Control and Game Theoretic Methods for Cyber-Physical Security

By Aris Kanellopoulos, Lijing Zhai, Filippos Fotiadis and Kyriakos Vamvoudakis

Control-theoretic Methods for Cyber-Physical Security presents novel results on security and defense methodologies applied to cyber-physical systems. This book adopts the viewpoint of control and game theories, modelling these autonomous platforms as dynamical systems and proposing algorithmic frameworks that both proactively and reactively shield the system against catastrophic failures. The algorithms presented employ model-based and data-driven techniques to security, ranging from model-free detection mechanisms to unpredictability-based defense approaches.

This book will be a reference to the research community in identifying approaches to security that go beyond robustification techniques and give attention to the tight interplay between the physical and digital devices of the system, providing algorithms that can be readily used in a variety of application domains where the systems are subject to different kinds of attacks.

• Serves as a bibliography on different aspects of security in cyber-physical systems
• Offers insights into security through innovative approaches, which amalgamate principles from diverse disciplines
• Explores unresolved challenges in the security domain, examining them through the lens of rigorous formulations from control and game theory

• Language: English
• Publisher: Academic Press
• Release date: May 24, 2024
• ISBN: 9780443154096

Aris Kanellopoulos

Aris Kanellopoulos received his diploma equivalent to a Master of Science in Mechanical Engineering from the National Technical University of Athens, Greece, in 2017. He studied at the Kevin T. Crofton Department of Aerospace and Ocean Engineering at Virginia Tech and was awarded a PhD in Aerospace Engineering at the Georgia Institute of Technology. In 2022 he was a Research Engineer within Professor Kyriakos G. Vamvoudakis' group. He is currently a Postdoctoral Researcher with the Division of Information Science and Engineering at the Royal Institute of Technology, Sweden.

Book preview

Chapter One: Introduction

Abstract

In this chapter, we present an overview of the systems that we will consider throughout this monograph – namely, cyber-physical systems – their importance to society and the issues that have been and are expected to be observed regarding their deployment. Furthermore, we explore the relevant literature – although not exhaustively – to highlight the results from a plethora of scientific fields.

Keywords

Cyber-physical systems; Security; Optimal control; Game theory

1.1 Cyber-physical systems and security

Cyber-physical systems (CPS) are systems of high heterogeneity and complexity, comprising multiple digital and physical components that interact with one another through a variety of communication channels and computational elements (Rajkumar et al., 2010). CPS have been at the forefront of research endeavors by a multitude of research communities with vastly different viewpoints. Computer scientists approach the design of CPS with great focus given to the interface between the computational elements of such systems, to the embedded controllers that are connected through the internet (Wolf, 2009), and to the communication protocols that dictate the operation of the digital-to-physical interface (Huh et al., 2017). Simultaneously, software engineers have been keen on analyzing how the decentralized and complex nature of CPS can be tackled to guarantee smooth coordination of all the subsystems (Lee, 2008). Following a more mathematically focused direction, control theorists have been exploring issues of CPS in the context of decentralized control (Pasqualetti et al., 2013), robust methods (Jin et al., 2017; Sun et al., 2019), and optimization techniques (Cao et al., 2012).

The extensive attention that CPS have been receiving from researchers can be attributed to their ubiquity in modern society. Such systems can be found in several areas ranging from military to civilian applications. In healthcare and medicine (Lee and Sokolsky, 2010), medical CPS are employed to augment medical devices with networking capabilities that enable real-time monitoring of the patient and allows autonomously handling routine situations. Smart grids (Liu et al., 2011; Mo et al., 2012) will act as the next-generation providers of electricity in networks that are self-monitoring and self-configurable. Analyzing those systems as CPS offers a unique understanding of their operation and supports the development of novel algorithms to optimize their operation. One of the major fields where CPS are found is the field of transportation (Kim et al., 2013). From unmanned vehicles (Jin et al., 2019) to autonomous delivery systems and supply chains (Flämig, 2016), CPS will need to be integrated into the extremely human-centric environment of the traffic network.

Due to the complex and often large-scale nature of CPS, they are an enticing target for adversaries that may want to create confusion, disruption, and performance deterioration through a cyber-physical attack. Numerous attacks on CPS have been reported with a few relevant examples including the German steel mill attack (Lee et al., 2014), the 2015 Ukrainian blackout (Liang et al., 2016), and the Saudi Aramco incident (Bronk and Tikk-Ringas, 2013), going as far back as the Stuxnet virus, a malicious computer worm targeting programmable logic controllers (Farwell and Rohozinski, 2011) or the attack on the Maroochy water services in Australia (Slay and Miller, 2007). Thus it becomes apparent that protecting CPS in both physical and digital domains should not be a long-term goal against potential, futuristic attacks, but a pressing issue that must be confronted immediately. This, in fact, generated an increasing demand for secure methods that can guarantee the integrity and normal operation of CPS under adversarial attacks (Cardenas et al., 2008). A fault taxonomy of attacks, faults, and detection mechanisms is provided in Zhai et al. (2022), which assists a CPS system designer or operator in selecting a detection mechanism for identified attack or fault scenarios.

