Cyber-Attacks with Resource Constraints on Discrete Event Systems Under Supervisory Control

Zhaoyang He; Naiqi Wu; Rong Su; Zhiwu Li

IEEE/CAA Journal of Automatica Sinica

JCR Impact Factor: 15.3, Top 1 (SCI Q1)

CiteScore: 23.5, Top 2% (Q1)
Google Scholar h5-index: 77， TOP 5

Article Contents

Article Navigation > IEEE/CAA Journal of Automatica Sinica > 2024 > In Press, Accepted Manuscript

Z. He, N. Wu, R. Su, and Z. Li, “Cyber-attacks with resource constraints on discrete event systems under supervisory control,” IEEE/CAA J. Autom. Sinica, vol. 11, no. 0, pp. 1–11, Jun. 2024.

Citation:

Z. He, N. Wu, R. Su, and Z. Li, “Cyber-attacks with resource constraints on discrete event systems under supervisory control,” IEEE/CAA J. Autom. Sinica, vol. 11, no. 0, pp. 1–11, Jun. 2024.

Z. He, N. Wu, R. Su, and Z. Li, “Cyber-attacks with resource constraints on discrete event systems under supervisory control,” IEEE/CAA J. Autom. Sinica, vol. 11, no. 0, pp. 1–11, Jun. 2024.

Citation:

Z. He, N. Wu, R. Su, and Z. Li, “Cyber-attacks with resource constraints on discrete event systems under supervisory control,” IEEE/CAA J. Autom. Sinica, vol. 11, no. 0, pp. 1–11, Jun. 2024.

PDF( 1369 KB)

Cyber-Attacks with Resource Constraints on Discrete Event Systems Under Supervisory Control

Funds: This work was partially supported by the Science Technology Development Fund, MSAR (0029/2023/RIA1)

More Information

Author Bio:
Zhaoyang He received the B.E. degree in computer science and technology and the M.E. degree in computer software and theory from the Shandong University of Science and Technology, in 2012 and 2016, respectively. He is currently a Ph.D. candidate in intelligent science and systems at the Institute of Systems Engineering, Macau University of Science and Technology, Macau, China. His research interests include supervisory control of discrete event systems and cyber security of cyber-physical systems

Naiqi Wu (Fellow, IEEE) received the B.S. degree in electrical engineering from Anhui University of Technology in 1982, the M.S. and Ph.D. degrees in systems engineering both from Xi’an Jiaotong University, in 1985 and 1988, respectively. From 1988 to 1995, he was with Shenyang Institute of Automation, Chinese Academy of Sciences and from 1995 to 1998, with Shantou University. He moved to Guangdong University of Technology in 1998. He joined Macau University of Science and Technology, Macau, China in 2013. He is currently a Chair Professor at the Institute of Systems Engineering, Macau University of Science and Technology, Macau, China. His research interests include production planning and scheduling, manufacturing system modeling and control, discrete event systems, Petri net theory and applications, intelligent transportation systems, and energy systems.He is the author or coauthor of one book, five book chapters, and 200+ peer-reviewed journal papers. He was an Associate Editor of the IEEE Transactions on Systems, Man, & Cybernetics, Part C, IEEE Transactions on Automation Science and Engineering, IEEE Transactions on Systems, Man, & Cybernetics: Systems, and Editor in Chief of Industrial Engineering Journal, and is an Associate Editor of Information Sciences

Rong Su (Senior Member, IEEE) received the B.E. degree from University of Science and Technology of China, and the M.S. degree and the PhD degree from University of Toronto, respectively. He was affiliated with University of Waterloo and Technical University of Eindhoven before he joined the School of Electrical & Electronic Engineering at Nanyang Technological University in 2010. His research interests include multi-agent systems, cybersecurity of cyber-physical systems, supervisory control, model-based fault diagnosis, control and optimization of complex networked systems with applications in flexible manufacturing, intelligent transportation, human-robot interface, and green buildings. In the aforementioned areas, Dr. Su has more than 300 journal and conference publications, two monographs and 22 granted/applied patents. He is an Associate Editor for Automatica, IEEE Transactions on Cybernetics, Journal of Discrete Event Dynamic Systems: Theory and Applications, and Journal of Control and Decision. He is a recipient of several best paper awards, including 2021 Hsue-shen Tsien Paper Award from IEEE/CAA Journal of Automatica Sinica, and an IEEE Distinguished Lecturer for IEEE Robotics and Automation Society

