A survey on security control and attack detection for industrial cyber-physical systems
Section snippets
Cyber-physical systems
Recent years have witnessed rapid developments of cyber-physical systems (CPSs) due to advances in computing, communication, and related hardware technologies. As a new research frontier, a CPS is an integration of physical processes, ubiquitous computation, efficient communication and effective control [12]. Its holistic framework is shown in Fig. 1. Various social and physical applications have been performed in light of CPSs. The application fields include, but are not limited to,
System models for industrial CPSs
As is done for almost all of real-world engineering systems, the modeling of a CPS plays a key role in understanding and analyzing its dynamic behaviors. In other words, it is of both theoretical significance and practical importance to construct a unified system model before any subsequence analysis and synthesis. On the one hand, due to tight coupling and high coordination between cyber and physical worlds, a CPS can be regarded as a dynamically reorganizing and reconfiguring control system
Cyber-attacks in industrial CPSs
Since the vulnerability of CPSs, attacks can be injected into systems in a stealthy and unpredictable way through the cyber-parts [22]. For example, an adversary may lead to a disruption of coordination packets in medium access control layers or a compromise of networked components by injecting some malware (e.g., viruses and worms). Besides, while obtaining the encryption key, an attacker can illegally get access to the monitoring centers to destroy the normal operation. In other words, the
Performance analysis for industrial CPSs
In the context of dynamical systems, stability is an essential requirement, under which, other objectives, such as robustness, security and reliability, can be imposed on CPSs via various approaches. Compared with traditional industrial systems, performance analysis and synthesis for CPSs are still at an elementary stage especially in the theoretical level due to challenges from uncertainties in the environment, modeling errors of physical and software operations, undesired network induced
Attack detection for industrial CPSs
Notice that the purpose of cyber-attacks is to destroy the desired performance of safety-critical CPSs. Thus, cyber-attacks are harmful to the enormous economy benefits or the loss of human lives. When they are detected and located in a timely fashion, the damage to overall systems can be controlled within a tolerable limit [105]. In light of such a perspective, attack detection plays a crucial role in maintaining the performance of CPSs. For many real-world systems, such as power systems and
Security control and estimation for industrial CPSs
State estimation plays an important role in better understanding system dynamical behaviors and executing some specific control tasks. In networked scenarios, it is an inevitable challenge how to mitigate the impact of cyber-attacks as well as various probabilistic communication failures. For steady states, a decentralized estimation scheme with adaptive weighted matrices is proposed [71] to alleviate the influence of bad data in SCADA systems. Recently, the distributed counterpart is
Conclusions and challenging issues
Recent advances on security control and attack detection for industrial CPSs have been surveyed in the framework of control and estimation theory. First, the typical modeling on CPSs and cyber-attacks has been presented from the engineering point of view. Then, robustness, security and resilience as well as stability have been discussed to govern the capability of weakening various attacks. Furthermore, developments on attack detection for industrial CPSs have been reviewed based on different
Acknowledgments
This work was supported in part by the Australian Research Council Discovery Project under Grant DP160103567, the National Natural Science Foundation of China under Grant 61573246, the Shanghai Rising-Star Program of China under Grant 16QA1403000, and the Program for Capability Construction of Shanghai Provincial Universities under Grant 15550502500.
Derui Ding received both the B.Sc. degree in Industry Engineering in 2004 and the M.Sc. degree in Detection Technology and Automation Equipment in 2007 from Anhui Polytechnic University, Wuhu, China, and the Ph.D. degree in Control Theory and Control Engineering in 2014 from Donghua University, Shanghai, China. From July 2007 to December 2014, he was a teaching assistant and then a lecturer in the Department of Mathematics, Anhui Polytechnic University, Wuhu, China. He is currently a senior
References (143)
- et al.
Security of interdependent and identical networked control systems
Automatica
(2013) - et al.
Distributed recursive filtering for stochastic systems under uniform quantizations and deception attacks through sensor networks
Automatica
(2017) - et al.
