Elsevier

Information Sciences

Volumes 454–455, July 2018, Pages 312-327
Information Sciences

Resilient strategy design for cyber-physical system under DoS attack over a multi-channel framework

https://doi.org/10.1016/j.ins.2018.04.082Get rights and content

Abstract

This paper is concerned with the design of resilient strategy for a class of cyber-physical system (CPS) under denial-of-service (DoS) attack. The DoS attack occurring in wireless network between sensor and remote estimation is considered. For the addressed CPS, a minimax control strategy is designed in the presence of DoS attack in delta domain under imperfect state measurements (IPSM). Then, a novel multi-channel transmission framework is constructed to reduce the probability of being attacked, where transmitter chooses a single channel to send data packet and meanwhile the DoS attacker decides a target channel to attack. Taking account of the control system performance, a two-player Markov stochastic game is built to model the interactive decision-making of both sides under energy budget constraints. Dynamic programming and value iteration methods are applied for the control strategy and power transmission strategy design, respectively. Numerical simulations are presented to illustrate the validity of the scheme.

Introduction

Cyber-physical systems (CPSs) are systems connecting cyber world with physical world seamlessly, which deeply integrate sensing, control, communication and computation techniques [5], [9], [27], [28], [40]. A wide range of applications of CPSs can be found such as smart grid, intelligent transportation, environment monitoring, smart building, etc. CPSs have significantly improved the system operating performances, e.g., stability, efficiency and reliability [41], [42]. However, the increasing connection of CPSs to many critical infrastructures brings a high risk of malicious attacks by adversaries around the globe. The operation and communication based on networks of CPSs make such systems be vulnerable to security threats. Especially, in many application scenarios, wireless communication technology plays an important role in CPSs because of the indispensable demand for remote estimation and control [3], [26], [44], where the CPSs may suffer serious destruction from jamming acts. The security of CPSs, such as the power grids of the nation, is closely related to environment, national economy, national security or even human life. Therefore, it is of great importance to consider the secure issue when designing CPSs, which has been a hot topic in both academic and industrial communities [1], [12], [16], [31].

Recently, many security incidents of CPSs have been reported, for example, the advanced computer worm Stuxnet infected industrial control system of Iran; the operation “Red October” compromised the network systems to steal credential data in various countries across the world. The frequent occurrences and serve damage of incidents motivate intensive efforts on the secure issues of CPSs [10], [43]. In found literature, two categories of cyber attacks are commonly investigated: deception attack and denial-of-service (DoS) attack which corrupt the integrity or availability of transmission data in CPSs. The former one focuses on modifying the information in the transmitted data packet, which needs comprehensive information of systems [11], [21]. However, the latter one blocks the exchange of information among parts of CPSs, which is easy to realize because the prior knowledge of system is not needed for attackers [15]. Additionally, the loss of transmitted information caused by DoS attack will degrade the system performance or even make systems unstable [33]. Therefore, it makes practical sense to exploit the synthetic security issue of CPSs subject to DoS attack.

There are two major lines of the study on securing the CPSs under cyber attacks: attack-tolerant and attack-compensation methods. In the attack-tolerant method, one can verify if the system remains in the safety zone with applied secure control strategy [45]. Considering the comprehensive impact from cyber attacks, a quantifying scenario has been proposed for randomly occurred attacks on networked control systems in [36]. Filtering and control problems aiming at guaranteeing the systems in desired security level have been studied for nonlinear discrete-time systems subject to cyber attacks [4], [24]. One of the most critical problem for deception attacker is to remain stealthy, that is, how to inject falsifying signal without triggering the alarm anomaly detector. Detection schemes are widely exploited to distinguish attacks by checking the characteristics of received data [11], [18]. Note that serious attack may exceed the ability if only the attack-tolerant method is used, hence, the attack-compensation method must be exploited to compensate the degradation of system performance caused by attack-induced phenomena. The distributed detection system has been deployed to defend against DoS attacks in [7]. With energy constraint, attack scheduling problems are studied in [38], [39]. In [39], the optimal scheduling strategies have been addressed for cases that including a single linear quadratic gaussian (LQG) system as well as multiple subsystems. Based on the signal-interference-plus-noise ratio (SINR) in wireless communication networks, problems of “when to attack the communication channel” and “how much power should be used in each time” have be solved for jamming attacker in [38]. Additionally, a two-player Markov game model has been established for transmitter and attacker when multiple power levels are available in remote state estimation via wireless network [10]. Paper [3] extends the results in [10] to a multi-channel transmission case. A markov stochastic game problem has been researched for the channel choice and power level selection of transmitter and attacker by developing a Nash Q-learning algorithm in [3]. Above all, the investigation of compensation strategies of CPSs under cyber attacks has great significance.

