DoS干扰攻击下的信息物理系统状态反馈稳定
|
摘要
基于网络的工业控制系统作为信息物理系统(CPSs)的一种重要应用正迅猛发展.然而,近年来针对工业控制系统的恶意网络攻击引起了人们对CPS安全问题的广泛关注.拒绝服务(DoS)干扰攻击作为CPS中最容易发生的攻击方式得到了深入研究.对此,提出一种能量受限的、周期的DoS干扰攻击模型,攻击的目的是增大无线信道发生数据包随机丢包的概率.基于一类CPS简化模型,考虑CPS中传感器与控制器(S-C)之间无线信道同时存在DoS干扰攻击和固有随机数据包丢失的情况,采用状态反馈,基于随机Lyapunov函数和线性矩阵不等式方法得到可以保证系统稳定的充分条件,并利用系统稳定的充分条件和锥补线性化算法设计控制器.最后,通过两个数值仿真例子验证所提出控制策略的有效性.
Industrial control systems based on the network have developed rapidly as an important application of the cyber-physical systems(CPSs). However, the malicious cyber attacks on the network of the industrial control system have aroused widespread concern about the security of CPSs in recent years. Denial-of-service(DoS) attack, which aims to jam the communication between system components, has been widely studied since this attack pattern is the most accomplishable. In this paper, an energy-constrained periodic DoS jamming attacker model is proposed to increase the probability of stochastic packet dropouts. We consider a class of CPSs with inherent stochastic packet dropouts under DoS jamming attack on the wireless channel between a sensor and a controller. A sufficient condition for the existence of the state feedback controller which guarantees the stochastic stability of the CPS is established based on stochastic Lyapunov function and linear matrix inequality approach. The design of the controller can be solved by the cone complementarity linearization algorithm. Finally, two numerical simulations illustrate the effectiveness of the proposed controller.
Industrial control systems based on the network have developed rapidly as an important application of the cyber-physical systems(CPSs). However, the malicious cyber attacks on the network of the industrial control system have aroused widespread concern about the security of CPSs in recent years. Denial-of-service(DoS) attack, which aims to jam the communication between system components, has been widely studied since this attack pattern is the most accomplishable. In this paper, an energy-constrained periodic DoS jamming attacker model is proposed to increase the probability of stochastic packet dropouts. We consider a class of CPSs with inherent stochastic packet dropouts under DoS jamming attack on the wireless channel between a sensor and a controller. A sufficient condition for the existence of the state feedback controller which guarantees the stochastic stability of the CPS is established based on stochastic Lyapunov function and linear matrix inequality approach. The design of the controller can be solved by the cone complementarity linearization algorithm. Finally, two numerical simulations illustrate the effectiveness of the proposed controller.
引文
[1]Derler P,Lee E A,Vincentelli A S.Modeling cyber-physical systems[J].Proc of the IEEE,2012,100(1):13-28.
[2]Sampigethaya K,Poovendran R.Aviation cyber-physical systems:Foundations for future aircraft and air transport[J].Proc of the IEEE,2013,101(8):1834-1855.
[3]Mo Y L,Kim T H,Brancik K,et al.Cyber-physical security of a smart gird infrastructure[J].Proc of the IEEE,2012,100(99):1-15.
[4]Liu Y G,Xu B G,Ding Y H.Convergence analysis of cooperative breaking control for interconnected vehicle systems[J].IEEE Trans on Intelligence Transport Systems,2017,18(7):1894-1906.
[5]Lee I,Sokolsky O,Chen S J,et al.Challenges and research directions in medical cyber-physical systems[J].Proc of the IEEE,2012,100(1):75-90.
[6]Jazdi N.Cyber physical system in the context of industry4.0[C].Proc of the IEEE Int Conf on Automation,Quality and Testing,Robotics.Cluj-Napoca,2014:1-4.
[7]Gungor V C,Hancke G P.Industrial wireless sensor networks:Challenges,design principles,and technical approaches[J].IEEE Trans on Industrial Electronics,2009,56(10):4258-4265.
[8]Cao X H,Chen J M,Xiao Y,et al.Building-Environment control with wireless sensor and actuator networks:centralized versus distributed[J].IEEE Trans on Industrial Electronics,2010,57(11):3596-3605.
[9]Frawell J P,Rohozinski R.Stuxnet and the future of cyber war[J].Survival,2011,53(1):23-40.
[10]Iasiello E.Cyber attack:A dull tool to shape foreign policy[C].Int Conf on Cyber Conflict.Tallinn,2013:1-18.
[11]Sundaram S,Hadjicosyis R.Distributed function calculation via linear iterative strategies in the presence of malicious agents[J].IEEE Trans on Automatic Control,2011,56(7):1495-1508.
[12]C′ardenas A A,Amin S,Sastry S.Secure control:Towards survivable cyber-physical systems[C].Proc of the 28th Conf on Distributed Computing Systems Workshops.Beijing,2008:495-500.