Zhiwu Li (Fellow, IEEE) received the B.S., M.S., and Ph.D. degrees in mechanical engineering, automatic control, and manufacturing engineering, respectively, all from Xidian University in 1989, 1992 and 1995, respectively. He joined Xidian University in 1992. Over the past decade, he was a Visiting Professor at the University of Toronto, Canada, Technion (Israel Institute of Technology), Israel, Martin-Luther University, Conservatoire National des Arts et Métiers, (CNAM), France, Meliksah Universitesi, Spanish, King Saud University, Saud: Arabia, and the University of Cagliari, ltaly. He is now also with the Institute of Systems Engineering, Macau University of Science and Technology, Macau, China. His current research interests include Petri net theory and application, supervisory control of discrete event systems, workflow modeling and analysis, system reconfiguration, game theory, and data and process mining.He is a Member of Discrete Event Systems Technical Committee of the IEEE Systems, Man, and Cybernetics Society, and a Member of IFAC Technical Committee on Discrete Event and Hybrid Systems from 2011 to 2014. He serves as a frequent reviewer for 100+ international journals including Automatica and a Number of the IEEE Transactions as well as many international conferences. He is listed in Marquis Who’s Who in the world, 27th Edition, 2010. He is a recipient of an Alexander von Humboldt Research Grant, Alexander von Humboldt Foundation, Germany, and Research in Paris, France. He is the Founding Chair of Xi’an Chapter of IEEE Systems, Man, and Cybernetics Society
Corresponding author: Zhiwu Li, e-mail: rsu@ntu.edu.sg
¹ \begin{document}$ 2^{\Sigma^{*}} $\end{document} is the power set of \begin{document}$ \Sigma^{*} $\end{document} that contains all subsets of \begin{document}$ \Sigma^{*} $\end{document}, i.e., \begin{document}$ 2^{\Sigma^{*}}=\{L|L\subseteq \Sigma^{*}\} $\end{document}.
² The first two constraints are given in [11], [29]. For the third constraint, we claim that this assumption is not so restrictive. In R-W method, the automaton realization \begin{document}$ H $\end{document} of a supervisor is in many instances a sub-automaton of a plant \begin{document}$ G $\end{document}. In this case, \begin{document}$ P_{o}[L(H)]\subseteq P_{o}[L(G)] $\end{document} trivially holds.
³ The supervisor \begin{document}$ S $\end{document} is already available such that the closed-loop behavior is \begin{document}$ L(S/G) = \overline{K} $\end{document}, where \begin{document}$ K $\end{document} is a controllable and observable sublanguage of \begin{document}$ L(G) $\end{document}. On this basis, we discuss whether the closed-loop system \begin{document}$ S/G $\end{document} satisfies combined-attackability in Definition 3.
⁴ The methods proposed in this work can be implemented by Python, and the code is available from https://github.com/ZhaoyangHe-MUST/CA.
Received Date: 2024-04-10
Accepted Date: 2024-05-30

Available Online: 2024-11-11

Abstract

Abstract

With the development of cyber-physical systems, system security faces more risks from cyber-attacks. In this work, we study the problem that an external attacker implements covert sensor and actuator attacks with resource constraints (the total resource consumption of the attacks is not greater than a given initial resource of the attacker) to mislead a discrete event system under supervisory control to reach unsafe states. We consider that the attacker can implement two types of attacks: One by modifying the sensor readings observed by a supervisor and the other by enabling the actuator commands disabled by the supervisor. Each attack has its corresponding resource consumption and remains covert. To solve this problem, we first introduce a notion of combined-attackability to determine whether a closed-loop system may reach an unsafe state after receiving attacks with resource constraints. We develop an algorithm to construct a corrupted supervisor under attacks, provide a verification method for combined-attackability in polynomial time based on a plant, a corrupted supervisor, and an attacker’s initial resource, and propose a corresponding attack synthesis algorithm. The effectiveness of the proposed method is illustrated by an example.
- Cyber-attack,
- cyber-physical system,
- discrete event system,
- supervisory control

FullText(HTML)

¹ $ 2^{\Sigma^{*}} $ is the power set of $ \Sigma^{*} $ that contains all subsets of $ \Sigma^{*} $, i.e., $ 2^{\Sigma^{*}}=\{L|L\subseteq \Sigma^{*}\} $.
² The first two constraints are given in [11], [29]. For the third constraint, we claim that this assumption is not so restrictive. In R-W method, the automaton realization $ H $ of a supervisor is in many instances a sub-automaton of a plant $ G $. In this case, $ P_{o}[L(H)]\subseteq P_{o}[L(G)] $ trivially holds.
³ The supervisor $ S $ is already available such that the closed-loop behavior is $ L(S/G) = \overline{K} $, where $ K $ is a controllable and observable sublanguage of $ L(G) $. On this basis, we discuss whether the closed-loop system $ S/G $ satisfies combined-attackability in Definition 3.
⁴ The methods proposed in this work can be implemented by Python, and the code is available from https://github.com/ZhaoyangHe-MUST/CA.