Practically, for control system of CPSs, state variables are not available to the controller, but always a disturbance-corrupted output is [35]. Some pioneering results on state estimation have been found in literature, e.g., [14], [23] and the references therein, which are within the Kalman filtering framework. The Kalman filtering scheme is based on statistical properties of the disturbance and sensor noise for the estimator. Linear quadratic gaussian (LQG) optimal control problem with packet losses has been studied in [19]. Generally, without knowing the statistical processes of the disturbance and noise, which are treated as being controlled by adversaries, we can deal with the estimation and control problem by using the minimax control approach [20]. It should be pointed that, the sampling frequency of CPSs, such as smart grid system [32], [36], multi-agent system [29] and space microgravity system [37], becomes higher and higher owing to the development of sensing and computing techniques. The delta operator approach has been recognized in addressing sampling issue. Numerical-stiffness caused by fast sampling can be overcome by using the delta operator approach [29]. The delta-domain controllers in our paper [33] and references [36], [37] exhibit advantages compared with the ones in discrete-domain under finite-word-length constraint when sampling interval tends quite small from numerical simulations and experiments. In a delta operator system, the sampling period which is explicitly expressed can be tuned based on network environment to slow down communication congestion [30], [32]. Furthermore, related results for both continuous- and discrete-time system are unified in delta domain as in references [32], [34]. These series of advantages inspire us to study the security of CPSs by minimax control scheme in delta domain.

Above all, the main problems of resilient strategy design for CPS under DoS attack are mainly threefold: 1) How to derive a robust controller for CPS with high frequency sampling under DoS attack? 2) When taking the control performance into account, how to model the communication network to degrade the effect from DoS attack? 3) How to enhance the resilience of CPS through joint defense strategy design of control system and communication network? In this paper, a minimax control approach in delta domain is studied for the worst-case state estimation and controller design under imperfect state measurement (IPSM). Then, a multi-channel transmission framework is established for transmitter and attacker, based on which a zero-sum Markov stochastic game is presented for the two players. Specially, the main contributions of this paper are highlighted as follows: 1) On account of a CPS with the effect of attack-induced packet dropout, a minimax controller in delta domain is derived under IPSM with the worst-case disturbance and noise scenario. 2) Under DoS attack, a novel multi-channel transmission framework is constructed to reduce the probability of being attacked. 3) The optimal joint defense strategies are obtained by solving a minimax control game and a stochastic Markov game through dynamic programming and value iteration approaches.

The rest of this paper is organized as: In Section 2, the problem formulation including system model and communication model is presented. In Section 3, the design objectives are derived. The resilient strategies are solved in Section 4. In Section 5, numerical simulations are given to demonstrate the validity of the proposed approach. Conclusions are drawn in Section 6.

Notation: Some standard notations are used throughout this paper. Rn denotes the n-dimensional Euclidean space. For a matrix M, MT denotes its transpose, M1 denotes the inverse of matrix M. M > 0 (resp. M < 0) means that M is positive definite (resp. negative definite). M ≥ 0 (respectively, M ≤ 0) means that M is a positive (respectively, negative) semi-definite matrix. For any xR and S ≥ 0, we use xS2xTSx. I denotes the identity matrix of appropriate dimension. Notation 1 represents column vector with all entries one. E{·} indicates taking the expected value of ‘ · ’. diag{x1,x2,,xr} is a diagonal matrix with the diagonal entries given by the elements x1,x2,,xr. The definition of delta operator is given as [29] δx(tk)={dx(t)dt,Tk=0x(tk+1)x(tk)Tk,Tk0,where Tk is the sampling period, t is the continuous time index and k is the time step with tk=l=0k1Tl.