[13]Teixeira A,Perez D,Sandberg H,et al.Attack models and scenarios for networked control systems[C].Proc of1st Int Conf on High Confidence Networked Systems.Beijing,2012:55-64.
[14]Cetinkaya A,Ishii H,Hayakawa T.Networked control under random and malicious packet losses[J].IEEE Trans on Automatic Control,2017,62(5):2434-2449.
[15]Zhang H,Cheng P,Shi L,et al.Optimal denial-of-service attack scheduling with energy constraint[J].IEEE Trans on Automatic Control,2015,60(11):3023-3028.
[16]Zhang H,Cheng P,Shi L,et al.Optimal DoS attack scheduling in wireless networked control system[J].IEEETrans on Control System Technology,2016,24(3):843-852.
[17]Peng L H,Cao X H,Sun C Y,et al.Energy efficient jamming attack schedule against remote state estimation in wireless cyber-physical systems[J].Neurocomputing,2018,272:571-583.
[18]Foroush H S,Martínez S.On event-triggered control of linear systems under periodic denial of service attacks[C].Proc of IEEE 51st Annual Conf on Decision and Control.Maui,2012:2551-2556.
[19]Persis C D,Tesi P.Input-to-state stabilizing control under denial-of-service[J].IEEE Trans on Automatic Control,2015,60(11):2930-2944.
[20]Feng S,Tesi P.Resilient control under denial-of-service:Robust design[J].Automatica,2017,79:42-51.
[21]Dolk V S,Tesi P.Event-triggered control systems under denial-of-service attacks[J].IEEE Trans on Control Network Systems,2017,4(1):93-104.
[22]Li Y Z,Shi L,Cheng P,et al.Jamming attacks on remote state estimation in cyber-physical systems:Agame-theoretic approach[J].IEEE Trans on Automatic Control,2015,60(10):2831-2836.
[23]Yuan Y,Yuan H H,Guo L,et al.Resilient control of networked control system under DoS attacks:A unified game approach[J].IEEE Trans on Industrial Informatics,2016,12(5):1786-1794.
[24]Ding K M,Li Y Z,Quevedo D E,et al.Multi-channel transmission schedule for remote state estimation under DoS attacks[J].Automatica,2017,78:194-201.
[25]Zhao Y H,He X,Zhou D H.Optimal joint control and triggering strategies against denial of service attacks:A zero-sum game[J].IET Control Theory Applications,2017,11(4):2352-2360.
[26]Wu J,Chen T W.Design of networked control systems with packet dropouts[J].IEEE Trans on Automatic Control,2007,52(7):1314-1319.
[27]Wang Z D,Ho D W C,Liu Y R,et al.Robust H∞control for a class of nonlinear discrete time-delay stochastic systems with missing measurements[J],Automatica,2009,45:684-691.
[28]Xu W Y,Trappe W,Zhang Y Y,et al.The feasibility of launching and detecting jamming attacks in wireless networks[C].Proc of the 6th ACM Int Symposium on Mobile Ad Hoc Networking and computing.Urbana-Champaign,2005:46-57.
[29]Xu W Y,Ma K,Trappe W,et al.Jamming sensor networks:Attack and defense strategies[J].IEEENetwork,2006,20(3):41-47.
[30]Richard P.Modern communications jamming:Principles and techniques[M].Norwood:Artech House,2011:504-508.
[31]Wang Z D,Ho D W C,Liu Y R,et al.Varianceconstrained filtering for uncertain stochastic systems with missing measurements[J].IEEE Trans on Automatic Control,2003,48(7):1254-1258.
[32]Zhang W A,Yu L.Output feedback stabilization of networked control systems with packet dropouts[J].IEEETrans on Automatic Control,2007,52(9):1705-1710.
[33]Chaomel L E,Oustry F,Aitrami M.A cone complementarity linearization algorithm for static output feedback and related problems[J].IEEE Trans on Automatic Control,1997,42(8):1171-1176.
[2]Sampigethaya K,Poovendran R.Aviation cyber-physical systems:Foundations for future aircraft and air transport[J].Proc of the IEEE,2013,101(8):1834-1855.
[3]Mo Y L,Kim T H,Brancik K,et al.Cyber-physical security of a smart gird infrastructure[J].Proc of the IEEE,2012,100(99):1-15.
[4]Liu Y G,Xu B G,Ding Y H.Convergence analysis of cooperative breaking control for interconnected vehicle systems[J].IEEE Trans on Intelligence Transport Systems,2017,18(7):1894-1906.
[5]Lee I,Sokolsky O,Chen S J,et al.Challenges and research directions in medical cyber-physical systems[J].Proc of the IEEE,2012,100(1):75-90.
[6]Jazdi N.Cyber physical system in the context of industry4.0[C].Proc of the IEEE Int Conf on Automation,Quality and Testing,Robotics.Cluj-Napoca,2014:1-4.
