(194a) Cyberattack Detectability-Based Screening of Optimal Control Systems | AIChE

(194a) Cyberattack Detectability-Based Screening of Optimal Control Systems

Authors 

Panicker, R. - Presenter, University of California, Davis
El-Farra, N., University of California, Davis
Ellis, M., University of California, Davis
The reliance of industrial control systems on networked components, such as networked sensors and actuators, has led to flexible control architectures and reduced installation and maintenance costs, but it has also made control systems more vulnerable to cyberattacks [1]. Some of these attacks aim to compromise the integrity of the data transmitted over the communication channels which can lead to performance degradation, economic losses, and safety impacts [2]. While numerous information technology (IT)-based approaches exist to counter cyberattacks, IT-based approaches alone often provide insufficient remedies for handling cyberattacks in operation technology (OT)-based systems [3]. Therefore, to augment the solutions offered by IT-based approaches, it becomes imperative to develop tailored measures against cyberattacks, specifically designed for OT systems [3]. These measures include incorporating cyberattack detection, identification, and mitigation capabilities in the control system design and implementation [4, 5, 6, 7].

Cyberattack detection schemes seek to detect the presence of an attack on a system. Several cyberattack detection schemes have been proposed in the literature to detect various types of cyberattacks [4, 5, 6]. Moreover, the influence of control system parameters on the ability of a detection scheme to detect an attack has been established for linear control systems [8] and used as the basis for the development of active attack detection schemes [9]. The linkage between controller design and attack detection, however, has not been explored for optimal control systems whose design depends on a cost function. In conventional set-point tracking optimal control, typically a quadratic cost function, which penalizes deviations of the states and inputs from their corresponding steady-state values, is used. In particular, the quadratic cost function includes two weighting matrices, which serve as controller design parameters.

In this work, we investigate how the choice of weighting matrices influences the ability of a detection scheme to detect cyberattacks. Under certain conditions, we show that certain choices of weighting matrices lead to optimal control strategies that mask the impact of a cyberattack, rendering the attack undetectable. Consequently, we classify attacks as undetectable, detectable, or potentially detectable based on the choice of weighting matrices. We then propose a screening methodology to identify choices of weighting matrices that lead to an attack being undetectable. This screening methodology can be used while designing optimal control strategies to discard such choices of weighting matrices. Finally, the proposed methodology is applied to a chemical process using two optimal control-based control strategies, including a linear quadratic regulator and model predictive control.

References

[1] H. Sandberg, V. Gupta, and K. H. Johansson, “Secure networked control systems,” Annual Review of Control, Robotics, and Autonomous Systems, vol. 5, pp. 445–464, 2022.

[2] H. S. Sánchez, D. Rotondo, T. Escobet, V. Puig, and J. Quevedo, “Bibliographical review on cyber attacks from a control oriented perspective,” Annual Reviews in Control, vol. 48, pp. 103–128, 2019.

[3] S. Parker, Z. Wu, and P. D. Christofides, “Cybersecurity in process control, operations, and supply chain,” Computers & Chemical Engineering, p. 108169, 2023.

[4] H. Oyama, D. Messina, K. K. Rangan, and H. Durand, “Lyapunov-based economic model predictive control for detecting and handling actuator and simultaneous sensor/actuator cyberattacks on process control systems,” Frontiers in Chemical Engineering, vol. 4, p. 810129, 2022.

[5] C. Murguia and J. Ruths, “On reachable sets of hidden cps sensor attacks,” in Proceedings of 2018 Annual American Control Conference, 2018, pp. 178–184.

[6] S. Chen, Z. Wu, and P. D. Christofides, “Cyber-attack detection and resilient operation of nonlinear processes under economic model predictive control,”Computers & Chemical Engineering, vol. 136, p. 106806, 2020.

[7] A. Zedan and N. H. El-Farra, “A machine-learning approach for identification and mitigation of cyberattacks in networked process control systems,” Chemical Engineering Research and Design, vol. 176, pp. 102–115, 2021.

[8] S. Narasimhan, N. H. El-Farra, and M. J. Ellis, “Detectability-based controller design screening for processes under multiplicative cyberattacks,” AIChE Journal, vol. 68, p. e17430, 2022.

[9] S. Narasimhan, N. H. El-Farra, and M. J. Ellis, “Active multiplicative cyberattack detection utilizing controller switching for process systems,” Journal of Process Control, vol. 116, pp. 64–79, 2022.