, the sampling period which is explicitly expressed can be tuned based on network environment to slow down communication congestion [30], [32]. Furthermore, related results for both continuous- and discrete-time system are unified in delta domain as in references [32], [34]. These series of advantages inspire us to study the security of CPSs by minimax control scheme in delta domain.
Above all, the main problems of resilient strategy design for CPS under DoS attack are mainly threefold: 1) How to derive a robust controller for CPS with high frequency sampling under DoS attack? 2) When taking the control performance into account, how to model the communication network to degrade the effect from DoS attack? 3) How to enhance the resilience of CPS through joint defense strategy design of control system and communication network? In this paper, a minimax control approach in delta domain is studied for the worst-case state estimation and controller design under imperfect state measurement (IPSM). Then, a multi-channel transmission framework is established for transmitter and attacker, based on which a zero-sum Markov stochastic game is presented for the two players. Specially, the main contributions of this paper are highlighted as follows: 1) On account of a CPS with the effect of attack-induced packet dropout, a minimax controller in delta domain is derived under IPSM with the worst-case disturbance and noise scenario. 2) Under DoS attack, a novel multi-channel transmission framework is constructed to reduce the probability of being attacked. 3) The optimal joint defense strategies are obtained by solving a minimax control game and a stochastic Markov game through dynamic programming and value iteration approaches.
The rest of this paper is organized as: In Section 2, the problem formulation including system model and communication model is presented. In Section 3, the design objectives are derived. The resilient strategies are solved in Section 4. In Section 5, numerical simulations are given to demonstrate the validity of the proposed approach. Conclusions are drawn in Section 6.
Notation: Some standard notations are used throughout this paper. denotes the n-dimensional Euclidean space. For a matrix M, MT denotes its transpose, denotes the inverse of matrix M. M > 0 (resp. M < 0) means that M is positive definite (resp. negative definite). M ≥ 0 (respectively, M ≤ 0) means that M is a positive (respectively, negative) semi-definite matrix. For any and S ≥ 0, we use . I denotes the identity matrix of appropriate dimension. Notation represents column vector with all entries one. indicates taking the expected value of ‘ · ’. is a diagonal matrix with the diagonal entries given by the elements . The definition of delta operator is given as [29] where is the sampling period, t is the continuous time index and k is the time step with .
Section snippets
Problem formulation
Our interest lies on the security of a CPS under DoS attack as depicted in Fig. 1. System model is constructed under IPSM in delta domain. Then, a novel multi-channel transmission framework is proposed for transmitter and DoS attacker.
Objective setup
To enhance the resilience of CPS under adversary environment, the design objectives are set up for control system and communication network, respectively.
Resilient strategy design
Now that the researched problem and design objectives have been identified, we will proceed to develop the control and power transmission strategies to enhance the resilience of the entire CPS.
Simulation results
To demonstrate the effectiveness and applicability, we apply the proposed scheme to a load frequency control problem of a three-area power system. The three-area interconnected power system is given as where with
Conclusions
In this paper, the resilient strategy design problem has been investigated for a class of CPS under DoS attack. The system model in delta domain under DoS attack occurring in wireless network between sensor and remote estimation has been set up. The minimax control strategy has been obtained in delta domain under IPSM. Then, the multi-channel transmission framework has been constructed, which can reduce the damage to control system from DoS attack. A two-player Markov stochastic game has been
Acknowledgments
This work was supported by the National Key Research and Development Program of China under Grant 2018YFB1003700, the Beijing Natural Science Foundation under Grant 4161001, the National Natural Science Foundation Projects of International Cooperation and Exchanges under Grant 61720106010, and by the Foundation for Innovative Research Groups of the National Natural Science Foundation of China under Grant 61621063.
References (45)
- et al.
A multi-channel transmission schedule for remote state estimation under dos attacks
Automatica
(2017) - et al.
Defending unknown attacks on cyber-physical systems by semi-supervised approach and available unlabeled data
Inf. Sci.
(2017) Markov games as a framework for multi-agent reinforcement learning
Proc. Eleventh Int. Conf. Mach. Learn.
(1994)- et al.
Stochastic stability of a modified unscented kalman filter with stochastic nonlinearities and multiple fading measurements
J. Franklin Inst.
(2017) - et al.
Event-triggered secure observer-based control for cyber-physical systems under adversarial attacks
Inf. Sci.
(2017) - et al.
Secure state estimation for cyber-physical systems under sparse sensor attacks via a switched Luenberger observer
Inf. Sci.
(2017) - et al.
Minimax control over unreliable communication channels
Automatica
(2015) - et al.
State estimators for systems with random parameter matrices, stochastic nonlinearities, fading measurements and correlated noises
Inf. Sci.
(2017) - et al.
Transmission power scheduling and control co-design for wireless sensor networks
Inf. Sci.
(2018) - et al.
Distributed formation control for teleoperating cyber-physical system under time delay and actuator saturation constrains
Inf. Sci.
(2016)