Detection and mitigation of classes of attacks in supervisory control systems
From MaRDI portal
Formal languages and automata (68Q45) Controllability (93B05) Communication networks in operations research (90B18) Hierarchical systems (93A13) Discrete event control/observation systems (93C65) Software, source code, etc. for problems pertaining to systems and control theory (93-04) Authentication, digital signatures and secret sharing (94A62)
Abstract: The deployment of control systems with network-connected components has made feedback control systems vulnerable to attacks over the network. This paper considers the problem of intrusion detection and mitigation in supervisory control systems, where the attacker has the ability to enable or disable vulnerable actuator commands and erase or insert vulnerable sensor readings. We present a mathematical model for the system under certain classes of actuator enablement attacks, sensor erasure attacks, or sensor insertion attacks. We then propose a defense strategy that aims to detect such attacks online and disables all controllable events after an attack is detected. We develop an algorithmic procedure for verifying whether the system can prevent damage from the attacks considered with the proposed defense strategy, where damage is modeled as the reachability of a pre-defined set of unsafe system states.The technical condition of interest that is necessary and sufficient in this context, termed "GF-safe controllability", is characterized. We show that the verification of GF-safe controllability can be performed using diagnoser or verifier automata. Finally, we illustrate the methodology with a traffic control system example.
Recommendations
- Dealing with sensor and actuator deception attacks in supervisory control
- Supervisory control of discrete-event systems under attacks
- A Framework for the Analysis of Supervised Discrete Event Systems Under Attack
- Flow-based attack detection and accommodation for networked control systems
- Stealthy output injection attacks on control systems with bounded variables
Cites work
- A polynomial algorithm for testing diagnosability of discrete-event systems
- Active fault tolerant control of discrete event systems using online diagnostics
- Decentralized supervisory control of discrete-event systems
- Diagnosability of discrete-event systems
- Introduction to Discrete Event Systems
- Polynomial Time Verification of Decentralized Diagnosability of Discrete Event Systems
- Polynomial-time verification of diagnosability of partially observed discrete-event systems
- Robust diagnosis of discrete event systems against intermittent loss of observations
- State Attraction Under Language Specification for the Reconfiguration of Discrete Event Systems
Cited in
(30)- Synthesis of covert actuator and sensor attackers
- Robust corrective control against fundamental and non-fundamental mode attacks with application to an asynchronous digital system
- Synthesis of covert command attackers at the supervisory layer of cyber-physical systems
- On decidability of existence of nonblocking supervisors resilient to smart sensor attacks
- Supervisory control of discrete-event systems under external attacks
- Dealing with sensor and actuator deception attacks in supervisory control
- Synthesis of winning attacks on communication protocols using supervisory control theory: two case studies
- Robust corrective control against a class of actuator attacks in input/state asynchronous sequential machines
- Synthesis of sensor deception attacks at the supervisory layer of cyber-physical systems
- Robust decentralized diagnosability of networked discrete event systems against DoS and deception attacks
- Analysis of strong and strong periodic detectability of bounded labeled Petri nets
- Discrete-event systems subject to unknown sensor attacks
- Performance safety enforcement in strongly connected timed event graphs
- Performance safety enforcement in stochastic event graphs against boost and slow attacks
- Design and implementation of robust corrective control systems with permanent sensor faults
- A zonotopic set-invariance analysis of replay attacks affecting the supervisory layer
- Three kinds of coprognosability for partially-observed discrete event systems via a matrix approach
- Diagnosability and attack detection for discrete event systems under sensor attacks
- Usability aware secret protection with minimum cost
- A Framework for the Analysis of Supervised Discrete Event Systems Under Attack
- Observation-assisted heuristic synthesis of covert attackers against unknown supervisors
- A joint diagnoser approach for diagnosability of discrete event systems under attack
- Probabilistic state estimation for labeled continuous time Markov models with applications to attack detection
- Stealthy deception attacks on water SCADA systems
- Synthesis of covert actuator attackers for free
- Early detection algorithm for attacks against information resources of automatic manufacturing control systems
- Sensor deception attacks against security in supervisory control systems
- Flow-based attack detection and accommodation for networked control systems
- Robust input/output model matching of asynchronous sequential machines under intermittent actuator faults
- Robust supervisory control of discrete event systems against intermittent loss of observations
This page was built for publication: Detection and mitigation of classes of attacks in supervisory control systems
Report a bug (only for logged in users!)Click here to report a bug for this page (MaRDI item Q1716512)