References(30)

References

[1]	R. Baheti and H. Gill, “Cyber-physical systems,” Impact Control Technol., vol. 12, no. 1, pp. 161–166, Mar. 2011.
[2]	Y. Liu, Y. Peng, B. Wang, S. Yao, and Z. Liu, “Review on cyber-physical systems,” IEEE/CAA J. Autom. Sinica, vol. 4, no. 1, pp. 27–40, Jan. 2017. doi: 10.1109/JAS.2017.7510349
[3]	S. Sridhar, A. Hahn, and M. Govindarasu, “Cyber-physical system security for the electric power grid,” Proc. IEEE, vol. 100, no. 1, pp. 210–224, Jan. 2012. doi: 10.1109/JPROC.2011.2165269
[4]	K. Zhang, C. Keliris, T. Parisini, B. Jiang, and M. M. Polycarpou, “Passive attack detection for a class of stealthy intermittent integrity attacks,” IEEE/CAA J. Autom. Sinica, vol. 10, no. 4, pp. 898–915, Apr. 2023. doi: 10.1109/JAS.2023.123177
[5]	A. Cardenas, S. Amin, B. Sinopoli, A. Giani, A. Perrig, and S. Sastry, “Challenges for securing cyber physical systems,” in Proc. Workshop Future Directions Cyber——Physical Syst. Secur., Jul. 2009, vol. 5, no. 1, pp. 1–7.
[6]	M. Wakaiki, P. Tabuada, and J. P. Hespanha, “Supervisory control of discrete-event systems under attacks,” Dyn. Games Appl., vol. 9, no. 4, pp. 965–983, Dec. 2019. doi: 10.1007/s13235-018-0285-3
[7]	R. Meira-Góes, S. Lafortune, and H. Marchand, “Synthesis of supervisors robust against sensor deception attacks,” IEEE Trans. Autom. Control, vol. 66, no. 10, pp. 4990–4997, Oct. 2021. doi: 10.1109/TAC.2021.3051459
[8]	Q. Zhang, C. Seatzu, Z. Li, and A. Giua, “Selection of a stealthy and harmful attack function in discrete event systems,” Sci. Rep., vol. 12, no. 1, pp. 1–14, Sep. 2022. doi: 10.1038/s41598-021-99269-x
[9]	R. Meira-Góes, E. Kang, R. Kwong, and S. Lafortune, “Stealthy deception attacks for cyber-physical systems,” in Proc. IEEE 56th Annu. Conf. Decis. Control, Dec. 2017, pp. 4224–4230.
[10]	W. Duo, M. Zhou, and A. Abusorrah, “A survey of cyber attacks on cyber physical systems: Recent advances and challenges,” IEEE/CAA J. Autom. Sinica, vol. 9, no. 5, pp. 784–800, May 2022. doi: 10.1109/JAS.2022.105548
[11]	L. Lin and R. Su, “Synthesis of covert actuator and sensor attackers,” Automatica, vol. 130, p. 109714, Aug. 2021. doi: 10.1016/j.automatica.2021.109714
[12]	L. K. Carvalho, Y.-C. Wu, R. Kwong, and S. Lafortune, “Detection and prevention of actuator enablement attacks in supervisory control systems,” in Proc. 13th Int. Workshop Discrete Event Syst., May 2016, pp. 298–305.
[13]	——, “Detection and mitigation of classes of attacks in supervisory control systems,” Automatica, vol. 97, pp. 121–133, Nov. 2018. doi: 10.1016/j.automatica.2018.07.017
[14]	R. Sengupta and S. Lafortune, “An optimal control theory for discrete event systems,” SIAM J. Control Optimiz., vol. 36, no. 2, pp. 488–541, Mar. 1998. doi: 10.1137/S0363012994260957
[15]	Y. Ji, X. Yin, and S. Lafortune, “Optimal supervisory control with mean payoff objectives and under partial observation,” Automatica, vol. 123, p. 109359, Jan. 2021. doi: 10.1016/j.automatica.2020.109359
[16]	H. Guo, J. Sun, and Z.-H. Pang, “Residual-based false data injection attacks against multi-sensor estimation systems,” IEEE/CAA J. Autom. Sinica, vol. 10, no. 5, pp. 1181–1191, May 2023. doi: 10.1109/JAS.2023.123441
