Periodic Reporting for period 1 - CSP-CPS-A-ICA (Cybersecurity Protection for Cyber-Physical Systems Against Integrity Cyberattacks)
Reporting period: 2022-08-01 to 2024-07-31
This project develops cybersecurity protection schemes that provide cybersecurity protecting services to industrial CPSs. This improves the security level of the industrial CPSs against malicious cyberattacks. Such an achievement is among the goals of Internet Governance Forum (IGF) convened annually by the UN Secretary-General and established by the support of UN Sustainable Development Goals. Furthermore, such research is in line with the aims of “Threat and Risk Management” of ENISA, and also belongs to the target “A Europe fit for the digital age” that is one of the 6 European Commission priorities for 2019-2024.
The overall scope of this project is to provide effective, efficient and reliable cybersecurity protections for industrial control systems. It includes proposing novel attack strategies and attack models to reveal the stealthiness of IC attacks in complex CPSs, proposing advanced cyberattack detecting methodologies and designing RD schemes to identify the occurring risk types. A further objective of the project is to enhance my career prospects.
The main results of the project are given as follows:
(i) Reveal strategies to generate practically stealthy integrity attacks for nonlinear CPSs. We propose a stealthy integrity attack generation methodology for a class of nonlinear cyber-physical systems. The stealthiness of the attack model is rigorously investigated and a sufficient condition on the initial condition of the attack model is derived to guarantee stealthiness.
(ii) Propose attack detection methodologies for nonlinear CPSs to enhance TADs against stealthy integrity attacks. We propose a backward-in-time methodology for detecting stealthy integrity attacks of nonlinear cyber– physical systems subject to disturbances. The detectability analysis is conducted to rigorously characterize the class of detectable attacks.
(iii) Propose RD schemes for complex CPSs to identify the occurring risk types. A set of continuous unitary basis functions are used to characterize the discriminability of the attacks and faults. For each threat, its Tchebycheff approximation using the basis functions of the other threat, is leveraged to deduce its discrimination sensitivity. In addition, an analytic approach to calculate the metric under the generalized Haar condition is developed by solving a minimax optimization problem.
(1) The attack generation model is proposed as a closed-loop system with an arbitrary input signal. The stealthiness of the generated attack is rigorously investigated. A sufficient condition on the initial value of the attack model is derived, allowing the generated attacks to remain undetected by typical anomaly detectors.
(3) We consider: (a) the attacker has full knowledge of the system linear terms but only the structure of the uncertain term, and (b) the attacker only knows the structures of the linear terms and the uncertain non-linear term. For scenario (a), the obtained existence condition of stealthy integrity attacks is that the uncertainty is decoupled with the maximal output-zeroing controlled-invariant subspace. In scenario (b), the existence of stealthy attacks is only possible if the uncertainty is decoupled with the fixed maximal output-zeroing controlled-invariant subspace.
(4) For each disclosure scenario, we deduce the minimum actuator communication channels to protect for guaranteeing the absence of stealthy integrity attacks.
2: Propose attack detection methodologies for nonlinear CPSs to enhance TADs against stealthy integrity attacks
(1) An equivalent increment of the system at a time prior to the attack occurrence time is found to be effective in detecting stealthy integrity attacks.
(2) A backward-in-time detector based on an H_∞ fixed-point smoother is proposed as the tool to estimate the unknown equivalent increment.
(3) A sensor watermarking scheme is proposed, which is composed of a watermark generator and a remover, both switching between a set of two larger (outer) and two smaller (inner) values. These values and the time instants are properly set.
(4) We provide suitable design requirements for the time seeds and demonstrate how these are satisfied by a chaotic Lorenz system.
3: Propose RD schemes for complex CPSs to identify the occurring risk types
(1) The continuous function spaces formed by the bases of the threats are utilized to characterize the threat discriminability.
(2) A sensitivity metric is proposed as the ratio of the Tchebycheff norm of the approximation error to the threat magnitude, to characterize its discrimination sensitivity.
(3) The proposed sensitivity metric is calculated for the scalar-valued and vector-valued basis functions, respectively, by analytically solving a minimax optimization problem under the Haar condition.
(4) A novel methodology consisting of a two-layered decision strategy and a sensor switching watermark scheme is designed for threat detection and discrimination. Such a methodology can rigorously guarantee the detection and discrimination between physical faults and a broad range of MITM cyber attacks such as DoS, replay, and integrity attacks.