검색창 닫기

# Security of Cyber-Physical System

Aug 11, 2016
Chanhwa Lee

## What is Cyber-Physical Systems (CPSs)?

A Cyber-Physical System (CPS) is a system of collaborating computational elements (cyber parts of CPS) controlling physical entities (physical parts of CPS). Embedded computers and networks monitor and control the physical processes, usually with feedback loops where physical processes affect computations and vice versa. Compared with traditional embedded systems, CPS emphasizes more on an intensive link between the computational and physical elements, while embedded systems focus on the computational device only. Thus, CPS is typically designed as a network of interacting elements with physical input and output instead of as standalone device. Recent advances in computer and communication technologies have enabled CPS to be prevailing in many engineering areas, such as aerospace, automotive, chemical processes, civil infrastructure, energy, healthcare, manufacturing, transportation, military, robotics, entertainment, and consumer appliances. However, there are numerous unique technical and systems-level challenges in obtaining the desired levels of performance with assurances because CPS is still in the initial stage of its research.

## Why is security important in CPSs?

CPSs are unprecedented complex networked control systems which are operated over open public networks thanks to increasing connectivity of Internet and recent advances in networked actuation and sensing devices. Due to the connectivity and openness of communication, CPSs are exposed and can be vulnerable to malicious attacks. Indeed, attacks on systems that involve feedback controllers took place in reality and may lead to catastrophic disruptions in critical infrastructure or cause loss of life. For example, the StuxNet worm virus on SCADA system in Iran nuclear facilities, breach at Maroochy Water Services in Austrailia, power outage in Ukraine, and car hacking are reported. Therefore, resiliency of control systems under malicious attacks has become one of the critical system design considerations and is actively studied. In response to the crisis by vulnerabilities to attacks, system designers or defenders have devised sophisticated control algorithms which are more reliable even when some (not all) of actuators and sensors are corrupted.

## What is the related research in this area?

Recommended papers to read first are the articles in the special issue of IEEE Control Systems Magazine, vol. 35 no. 1. Recent results and new challenges on cybersecurity problems are well summarized. The security of networked control systems are analyzed from a control theoretical viewpointand, and various attack models and scenarios are illustrated in the magazine. Furthermore, fundamental limitations on attack detection and idetification have also been investigated.

Cyberphysical security in networked control systems
H. Sandberg, S. Amin, and K. H. Johansson
IEEE Control Systems, vol. 35, No. 1, pp. 20–23, 2015
http://dx.doi.org/10.1109/MCS.2014.2364708/

Attack identification problem on sensors, resilient state estimation problem under sparse sensor attacks, attracts much attention recently. Basic concepts regarding this problem are introduced and the state reconstruction problem is formulated by an $$\ell_0$$ minimization which is NP-hard. By recasting the $$\ell_0$$ minimization problem into a convex optimization problem, it solves the problem under additional restrictive assumptions in

Secure estimation and control for cyber-physical systems under adversarial attacks
H. Fawzi, P. Tabuada, and S. Diggavi
IEEE Trans. on Automatic Control, vol. 59, no. 6, pp. 1454–1467, 2014
http://dx.doi.org/10.1109/TAC.2014.2303233

A secure and robust state estimation under sensor attacks together with noises and disturbances are proposed by CDSL. The proposed estimator consists of a bank of partial observers operating based on Kalman observability decomposition and a decoder exploiting error correction techniques. In terms of time complexity, the scheme alleviates the computational efforts by reducing the search space to a finite set. On the other hand, in terms of space complexity, the required memory is linear with the number of sensors by means of the decomposition used for constructing a bank of partial observers.

Secure and robust state estimation under sensor attacks, measurement noise and process disturbances: Observer-based combinatorial approach
C. Lee, H. Shim, and Y. Eun
European Control Conf., 2015, pp. 1866–1871
http://dx.doi.org/10.1109/ECC.2015.7330811

The algorithm is extended to uniformly observable nonlinear systems having redundant sensors in

Detection of sensor attack and resilient state estimation for uniformly observable nonlinear systems having redundant sensors
J. Kim, C. Lee, H. Shim, Y. Eun, and J. H. Seo
IEEE Conf. on Decision and Control, to be presented, 2016

By the way, critical attacks are stealthy (or undetectable) attacks such as zero-dynamics attacks and covert attacks. However, they require the adversaries to know the system model perfectly. A design method generating a robust stealthy attack to compromise an uncertain CPS without being detected, is also proposed with the help of disturbance observer in

When adversary encounters uncertain cyber-physical systems: Robust zero-dynamics attack with disclosure resources
G. Park, H. Shim, C. Lee, Y. Eun, and K. H. Johansson
IEEE Conf. on Decision and Control, to be presented, 2016

Another stealthy attack which is effective for sampled-data system, is also suggested. It is well known that sampling procedure induces additional system zerros, so called sampling zeros. Similarly to the attack utilizing sampling zeros, it is shown that attackers can manipulate inter-sample behavior of continuous-time plant for multi-rate sampled-data sytem with fast actuating in;

Zero-stealthy attack on sampled-data control systems: Faster actuation than sensing increasing vulnerability
J. Kim, G. Park, H. Shim, and Y. Eun
IEEE Conf. on Decision and Control, to be presented, 2016

Other than control systematic approach to increase security of CPS, protecting data secrecy of control information in networked control systems is also important. A new encrypted controller operating based on fully homomorphic encryption, which can conduct arithmetic calculations on encrypted variables (not plaintext), is proposed in

Encrypting controller using fully homomorphic encryption for security of cyber-physical systems
J. Kim, C. Lee, H. Shim, J. H. Cheon, A. Kim, M. Kim, and Y. Song
IFAC Workshop on Distributed Estimation and Control in Networked Systems, to be presented, 2016

### 수정요청

현재 페이지에 대한 의견이나 수정요청을 관리자에게 보내실 수 있습니다.
아래의 빈 칸에 내용을 간단히 작성해주세요.

닫기