Resilient stabilization of multi-hop control networks subject to malicious attacks
Automatica
(2016) - et al.
Variance-constrained H∞ control for a class of nonlinear stochastic discrete time-varying systems: the event-triggered design
Automatica
(2016) - et al.
Distributed formation control of networked multi-agent systems using a dynamic event-triggered communication mechanism
IEEE Trans. Ind. Electron.
(2017) - et al.
Leader-following consensus of nonlinear multiagent systems with stochastic sampling
IEEE Trans. Cybern.
(2017) - et al.
Estimation, filtering and fusion for networked systems with network-induced phenomena: new progress and prospects
Inf. Fus.
(2016) - et al.
A constrained optimization approach to dynamic state estimation for power systems including PMU and missing measurements
IEEE Trans. Control Syst. Technol.
(2016) - et al.
Event-based security control for discrete-time stochastic systems
IET Control Theory Appl.
(2016) - et al.
Strategic protection against data injection attacks on power grids
IEEE Trans. Smart Grid
(2011)
Detecting false data injection attacks on power grid by sparse optimization
IEEE Trans. Smart Grid
Detection of faults and attacks including false data injection attack in smart grid using Kalman filter
IEEE Trans. Control Netw. Syst.
Event-triggered consensus control for discrete-time stochastic multi-agent systems: the input-to-state stability in probability
Automatica
Delay-dependent robust stability for uncertain linear systems with interval time-varying delay
Automatica
A new H∞ stabilization criterion for networked control systems
IEEE Trans. Autom. Control
New Lyapunov–Krasovskii functionals for global asymptotic stability of delayed neural networks
IEEE Trans. Neural Netw.
Design and implementation of attack-resilient cyberphysical systems: with a focus on attack-resilient state estimators
IEEE Control Syst. Mag.
Design and implementation of secure networked predictive control systems under deception attacks
IEEE Trans. Control Syst. Technol.
Model-free fault detection and isolation in large-scale cyber-physical systems
IEEE Trans. Emerg. To. Comput. Intell.
Attacks on sensor network parameter estimation with quantization: performance and asymptotically optimum processing
IEEE Trans. Signal Process.
Basic concepts and taxonomy of dependable and secure computing
IEEE Trans. Dependable Secure Comput.
Quest of benchmarking security risks to cyber-physical systems
IEEE Netw.
Cyber security of water SCADA systems-part I: analysis and experimentation of stealthy deception attacks
IEEE Trans. Control Syst. Technol.
Cyber security of water SCADA systems-part II: attack detection using enhanced hydrodynamic models
IEEE Trans. Control Syst. Technol.
The Industrial Internet @work
Adaptive cyber-physical system attack detection and reconstruction with application to power systems
IET Control Theory Appl.
Risk-sensitive control under Markov modulated denial-of-service (dos) attack strategies
IEEE Trans. Autom. Control
Distributed control systems for small-scale power networks: using multiagent cooperative control theory
IEEE Control Syst. Mag.
An online optimization approach for control and communication codesign in networked cyber-physical systems
IEEE Trans. Ind. Inform.
A framework for wide-area monitoring and control systems interoperability and cybersecurity analysis
IEEE Trans. Power Deliv. 2014
Bayesian mechanisms and detection methods for wireless network with malicious users
IEEE Trans. Mob. Comput.
From model, signal to knowledge: a data-driven perspective of fault detection and diagnosis
IEEE Trans. Ind. Inform.
Job scheduling with uncertain local generation in smart buildings: two-stage robust approach
IEEE Trans. Smart Grid
Defending against false data injection attacks on power system state estimation
IEEE Trans. Ind. Inform.
Modeling cyber-physical systems
Proc. IEEE
Observer-based event-triggering consensus control for multi-agent systems with lossy sensors and cyber attacks
IEEE Trans. Cybern.
Event-triggered control systems under denial-of-service attacks
IEEE Tran. Control Netw. Syst.