Section snippets

Problem formulation

Our interest lies on the security of a CPS under DoS attack as depicted in Fig. 1. System model is constructed under IPSM in delta domain. Then, a novel multi-channel transmission framework is proposed for transmitter and DoS attacker.

Objective setup

To enhance the resilience of CPS under adversary environment, the design objectives are set up for control system and communication network, respectively.

Resilient strategy design

Now that the researched problem and design objectives have been identified, we will proceed to develop the control and power transmission strategies to enhance the resilience of the entire CPS.

Simulation results

To demonstrate the effectiveness and applicability, we apply the proposed scheme to a load frequency control problem of a three-area power system. The three-area interconnected power system is given as x˙(t)=Ax(t)+Bu(t)+Dω(t),y¯(t)=Cx(t)+Ev(t),where x(t)=[x1T(t)x2T(t)x3T(t)]T,u(t)=[u1T(t)u2T(t)u3T(t)]T,ω(t)=[ΔPd1T(t)ΔPd2T(t)ΔPd3T(t)]T,A=[A11A12A13A21A22A23A31A32A33],B=diag{B1B2B3},C=diag{C1C2C3}T,D=diag{D1D2D3},with Aii=[1TpiKpiTpi00Kpi2πTpijS,jiKsij01TTi1TTi001RiTGi01TGi1TGi0KEiKBi000KE

Conclusions

In this paper, the resilient strategy design problem has been investigated for a class of CPS under DoS attack. The system model in delta domain under DoS attack occurring in wireless network between sensor and remote estimation has been set up. The minimax control strategy has been obtained in delta domain under IPSM. Then, the multi-channel transmission framework has been constructed, which can reduce the damage to control system from DoS attack. A two-player Markov stochastic game has been

Acknowledgments

This work was supported by the National Key Research and Development Program of China under Grant 2018YFB1003700, the Beijing Natural Science Foundation under Grant 4161001, the National Natural Science Foundation Projects of International Cooperation and Exchanges under Grant 61720106010, and by the Foundation for Innovative Research Groups of the National Natural Science Foundation of China under Grant 61621063.

References (45)

  • Y. Yuan et al.

    Composite control of linear quadratic games in delta domain with disturbance observers

    J. Franklin Inst.

    (2017)
  • Y. Yuan et al.

    Towards quantifying the impact of randomly occurred attacks on a class of networked control systems

    J. Franklin Inst.

    (2017)
  • J. Zhu et al.

    A game-theoretic power control mechanism based on hidden markov model in cognitive wireless sensor network with imperfect information

    Neurocomputing

    (2017)
  • Y. Ali et al.

    Secure design for cloud control system against distributed denial of service attack

    Control Theory Technol.

    (2018)
  • T. Başar et al.

    H Optimal Control and Related Minimax Design Problems: A Dynamic Game Approach

    (2008)
  • D. Ding et al.

    Event-based security control for discrete-time stochastic systems

    IET Control Theory Appl.

    (2016)
  • J. Giraldo et al.

    Security and privacy in cyber-physical systems: asurvey of surveys

    IEEE Des. Test

    (2017)
  • A. Goldsmith

    Wireless Communications

    (2005)
  • Y. Guan et al.

    Distributed attack detection and secure estimation of networked cyber-physical systems against false data injection attacks and jamming attacks

    IEEE Trans. Signal Inf. Proces. Netw.

    (2018)
  • J. Hu et al.

    Artificial-noise-aided secure transmission scheme with limited training and feedback overhead

    IEEE Trans. Wirel. Commun.

    (2017)
  • Y. Li et al.

    SINR-based dos attack on remote state estimation: agame-theoretic approach

    IEEE Trans. Control Netw. Syst.

    (2016)
  • Y. Li et al.

    Detection against linear deception attacks on multi-sensor remote state estimation

    IEEE Trans. Control Syst. Technol.

    (2017)
  • Cited by (0)

    View full text