[17]	D. Thorsley and D. Teneketzis, “Intrusion detection in controlled discrete event systems,” in Proc. IEEE 45th Conf. Decis. Control, Dec. 2006, pp. 6047–6054.
[18]	R. Su, “Supervisor synthesis to thwart cyber attack with bounded sensor reading alterations,” Automatica, vol. 94, pp. 35–44, Aug. 2018. doi: 10.1016/j.automatica.2018.04.006
[19]	R. Meira-Góes, E. Kang, R. Kwong, and S. Lafortune, “Synthesis of sensor deception attacks at the supervisory layer of cyber–physical systems,” Automatica, vol. 121, p. 109172, Nov. 2020. doi: 10.1016/j.automatica.2020.109172
[20]	A. Khoumsi, “Sensor and actuator attacks of cyber-physical systems: A study based on supervisory control of discrete event systems,” in Proc. 8th Int. Conf. Syst. Control, Oct. 2019, pp. 176–182.
[21]	R. Meira-Góes, H. Marchand, and S. Lafortune, “Dealing with sensor and actuator deception attacks in supervisory control,” Automatica, vol. 147, p. 110736, Jan. 2023. doi: 10.1016/j.automatica.2022.110736
[22]	Q. Zhang, C. Seatzu, Z. L, and A. Giua, “Sensor and actuator attacks in discrete event systems,” IFAC-PapersOnLine, vol. 55, no. 28, pp. 38–45, Sep. 2022. doi: 10.1016/j.ifacol.2022.10.321
[23]	P. M. Lima, M. V. S. Alves, L. K. Carvalho, and M. V. Moreira, “Security against network attacks in supervisory control systems,” IFAC-PapersOnLine, vol. 50, no. 1, pp. 12 333–12 338, Jul. 2017. doi: 10.1016/j.ifacol.2017.08.2161
[24]	——, “Security against communication network attacks of cyber-physical systems,” J. Control Autom. Electr. Syst., vol. 30, no. 1, pp. 125–135, Feb. 2019. doi: 10.1007/s40313-018-0420-9
[25]	Y. Li, C. N. Hadjicostis, and N. Wu, “Tamper-tolerant diagnosability under bounded or unbounded attacks,” IFAC-PapersOnLine, vol. 55, no. 28, pp. 52–57, Sep. 2022. doi: 10.1016/j.ifacol.2022.10.323
[26]	R. Meira-Góes, R. Kwong, and S. Lafortune, “Synthesis of optimal multi-objective attack strategies for controlled systems modeled by probabilistic automata,” IEEE Trans. Autom. Control, vol. 67, no. 6, pp. 2873–2888, Jun. 2022. doi: 10.1109/TAC.2021.3094737
[27]	R. Tai, L. Lin, and R. Su, “Synthesis of optimal covert sensor-actuator attackers for discrete-event systems,” Automatica, vol. 151, p. 110910, May 2023. doi: 10.1016/j.automatica.2023.110910
[28]	C. G. Cassandras and S. Lafortune, Introduction to Discrete Event Systems. Cham, Switzerland: Springer, 2021.
[29]	A. Bergeron, “A unified approach to control problems in discrete event processes,” RAIRO-Theor. Inf. Appl., vol. 27, no. 6, pp. 555–573, 1993. doi: 10.1051/ita/1993270605551
[30]	Q. Zhang, Z. Li, C. Seatzu, and A. Giua, “Stealthy attacks for partially-observed discrete event systems,” in Proc. IEEE 23rd Int. Conf. Emerg. Technol. Factory Autom., Sep. 2018, vol. 1, pp. 1161–1164.

Supplements(0)

Cited By

Proportional views

Proportional views

通讯作者: 陈斌, bchen63@163.com

1.
沈阳化工大学材料科学与工程学院沈阳 110142

Figures(5)

Get Citation

PDF

XML

Article Metrics

Article views (13) PDF downloads(4)

Cyber-Attacks with Resource Constraints on Discrete Event Systems Under Supervisory Control

Abstract

References

Proportional views

Catalog

通讯作者: 陈斌, bchen63@163.com

Article Metrics

Export File

Citation

Format

Content