(452b) Simultaneous Analysis of Control and Cyberattack Detection Algorithms for Enhanced Operational Safety

A critical component of the literature on cybersecurity of industrial control systems has been attack detection techniques. For state measurement falsification attacks, detection methods attempt to identify that an attack is occurring by noting that the measurement data does not match expected trends [1,2,3]. Because sensor measurement falsification cyberattacks make process inputs independent of the actual value of the process state [4], feedback controllers may not be able to prevent cyberattacks from causing harm unless they are notified, via a detection algorithm, that an attack has occurred and that a backup policy must be put in place. One of the drawbacks of detection strategies, however, is that they assume that an attack will take a form that is identifiable as an anomaly by the detection method.

Motivated by the above considerations, we explore the relationship between detection methods and optimization algorithms for chemical processes under model predictive control designs in the presence of state measurement cyberattacks. Specifically, we use a continuous stirred tank reactor example to demonstrate that when the state measurements remain close to the actual values (meaning that the attacks are less “anomalous”), the solutions of the optimization algorithms of the controllers may not differ significantly from the solutions when the state measurement is correct. However, as the state measurements differ more significantly (i.e., a potentially more detectable attack is pursued), the state trajectories can also differ more from the predicted trajectories within the controller. We therefore explore the intersection between the detection thresholds and the optimization problem solution’s sensitivity to changes in the state measurement (i.e., initial condition of the process model) to better understand the conditions required for design of cyberattack-resilient detection-control/optimization algorithm combinations.

[1] Z. Wu, F. Albalawi, J. Zhang, Z. Zhang, H. Durand and P. D. Christofides, “Detecting and handling cyber-attacks in model predictive control of chemical processes,” Mathematics, 6, 173, 22 pages, 2018.

[2] A. A. Cárdenas, S. Amin, Z.-S. Lin, Y.-L. Huang, C.-Y. Huang and S. Sastry, “Attacks against process control systems: Risk assessment, detection, and response,” In Proceedings of the ACM Asia Conference on Computer & Communications Security, Hong Kong, China, 2011.

[3] I. Kiss, B. Genge, and P. Haller. “A clustering-based approach to detect cyber attacks in process control systems,” In Proceedings of the IEEE International Conference on Industrial Informatics, Cambridge, UK, pp. 142-148, 2015.

[4] H. Durand, “A nonlinear systems framework for cyberattack prevention for chemical process control systems,” Mathematics, 6, 169, 44 pages, 2018.