Security analysis and resilient control of discrete-event systems
Cyber-physical systems (CPS) have been playing significant roles in modern society due to their precise control, remote collaboration, and autonomous functions. The realization of these powerful features heavily relies on the network system (cyber part), which, however, brings about two potential ri...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis-Doctor of Philosophy |
| Language: | English |
| Published: |
Nanyang Technological University
2023
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/171032 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | Cyber-physical systems (CPS) have been playing significant roles in modern society due to their precise control, remote collaboration, and autonomous functions. The realization of these powerful features heavily relies on the network system (cyber part), which, however, brings about two potential risks. Firstly, the information transmitted through the network might be compromised to cause irreparable damage by the smart active adversary (attacker), which covertly performs malicious attack operations, e.g., sensor/actuator signals modification, without being detected. Secondly, the information flow might be intercepted to cause privacy leakage by the passive adversary (intruder), which uses its observations to infer the system secret. Hence, studying security issues is of great significance and practical application value to the safe and resilient operation of CPS.
In this dissertation, from a control theoretic perspective, to help the system designer analyze the system security performance as well as establish a more secure and resilient system, we shall focus on the security analysis and resilient feedback control at the supervisory control layer in the context of discrete-event systems (DES). In the first part, we investigate the topic of security analysis via attacker synthesis to evaluate the system security performance and understand the effects of attacks, including the following problems: 1) system vulnerability identification via attack model reduction, 2) optimal covert attacker synthesis against a known supervisor, 3) covert attacker synthesis against unknown supervisors, and 4) distributed covert attacker synthesis against known distributed supervisors. In the second part, we investigate the topic of resilient feedback control against malicious adversaries (attackers and intruders) via designing defense strategies to establish a more secure and resilient system, including the following problems: 1) resilient control against covert attackers via supervisor fortification, and 2) privacy-preserving control against the external intruder via co-synthesis of privacy-preserving components and the supervisor.
The main contributions of this dissertation are grouped into the following categories. 1) We develop a set of automaton-based modeling techniques, based on which we propose transformation-based approaches to cast the original problems to be solved in the above-mentioned topics into (chaining of) the Ramadge-Wonham supervisory control problem(s). 2) The proposed transformation-based approaches allow existing synthesis tools, such as TCT, Supremica, or SuSyNA, to be used, which makes the proposed approaches attractive to practitioners, who may quickly adopt the solution methodology without any further major efforts on the synthesis tool development. 3) A formal model-based approach is adopted in this dissertation, which results in provably correct solutions. 4) The methods and results in this dissertation are applicable to various CPS, which can be abstracted as DES, with safety-critical requirements on high-level logical performance, especially networked control systems, such as intelligent transportation systems and smart manufacturing systems. |
|---|