(15g) Enabling Cyberattack Detection in Process Control Systems Via Randomized Controller Switching
AIChE Annual Meeting
2023
2023 AIChE Annual Meeting
Computing and Systems Technology Division
CAST Director's Student Presentation Award Finalists (Invited Talks)
Monday, November 6, 2023 - 2:18pm to 2:36pm
Control system parameters influence the ability (or the inability) to detect an attack [4]. Stealthy attacks may evade detection by a passive detection scheme. To enable the detection of stealthy attacks, it may be preferable to operate the process under the so-called âattack-sensitiveâ control system parameters chosen such that an attack on the process destabilizes it [5]. However, there may exist a tradeoff between the ability to detect an attack and closed-loop performance from operating the process under attack-sensitive parameters compared to the closed-loop performance from operating under parameters chosen based on conventional performance-based tuning approaches. To manage this tradeoff, a control system parameter switching-enabled active detection strategy was proposed to enhance the detection capabilities of a passive detection scheme [5]. Under the proposed detection method, the control system parameters occasionally switch to attack-sensitive parameters. Control system parameter switching on the attack-free process may excite the process dynamics and cause process states to evolve briefly outside a neighborhood of the steady-state, triggering false alarms in the detection scheme. For a PCS with (full) state measurements, a state-dependent switching condition was proposed to minimize false alarms [6]. However, state measurements may not always be available, and the switching method does not eliminate false alarms.
This work proposes a randomized control system parameter switching strategy for detecting attacks on processes for which full state measurements are not available. The proposed active detection strategy utilizes a reachable set-based cyberattack detection scheme that monitors a variable according to its expected evolution as defined by the reachable sets of the monitoring variable. This detection scheme can monitor the process during dynamic operation, accounting for potential excitement in the dynamics after switching. Therefore, the reachable set-based detection scheme does not generate false alarms even when a control parameter switch is implemented on the attack-free process at any randomly chosen time step. Randomly choosing the time step at which to implement the control parameter switch may aid in preserving the confidentiality of the active detection strategy, as an attacker may not have access to the control parameter switching schedule to design an attack that evades detection. The proposed strategy is applied to a chemical process to demonstrate that no false alarms are raised under attack-free operation and its ability to detect attacks.
References:
[1] M. Iaiani, A. Tugnoli, S. Bonvicini, and V. Cozzani, âAnalysis of cybersecurity-related incidents,â Process Industry, Reliability Engineering & System Safety, volume 209, pp. 107485, 2021.
[2] S. Parker, Z. Wu, and P.D. Christofides, âCybersecurity in process control, operations, and supply chain,â Computers & Chemical Engineering, volume 171, pp. 108169, 2023.
[3] D. Zhang, Q. G. Wang, G. Feng, Y. Shi, and A. V. Vasilakos, âA survey on attack detection, estimation and control of industrial cyberâphysical systems,â ISA transactions, vol. 116, pp. 1-16, 2021.
[4] S. Narasimhan, N. H. El-Farra, and M. J. Ellis, âDetectability-based controller design screening for processes under multiplicative cyberattacks,â AIChE Journal, volume 68, pp. e17430, 2022.
[5] S. Narasimhan, N. H. El-Farra, and M. J. Ellis. âActive multiplicative cyberattack detection utilizing controller switching for process systems,â Journal of Process Control, volume 116, pp. 64-72, 2022.
[6] S. Narasimhan, N. H. El-Farra, and M. J. Ellis. âA controlâswitching approach for cyberattack detection in process systems with minimal false alarms,â AIChE Journal, volume 68, pp. e17875, 2022.
[7] H. Oyama, D. Messina, K. K. Rangan, and H. Durand, âLyapunov-based economic model predictive control for detected and handling actuator and simultaneous sensor/actuator cyberattacks on process control systems,â Frontiers in Chemical Engineering, volume 5, pp. 810129, 2022.
[8] S. Narasimhan, N. H. El-Farra, and M. J. Ellis. âA reachable set-based cyberattack detection scheme for dynamic processes,â Proceedings of the American Control Conference, In Press, 2023.
[9] C. Kwon and I. Hwang, âReachability analysis for safety assurance of cyber-physical systems against cyberattacksâ, IEEE Transactions on Automatic Control, volume 63, pp. 2272-2279, 2018.
[10] C. Trapiello and V. Puig, âInput design for active detection of integrity attacks using set-based approach,â Proceedings of the IFAC World Congress, Berlin, Germany, pp. 11094-11099, 11-17 July, 2020.