Terminal set-based cyberattack detection in model predictive control systems with zero false alarms

IF 3.3 2区计算机科学 Q2 AUTOMATION & CONTROL SYSTEMS

Journal of Process Control Pub Date : 2025-03-25 DOI:10.1016/j.jprocont.2025.103409

Rahul Panicker, Aatam Gajjar, Nael H. El-Farra, Matthew J. Ellis

{"title":"Terminal set-based cyberattack detection in model predictive control systems with zero false alarms","authors":"Rahul Panicker, Aatam Gajjar, Nael H. El-Farra, Matthew J. Ellis","doi":"10.1016/j.jprocont.2025.103409","DOIUrl":null,"url":null,"abstract":"<div><div>The increased reliance of industrial control systems on networked components has made them more vulnerable to cyberattacks, necessitating cyberattack detection schemes specifically designed for detecting cyberattacks affecting industrial control systems. This work presents a set-membership-based detection scheme for systems under model predictive control (MPC). Specifically, we consider steady-state operation because many systems operate over long periods near a desired steady state. Provided the disturbances and measurement noise acting on the system are sufficiently small, we show that the closed-loop system under MPC is equivalent to the closed-loop system under a linear quadratic regulator, formulated with the same stage cost and weighting matrices, in a region containing the desired operating point. This equivalence is leveraged to show that the minimum robust positively invariant (mRPI) sets under both controllers are equivalent, enabling the calculation of the mRPI set for the closed-loop system under MPC. Using the mRPI set of the attack-free system, we present an attack detection scheme for systems under MPC and derive conditions under which the attack detection scheme applied to the attack-free closed-loop system does not raise an alarm. The detection scheme is applied to a simplified (linear) building space-cooling system to demonstrate that it does not raise false alarms during attack-free operation and that it successfully detects attacks when the system is subjected to a multiplicative false-data injection attack altering the data communicated over the sensor-controller link. Furthermore, the detection scheme’s applicability to nonlinear systems is assessed. Specifically, the detection scheme is applied to a nonlinear chemical process to demonstrate that the detection scheme does not raise false alarms during attack-free operation and successfully detects an attack when the process is subjected to a false-data injection cyberattack.</div></div>","PeriodicalId":50079,"journal":{"name":"Journal of Process Control","volume":"149 ","pages":"Article 103409"},"PeriodicalIF":3.3000,"publicationDate":"2025-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Process Control","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S095915242500037X","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"AUTOMATION & CONTROL SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The increased reliance of industrial control systems on networked components has made them more vulnerable to cyberattacks, necessitating cyberattack detection schemes specifically designed for detecting cyberattacks affecting industrial control systems. This work presents a set-membership-based detection scheme for systems under model predictive control (MPC). Specifically, we consider steady-state operation because many systems operate over long periods near a desired steady state. Provided the disturbances and measurement noise acting on the system are sufficiently small, we show that the closed-loop system under MPC is equivalent to the closed-loop system under a linear quadratic regulator, formulated with the same stage cost and weighting matrices, in a region containing the desired operating point. This equivalence is leveraged to show that the minimum robust positively invariant (mRPI) sets under both controllers are equivalent, enabling the calculation of the mRPI set for the closed-loop system under MPC. Using the mRPI set of the attack-free system, we present an attack detection scheme for systems under MPC and derive conditions under which the attack detection scheme applied to the attack-free closed-loop system does not raise an alarm. The detection scheme is applied to a simplified (linear) building space-cooling system to demonstrate that it does not raise false alarms during attack-free operation and that it successfully detects attacks when the system is subjected to a multiplicative false-data injection attack altering the data communicated over the sensor-controller link. Furthermore, the detection scheme’s applicability to nonlinear systems is assessed. Specifically, the detection scheme is applied to a nonlinear chemical process to demonstrate that the detection scheme does not raise false alarms during attack-free operation and successfully detects an attack when the process is subjected to a false-data injection cyberattack.

查看原文本刊更多论文

基于终端集的零虚警模型预测控制系统网络攻击检测

工业控制系统对网络组件的依赖程度越来越高，这使得它们更容易受到网络攻击，因此需要专门设计用于检测影响工业控制系统的网络攻击的网络攻击检测方案。本文提出了一种基于集成员的模型预测控制（MPC）系统检测方案。具体来说，我们考虑稳态运行，因为许多系统在理想的稳态附近长时间运行。如果作用在系统上的干扰和测量噪声足够小，我们证明了MPC下的闭环系统在包含期望工作点的区域内等效于线性二次型调节器下的闭环系统，它们具有相同的阶段成本和权重矩阵。利用该等价性表明两个控制器下的最小鲁棒正不变量（mRPI）集是等效的，从而可以计算MPC下闭环系统的mRPI集。利用无攻击系统的mRPI集合，给出了一种MPC下系统的攻击检测方案，并推导出了用于无攻击闭环系统的攻击检测方案不报警的条件。该检测方案应用于一个简化的（线性）建筑空间冷却系统，以证明它不会在无攻击操作期间发出假警报，并且当系统遭受乘法假数据注入攻击时，它成功地检测到攻击，改变了通过传感器-控制器链路通信的数据。此外，还评估了该检测方案对非线性系统的适用性。具体而言，将该检测方案应用于一个非线性化学过程，证明该检测方案在无攻击运行时不会产生假警报，并且在过程遭受虚假数据注入网络攻击时成功检测到攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Process Control 工程技术-工程：化工

CiteScore

7.00

自引率

11.90%

发文量

159

审稿时长

74 days

期刊介绍： This international journal covers the application of control theory, operations research, computer science and engineering principles to the solution of process control problems. In addition to the traditional chemical processing and manufacturing applications, the scope of process control problems involves a wide range of applications that includes energy processes, nano-technology, systems biology, bio-medical engineering, pharmaceutical processing technology, energy storage and conversion, smart grid, and data analytics among others. Papers on the theory in these areas will also be accepted provided the theoretical contribution is aimed at the application and the development of process control techniques. Topics covered include: • Control applications• Process monitoring• Plant-wide control• Process control systems• Control techniques and algorithms• Process modelling and simulation• Design methods Advanced design methods exclude well established and widely studied traditional design techniques such as PID tuning and its many variants. Applications in fields such as control of automotive engines, machinery and robotics are not deemed suitable unless a clear motivation for the relevance to process control is provided.