On H∞ estimation of randomly occurring faults for a class of nonlinear time-varying systems with fading channels
IEEE Trans. Autom. Control
An event-triggered approach for load frequency control with supplementary ADP
IEEE Trans. Power Syst.
Sensors and Controls in the Analysis of Distributed Systems
Energy-efficient information and communication infrastructures in the smart grid: a survey on interactions and open issues
IEEE Commun. Surv. Tutor.
A game-theoretic analysis of cyber switching attacks and mitigation in smart grid systems
IEEE Trans. Smart Grid
Secure estimation and control for cyber-physical systems under adversarial attacks
IEEE Trans. Autom. Control
Cyber-physical systems as general distributed parameter systems: three types of fractional order models and emerging research opportunities
IEEE/CAA J. Autom. Sin.
Consensus of multiagent systems subject to partially accessible and overlapping Markovian network topologies
IEEE Tran. Cybern.
Event-based set-membership leader-following consensus of networked multi-agent systems subject to limited communication resources and unknown-but-bounded noise
IEEE Trans. Ind. Electron.
A comprehensive overview of cyber-physical systems: from perspective of feedback system
IEEE/CAA J. Autom. Sin.
Bayesian data fusion for distributed target detection in sensor networks
IEEE Trans. Signal Process.
A survey on concepts, applications, and challenges in cyber-physical systems
KSII Trans. Internet Inf. Syst.
Cited by (756)
Asynchronous attack tolerant control for Markov jump cyber-physical systems under hybrid cyber-attacks
2024, Applied Mathematics and ComputationFinite-time switching-like sliding mode fault-tolerant control for discrete-time cyber-physical systems under DoS attacks and intermittent faults
2024, Applied Mathematics and ComputationOptimal energy allocation based on SINR under DoS attack
2024, Neurocomputing
Derui Ding received both the B.Sc. degree in Industry Engineering in 2004 and the M.Sc. degree in Detection Technology and Automation Equipment in 2007 from Anhui Polytechnic University, Wuhu, China, and the Ph.D. degree in Control Theory and Control Engineering in 2014 from Donghua University, Shanghai, China. From July 2007 to December 2014, he was a teaching assistant and then a lecturer in the Department of Mathematics, Anhui Polytechnic University, Wuhu, China. He is currently a senior research fellow with the School of Software and Electrical Engineering, Swinburne University of Technology, Melbourne, Australia. From June 2012 to September 2012, he was a research assistant in the Department of Mechanical Engineering, the University of Hong Kong, Hong Kong. From March 2013 to March 2014, he was a visiting scholar in the Department of Information Systems and Computing, Brunel University London, UK. His research interests include nonlinear stochastic control and filtering, as well as multi-agent systems and sensor networks. He has published around 40 papers in refereed international journals. He is a very active reviewer for many international journals.
Qing-Long Han received the B.Sc. degree in Mathematics from Shandong Normal University, Jinan, China, in 1983, and the M.Sc. and Ph.D. degrees in Control Engineering and Electrical Engineering from East China University of Science and Technology, Shanghai, China, in 1992 and 1997, respectively. From September 1997 to December 1998, he was a Post-doctoral Researcher Fellow with the Laboratoire dAuomatique et dInformatique Industrielle (LAII) (currently, Laboratoire d’Informatique et d’Automatique pour les Systmes, LIAS), cole Suprieure dIng nieurs de Poitiers (ESIP) (currently, cole Nationale Suprieure dIng nieurs de Poitiers (ENSIP)), Universit de Poitiers, France. From January 1999 to August 2001, he was a Research Assistant Professor with the Department of Mechanical and Industrial Engineering at Southern Illinois University at Edwardsville, USA. From September 2001 to December 2014, he was Laureate Professor, an Associate Dean (Research and Innovation) with the Higher Education Division, and the Founding Director of the Centre for Intelligent and Networked Systems at Central Queensland University, Australia. From December 2014 to May 2016, he was Deputy Dean (Research), with the Griffith Sciences, and a Professor with the Griffith School of Engineering, Griffith University, Australia. In May 2016, he joined Swinburne University of Technology, Australia, where he is currently Pro Vice-Chancellor (Research Quality) and a Distinguished Professor. In March 2010, he was appointed Chang Jiang (Yangtze River) Scholar Chair Professor by Ministry of Education, China. Prof. Han is one of The World’s Most Influential Scientific Minds: 2014–2016 and is a Highly Cited Researcher in Engineering according to Thomson Reuters. He is an Associate Editor of a number of international journals including IEEE Transactions on Industrial Electronics, IEEE Transactions on Industrial Informatics, IEEE Transactions on Cybernetics, and Information Sciences. His research interests include networked control systems, neural networks, time-delay systems, multi-agent systems and complex dynamical systems.