The issue of securing systems has been of the utmost importance in nearly every facet of human activity. Recently, the area of cyber-security has been pushed forward via the development of a variety of mechanisms, including cryptographic techniques, network resilience methods, and ad hoc solutions to various attack classes recognized by the computer science community. However, the advent of more complex dynamical and adaptive systems has led to the need for more complete, mathematically supported and system-oriented approaches. This is further exacerbated by the increasing penetration of autonomous learning-based components in both military and civilian applications. Adding to this complexity, autonomous agents will be required to operate in closer proximity to humans, being vulnerable to the full unpredictability of the dynamical nature of their behavior. This is especially true when security issues are considered, since the demonstrated imagination and creativity of hackers is a clear indicator that naive, static, equilibrium-oriented models of attack behavior — ones that might consider worst-case scenarios, or specific, constant adversarial choices — are bound to be insufficient once complex systems are further used in everyday life.

In their majority, security mechanisms, both for computer systems and CPS, are reactive in nature. Various fields of research have thrived in their pursuit of approaches to shielding systems against attackers or in the development of detection mechanisms. These approaches, however, fail to consider zero-day attacks to systems and disregard the dynamical nature of the abilities of cyber-attackers. This creates an asymmetric situation, in which the defenders employ static tools that are rigid in their adaptability, whereas the attackers can plan and perform extensive reconnaissance over lengthy periods of time while launching the actual attack in short bursts.

1.2 The viewpoint of control theorists

The work of Cardenas et al. (2008) was one of the first published manuscripts that questioned the adequacy of the security approaches operating only in the computational layer, such as encryption algorithms. Therefore extensive research has been conducted on the behavior and security of complex CPS from a control-theoretic standpoint (Pajic et al., 2017; Pasqualetti et al., 2015; Satchidanandan and Kumar, 2017). Furthermore, by leveraging models that are common in control theory, such as dynamical systems, we can better exploit the interconnection between the input and output of a given system, which is often leveraged in CPS attacks. This has been addressed in the work of Urbina et al. (2016) and is a valuable tool in defending against attacks such as in drone spoofing.

The first consideration of control theorists has been, as is to be expected in problems of security, to develop methods and algorithms that achieve intrusion detection of malicious signals to the different components of CPS. Naturally, control theorists have focused mostly on injections to the physical interfaces of CPS, i.e., on attacks to the actuators and sensors of such systems. Depending on the model that the authors employed, we can broadly separate the literature into research conducted on continuous-time, discrete-time, and hybrid systems. This differentiation is important from an abstraction point of view since different scenarios can be more readily considered via each of these models.

Vamvoudakis et al. (2014) focused on the estimation problem of a binary variable in a network of sensors under Byzantine attacks, with no consideration of the system dynamics. After introducing evolution modeled via continuous-time systems, Pasqualetti et al. (2013) provide a framework to characterize various types of attacks for linear systems in the absence of uncertainties. Then they derive conditions for the detection and identification of these attacks through an observer-based analysis. A detector of replay attacks is developed in Hoehn and Zhang (2016), where the authors propose an excitation of their system in non-regular time intervals to reveal a naive attacker who has no knowledge of the system model. Detection for hybrid systems was also considered in Phillips et al. (2017), where tools for detecting a class of attacks affecting both the flow and the jump dynamics were derived. Temporal logic (Jones et al., 2014) has also been used with the goal of detecting adversarial attacks on CPS. Similar works have been conducted for discrete-time systems. Miao et al. (2016) use coding techniques to transform the system output and leverage the encoded information to increase the probability of detecting sensor and actuator attacks. In the same context of stochastic systems, the work in Guan and Ge (2017) provides a decentralized mechanism able to detect false data injection attacks when the sensors are jammed. For deterministic discrete-time systems with no uncertainties, Chen et al. (2016) characterize detectable and undetectable attacks. They derive a detector that manages to identify the detectable attacks without full knowledge of the initial condition of the system. The work of Fawzi et al. (2014) showed that if the attacker can compromise less than half of the sensors, then it is always possible to recover the state information. To relax this assumption, several switching-based schemes have been developed so that, rather than guaranteeing robustness of estimation or operation under attack, they opt to identify the attacked components and take them offline. Following this line of research, an attack detection filter and a passivity-based switching mechanism were introduced in An and Yang (2017); Yan et al.