(419c) Safe Control of Networked Chemical Process Plants Under Cyber-Attacks

Cyber-Physical Systems (CPS) such as chemical process control plants, autonomous vehicles, unmanned aerial vehicles, and smart power systems are susceptible to a variety of cyber-attacks. These systems depend on the measurements reported from their sensors to close their control loops. This makes them susceptible to cyber-attacks where malicious agents can compromise the sensors or the networks carrying the sensor measurements. In recent years, there was have been several such cyber-attacks [1] [2] [3].

Our focus in this paper is on systems where the sensor measurements are compromised by a malicious agent at some point, either at the sensor or in the network transporting the sensor measurements which distorts the sensor measurements provided to the actuator in the control loop. Such cyber-attacks can be detected successfully by ``Dynamic Watermarking (DW)" methodology proposed in [4]. The basis and background of the DW method involves two specific statistical tests for security, and provides theoretical guarantees for linear stochastic systems. It has been shown to be capable of detecting cyber-attacks on chemical process control systems [5] [6], autonomous vehicles [7], unmanned aerial vehicles [8], and smart power systems [9]. However, the safe operation of the plant under attack remains an open problem. In this paper, we address the safe post-attack control of chemical process control plants.

Fig.1 show how the dynamic watermarking method can be used to trigger a switch which changes the feedback control loop. Prior to attack, the control loop employs the reported sensor measurements. Once the attack is detected by dynamic watermarking-based attack detector, the control loop is switched to so that it does not rely on the compromised sensor measurements. Rather it employs the estimated output of a model obtained by a system identification algorithm employed prior to attack.

Using the online system identification methods such as least squares estimation, we generate estimates of the sensor measurements under cyber-attack. We use these estimates to close the control loop rather than using malicious sensor measurements. Through both simulations and experimental validation we show the effectiveness of the proposed post-attack controller for safe control under cyber-attacks. The proposed post-attack controller along with the DW based Attack Detector thereby makes possible secure and safe operation of the chemical process control system under arbitrary cyber-attacks.

References

[1] Kerr, Paul K., John Rollins, and Catherine A. Theohary. The stuxnet computer worm: Harbinger of an emerging warfare capability. Washington, DC: Congressional Research Service, 2010.

[2] Farwell, James P., and Rafal Rohozinski. ``Stuxnet and the future of cyber war." Survival 53.1 (2011): 23-40.

[3] Case, Defense Use. ``Analysis of the cyber attack on the Ukrainian power grid." Electricity Information Sharing and Analysis Center (E-ISAC) 388 (2016): 1-23.

[4] Satchidanandan, Bharadwaj, and Panganamala R. Kumar. ``Dynamic watermarking: Active defense of networked cyber–physical systems." Proceedings of the IEEE 105.2 (2016): 219-240.

[5] Kim, Jaewon, Woo-Hyun Ko, and P. R. Kumar. ``Cyber-Security with Dynamic Watermarking for Process Control Systems." 2019 AIChE Annual Meeting. AIChE, 2019.

[6] Kim, Jaewon, and P. R. Kumar.``Security of Control Systems with Erroneous Observations." IFAC-PapersOnLine 53.2 (2020): 2225-2230.

[7] Ko, Woo-Hyun, Bharadwaj Satchidanandan, and P. R. Kumar. ``Theory and implementation of dynamic watermarking for cybersecurity of advanced transportation systems." 2016 IEEE Conference on Communications and Network Security (CNS). IEEE, 2016.

[8] Kim, Jaewon, Woo-Hyun Ko, and P. R. Kumar. ``Cyber-Security through Dynamic Watermarking for 2-rotor Aerial Vehicle Flight Control Systems." 2021 International Conference on Unmanned Aircraft Systems (ICUAS). IEEE, 2021.

[9] Ramos-Ruiz, Jorge, et al. ``An active detection scheme for cyber attacks on grid-tied PV systems." 2020 IEEE CyberPELS (CyberPELS). IEEE, 2020.