Yang Xiang received his Ph.D. in Computer Science from Deakin University, Australia. He is currently a full professor and the Dean of Digital Research & Innovation Capability Platform, Swinburne University of Technology, Australia.His research interests include cyber security, which covers network and system security, data analytics, distributed systems, and networking. In particular, he is currently leading his team developing active defense systems against large-scale distributed network attacks. He is the Chief Investigator of several projects in network and system security, funded by the Australian Research Council (ARC). He has published more than 200 research papers in many international journals and conferences. He served as the Associate Editor of IEEE Transactions on Computers, IEEE Transactions on Parallel and Distributed Systems, Security and Communication Networks (Wiley), and the Editor of Journal of Network and Computer Applications. He is the Coordinator, Asia for IEEE Computer Society Technical Committee on Distributed Processing (TCDP). He is a Senior Member of the IEEE.
Xiaohua Ge received the B.Eng. degree in electronic and information engineering from Nanchang Hangkong University, Nanchang, China, in 2008, the M.Eng. degree in control theory and control engineering from Hangzhou Dianzi University, Hangzhou, China, in 2011, and the Ph.D. degree in computer engineering from Central Queensland University, Rockhampton, QLD, Australia, in 2014. He was a Research Assistant with the Centre for Intelligent and Networked Systems, Central Queensland University, from 2011 to 2013. In 2014, he was a Research Fellow with the Centre for Intelligent and Networked Systems, Central Queensland University, Rockhampton, Australia. From 2015 to 2016, he was a Research Fellow with the Griffith School of Engineering, Griffith University, Gold Coast, Australia. He is currently a Lecturer with the School of Software and Electrical Engineering, Swinburne University of Technology, Melbourne, Australia. His current research interests include networked control and filtering, distributed networked control systems, multi-agent systems and sensor networks.
Xian-Ming Zhang received the M.Sc. degree in applied mathematics and the Ph.D. degree in control theory and engineering from Central South University, Changsha, China, in 1992 and 2006, respectively. In 1992, he joined Central South University, where he was an Associate Professor with the School of Mathematics and Statistics. From 2007 to 2014, he was a Post-Doctoral Research Fellow and a Lecturer with the School of Engineering and Technology, Central Queensland University, Rockhampton, QLD, Australia. From 2014 to 2016, he was a Lecturer with the Griffith School of Engineering, Griffith University, Gold Coast, QLD, Australia. In 2016, he joined the Swinburne University of Technology, Melbourne, VIC, Australia, where he is currently a Senior Lecturer with the School of Software and Electrical Engineering. His current research interests include H-infty filtering, event-triggered control systems, networked control systems, neural networks, distributed systems, and time-delay systems. Dr. Zhang was a recipient of the National Natural Science Award (Level 2) in China in 2013, and the Hunan Provincial Natural Science Award (Level 1) in Hunan Province in China in 2011, both jointly with Prof. M. Wu and Prof. Y. He, and the IET Premium Award in 2016, jointly with Prof. Q.-L. Han. He serves as an Associate Editor for the Journal of the Franklin Institute and a member of the editorial board of Neural Computing and Applications.