[7]Gungor V C,Hancke G P.Industrial wireless sensor networks:Challenges,design principles,and technical approaches[J].IEEE Trans on Industrial Electronics,2009,56(10):4258-4265.
[8]Cao X H,Chen J M,Xiao Y,et al.Building-Environment control with wireless sensor and actuator networks:centralized versus distributed[J].IEEE Trans on Industrial Electronics,2010,57(11):3596-3605.
[9]Frawell J P,Rohozinski R.Stuxnet and the future of cyber war[J].Survival,2011,53(1):23-40.
[10]Iasiello E.Cyber attack:A dull tool to shape foreign policy[C].Int Conf on Cyber Conflict.Tallinn,2013:1-18.
[11]Sundaram S,Hadjicosyis R.Distributed function calculation via linear iterative strategies in the presence of malicious agents[J].IEEE Trans on Automatic Control,2011,56(7):1495-1508.
[12]C′ardenas A A,Amin S,Sastry S.Secure control:Towards survivable cyber-physical systems[C].Proc of the 28th Conf on Distributed Computing Systems Workshops.Beijing,2008:495-500.
[13]Teixeira A,Perez D,Sandberg H,et al.Attack models and scenarios for networked control systems[C].Proc of1st Int Conf on High Confidence Networked Systems.Beijing,2012:55-64.
[14]Cetinkaya A,Ishii H,Hayakawa T.Networked control under random and malicious packet losses[J].IEEE Trans on Automatic Control,2017,62(5):2434-2449.
[15]Zhang H,Cheng P,Shi L,et al.Optimal denial-of-service attack scheduling with energy constraint[J].IEEE Trans on Automatic Control,2015,60(11):3023-3028.
[16]Zhang H,Cheng P,Shi L,et al.Optimal DoS attack scheduling in wireless networked control system[J].IEEETrans on Control System Technology,2016,24(3):843-852.
[17]Peng L H,Cao X H,Sun C Y,et al.Energy efficient jamming attack schedule against remote state estimation in wireless cyber-physical systems[J].Neurocomputing,2018,272:571-583.
[18]Foroush H S,Martínez S.On event-triggered control of linear systems under periodic denial of service attacks[C].Proc of IEEE 51st Annual Conf on Decision and Control.Maui,2012:2551-2556.
[19]Persis C D,Tesi P.Input-to-state stabilizing control under denial-of-service[J].IEEE Trans on Automatic Control,2015,60(11):2930-2944.
[20]Feng S,Tesi P.Resilient control under denial-of-service:Robust design[J].Automatica,2017,79:42-51.
[21]Dolk V S,Tesi P.Event-triggered control systems under denial-of-service attacks[J].IEEE Trans on Control Network Systems,2017,4(1):93-104.
[22]Li Y Z,Shi L,Cheng P,et al.Jamming attacks on remote state estimation in cyber-physical systems:Agame-theoretic approach[J].IEEE Trans on Automatic Control,2015,60(10):2831-2836.
[23]Yuan Y,Yuan H H,Guo L,et al.Resilient control of networked control system under DoS attacks:A unified game approach[J].IEEE Trans on Industrial Informatics,2016,12(5):1786-1794.
[24]Ding K M,Li Y Z,Quevedo D E,et al.Multi-channel transmission schedule for remote state estimation under DoS attacks[J].Automatica,2017,78:194-201.
[25]Zhao Y H,He X,Zhou D H.Optimal joint control and triggering strategies against denial of service attacks:A zero-sum game[J].IET Control Theory Applications,2017,11(4):2352-2360.
[26]Wu J,Chen T W.Design of networked control systems with packet dropouts[J].IEEE Trans on Automatic Control,2007,52(7):1314-1319.
[27]Wang Z D,Ho D W C,Liu Y R,et al.Robust H∞control for a class of nonlinear discrete time-delay stochastic systems with missing measurements[J],Automatica,2009,45:684-691.
[28]Xu W Y,Trappe W,Zhang Y Y,et al.The feasibility of launching and detecting jamming attacks in wireless networks[C].Proc of the 6th ACM Int Symposium on Mobile Ad Hoc Networking and computing.Urbana-Champaign,2005:46-57.
[29]Xu W Y,Ma K,Trappe W,et al.Jamming sensor networks:Attack and defense strategies[J].IEEENetwork,2006,20(3):41-47.
[30]Richard P.Modern communications jamming:Principles and techniques[M].Norwood:Artech House,2011:504-508.
[31]Wang Z D,Ho D W C,Liu Y R,et al.Varianceconstrained filtering for uncertain stochastic systems with missing measurements[J].IEEE Trans on Automatic Control,2003,48(7):1254-1258.
[32]Zhang W A,Yu L.Output feedback stabilization of networked control systems with packet dropouts[J].IEEETrans on Automatic Control,2007,52(9):1705-1710.
[33]Chaomel L E,Oustry F,Aitrami M.A cone complementarity linearization algorithm for static output feedback and related problems[J].IEEE Trans on Automatic Control,1997,42(8):1171-1176.