(363x) Directed Randomization to Detect for Cyberattacks on Nonlinear Systems Under Lyapunov-Based Economic Model Predictive Control

An integral part of the Industry 4.0^[1][2] setup is a greater integration of physical components of processes on the production floor with computer and communication systems. This integration of cyber-physical systems (CPS) presents advantages such as increased transparency into the steps involved in production as well as better production efficiency. However, this integration also opens processes to malicious cyberattacks on various components of the process including control components such as on process sensors and process actuators. One method explored for attempting to detect attacks focuses on taking actions which could cause attacks to reveal themselves. For example, ^[3] attempts to modify the system dynamics to make attacks visible, and ^[4] injects non-standard signals at the actuators to indicate whether an attack is occurring through the effect of such signals either being noticed in the state measurements or not appearing. ^[5] seeks to blend different active detection strategies to obtain advantages of both. Prior work in our group focused on integrated detection and control policies for cyberattacks on process sensors ^[6][7] and actuators ^[8] has also incorporated a method that probes for attacks to attempt to reveal them in the context of Lyapunov-based economic model predictive control (LEMPC)^[11]. One of the limitations of the methods in ^[6][7][8] is that the methods require at least some sensors to be secure to enable safety guarantees to be made.

In this work, we explore a concept for attempting to reduce the restrictiveness of our prior strategies for integrated detection and control for cyberattacks on nonlinear systems, particularly as it relates to the need for some set of sensors to not be able to be compromised for safety to be guaranteed. We refer to the control design considered as the Directed Randomization Method. This method again involves probing for cyberattacks, but this time in a framework with similarities to dynamic watermarking. Specifically, we consider that under normal operation, control inputs are determined by LEMPC. However, at every state measurement, these control actions are modified by a bias that is randomly selected to be one of two possibilities corresponding to that state measurement. The biases should be selected such that the range of possible states at the beginning of the next sampling period under the input with one of the biases does not intersect the range of possible states at the beginning of the next sampling period under the input with the other of the biases. This has the effect of enabling which of the biases was applied to be distinguished after the fact. If a state measurement outside of the regions corresponding to the biases is measured, an attack is flagged.

However, a stealthy attacker may be aware of which control action can be applied at each state measurement, and what the two potential biases are. Assuming, however, that they do not have access to which of the biases was expected to be applied, the attacker has a 50% probability at a given sampling time of guessing the correct bias and providing a state measurement within the expected range to the detection algorithm. However, the likelihood that they get a series of such guesses correct in a row decreases as more guesses are added to the series. We therefore use this policy to back-validate whether sensor measurements of the past are expected to be correct, based on whether the sensor measurements since a sensor measurement have been correct. We discuss how different probabilities of accuracy of the back-validation might be obtained by looking back different numbers of sampling periods, with the number of sampling periods which can be looked back constrained by the magnitude of sensor noise and plant/model mismatch to prevent overlap of the possible sets of states after a control action along the chain of past measurements. We discuss the extent to which this is beneficial for detecting both sensor and actuator attacks, how it handles changes in the process dynamics, and how closed-loop stability and recursive feasibility can be obtained if the back-validation is accurate.

Reference:

[1] Davis, J., Edgar, T., Graybill, R., Korambath, P., Schott, B., Swink, D., Wang, J., Wetzel, J. Smart manufacturing. Annual review of chemical and biomolecular engineering 6, 141-160 (2015).

[2] Lezzi, M., Lazoi, M., Corallo, A. Cybersecurity for industry 4.0 in the current literature: A reference framework. Computers in Industry 103, 97-110 (2018).

[3] Teixeira, A., Shames, I., Sandberg, H., & Johansson, K. H. (2012, October). Revealing stealthy attacks in control systems. In 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton) (pp. 1806-1813). IEEE.

[4] Satchidanandan, B., & Kumar, P. R. (2016). Dynamic watermarking: Active defense of networked cyber–physical systems. Proceedings of the IEEE, 105(2), 219-240.

[5] Ghaderi, M., Gheitasi, K., & Lucia, W. (2020). A blended active detection strategy for false data injection attacks in cyber-physical systems. IEEE Transactions on Control of Network Systems, 8(1), 168-176.

[6] Rangan, K. K., Oyama, H., & Durand, H. Integrated Cyberattack Detection and Handling for Nonlinear Systems with Evolving Process Dynamics under Lyapunov-based Economic Model Predictive Control. Chemical Engineering Research and Design (2021).

[7] Oyama, H. and H. Durand. Integrated Cyberattack Detection and Resilient Control Strategies Using Lyapunov-Based Economic Model Predictive Control, AIChE Journal, 66, ee17084 (2020).

[8] Oyama, H., D. Messina, K. K. Rangan and H. Durand, "Lyapunov-Based Economic Model Predictive Control for Detecting and Handling Actuator and Simultaneous Sensor/Actuator Cyberattacks on Process Control Systems," Frontiers in Chemical Engineering, section "Computational Methods in Chemical Engineering," 4 (2022).

[9] Heidarinejad, M., Liu, J. and Christofides, P.D. Economic model predictive control of nonlinear process systems using Lyapunov techniques. AIChE Journal, 58(3), 855-870 (2012).