This is the wiki for the NSF SaTC project TWC: Small: Intrusion Detection and Resilience Against Attacks in Cyber and Cyber-Physical Control Systems
NSF award number: CNS-1421122.
This project investigates of a novel methodology for analyzing and designing secure cyber and cyber-physical systems that contain feedback control loops and that interact with their environment through a set of potentially vulnerable sensors and actuators. The actuators and sensors can be compromised by a malicious attacker intent on altering the system behavior by corrupting sensor values or actuator commands, thereby enabling or forcing the execution of unsafe behavior. Using a formal model-based approach, the following problems are being investigated: (i) Detection of intrusions that result in compromised system components (sensors or actuators); (ii) Design of remedial control strategies that combat malicious attackers upon detection of intrusion; and (iii) Design of control strategies that are resilient to potential intrusions and prevent damage from being inflicted upon the system. The technical approach being pursued has its foundations in the theories of diagnosability, opacity, and supervisory control of discrete-state event-driven dynamic systems. The research plan to the problems of intrusion detection and resilience against attacks contains a creative blend of these theories with game-theoretic approaches to reactive synthesis problems, in order to capture the dynamic game between the control system (acting as the defender) and the attacker. The goal of the defender is to optimize its trade-off between functionality and vulnerability. Given the prevalence of feedback control loops in cyber and cyber-physical systems, the methodology being developed will impact a large class of technological systems that are of great societal importance.
- X. Yin and S. Lafortune, “A uniform approach for synthesizing property-enforcing supervisors for partially-observed discrete-event systems”, IEEE Transactions on Automatic Control, to appear in August 2016.
- X. Yin and S. Lafortune, “Codiagnosability and coobservability under dynamic observations: Transformation and verification”, Automatica, vol. 61, pp. 241-252, 2015.
- Y.-C. Wu, G. Lederman, and S. Lafortune, "Enhancing opacity of stochastic discrete event systems using insertion functions", Proceedings of the 2016 American Control Conference, July 2016.
- Y.-C. Wu, V. Raman, S. Lafortune, and S.A. Seshia, "Obfuscator Synthesis for Privacy and Utility", Proceedings of the 8th NASA Formal Methods Symposium, Lecture Notes in Computer Science, Vol. 9690, Springer, June 2016, pp. 133-149.
- X. Yin and S. Lafortune, "On Two-Way Observer and Its Application to the Verification of Infinite-Step and K-Step Opacity", Proceedings of the 13th International Workshop on Discrete Event Systems, June 2016.
- L.K. Carvalho, Y.-C. Wu, R.H. Kwong, and S. Lafortune, "Detection and Prevention of Actuator Enablement Attacks in Supervisory Control Systems", Proceedings of the 13th International Workshop on Discrete Event Systems, June 2016.
- Y.-C. Wu and S. Lafortune, "Synthesis of Opacity-Enforcing Insertion Functions That Can Be Publicly Known", Proceedings of the 54th IEEE Conference on Decision and Control, pp. 3506 - 3513, December 2015.
- X. Yin and S. Lafortune, “A general approach for solving dynamic sensor activation problems for a class of properties”, Proc. 54th IEEE Conference on Decision and Control (CDC), Osaka, Japan, December 2015.
- X. Yin and S. Lafortune, “Minimization of sensor activation in decentralized fault diagnosis of discrete event systems”, Proc. 54th IEEE Conference on Decision and Control (CDC), Osaka, Japan, December 2015.
- X. Yin and S. Lafortune, "A New Approach for Synthesizing Opacity-Enforcing Supervisors for Partially-Observed Discrete-Event Systems", Proceedings of the 2015 American Control Conference, July 2015, pp. 377-383.
- X. Yin and S. Lafortune, “On the relationship between codiagnosability and coobservability under dynamic observations”, Proc. 2015 American Control Conference (ACC), Chicago, USA, July, pp. 390-395, 2015.
- Our technique of obfuscation by insertion of fictitious events is implemented in the tool called "VEiP" publicly available at: VEiP site
- A symbolic and more general version of this tool called "edisyn", described in our NFM 2016 paper, is publicly available at: edisyn site
Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.