Riccardo M.G. Ferrari | Cyber Physical Systems

Cyber-physical systems (CPSs) represent a class of networked control systems with vast and promising applications. This class may include for instance smart cities, intelligent transportation systems based on fleets of cooperative and autonomous vehicles or distributed sensing and control solutions that leverage Internet-of-Things (IoT) devices. As a common trait, these systems are expected to provide important functionalities that may positively influence our life and society. However, said positive outcomes may be hindered by novel threats to the safety of CPSs, such as malicious cyber-attacks that could negatively affect the physical domain. Furthermore, the sheer amount of data gathered, exchanged and processed by those architectures are going to pose fundamental societal interrogatives regarding privacy and confidentiality, and the fair use of such data (missing reference). Prevention, resilience and detection are key functionalities through which we can avoid that attacks in the cyber domain lead to loss of safety in the physical one.

We contributed to the problem of detecting stealthy cyber attacks in networked control systems by proposing a multiplicative sensor watermarking technique (Ferrari & Teixeira, 2021; Gallo et al., 2021). By taking inspiration from lightweight authentication techniques, we introduce a deterministic distortion into data sent by sensors to the controller, which is unknown to the attacker. This leads to a knowledge imbalance between an eavesdropping attacker and a defender, where the latter can use knowledge of the watermark and a model-based residual generator to detect otherwise stealthy attacks such as rerouting (Ferrari & Teixeira, 2017), replay (Ferrari & Teixeira, 2017) and zero-dynamics (Teixeira & Ferrari, 2018) injection ones. Differently than physical watermarking, our approach allows for perfect watermarking removal at controller level, thus unaffecting control performances.

We further explored the use of Differential Privacy (Dwork & Roth, 2014) to allow for privacy preserving distributed state estimation and anomaly detection, thus preventing the leakage of private data by eavesdroppers or by curious, although not necessarily malicious, third parties (Rostampour et al., 2018; Rostampour et al., 2020). Currently we are working towards fast, real time implementations of Fully Homomorphic Encryption schemes as a tool to guarantee confidentiality and integrity in a much more robust, albeit computationally expensive way (Gentry et al., 2013).

Joint work with (mostly): André Teixeira, Twan Keijzer, Alex Gallo, Vahab Rostampour.

Publications

ACM_TCPS

Switched Zero Dynamics Attacks on Sampled-Data Systems with Non-Uniform Sampling: Vulnerability and Countermeasures

Wolleswinkel, Bart, Mazo, Manuel, and Ferrari, Riccardo

ACM Transactions on Cyber-Physical Systems 2025

DOI
AUTO

Switching multiplicative watermark design against covert attacks

Gallo, Alexander J, Anand, Sribalaji C, Teixeira, Andre MH, and Ferrari, Riccardo MG

Automatica 2025

DOI
IEEE_LCSS

Periodic sparse control to prevent undetectable attacks on over-actuated systems

Wolleswinkel, Bart, Van Straalen, Ivo, Ballotta, Luca, Gallo, Alexander J, and Ferrari, Riccardo MG

IEEE Control Systems Letters 2025

DOI
IEEE_TAC

On the Output Redundancy of LTI Systems: A Geometric Approach With Application to Privacy

Yang, Guitao, Gallo, Alexander J, Barboni, Angelo, Ferrari, Riccardo MG, Serrani, Andrea, and Parisini, Thomas

IEEE Transactions on Automatic Control 2025

DOI
IEEE_TITS

Collaborative Vehicle Platoons With Guaranteed Safety Against Cyber-Attacks

Keijzer, Twan, Chanfreut, Paula, Maestre, José Marı́a, and Ferrari, Riccardo Maria Giorgio

IEEE Transactions on Intelligent Transportation Systems 2024

DOI
IEEE_LCSS

Secure State Estimation under Actuator and Sensor Attacks using Sliding Mode Observers

Keijzer, Twan, Ferrari, Riccardo M.G., and Sandberg, Henrik

IEEE Control Systems Letters 2023
IEEE_TAC

Privatized distributed anomaly detection for large-scale nonlinear uncertain systems

Rostampour, Vahab, Ferrari, Riccardo M.G., Teixeira, André M.H., and Keviczky, Tamas

IEEE Transactions on Automatic Control 2020
IEEE_TAC

A Switching Multiplicative Watermarking Scheme for Detection of Stealthy Cyber-Attacks

Ferrari, Riccardo M.G., and Teixeira, André M.H.

IEEE Transactions on Automatic Control 2021
ECC25

Zero Dynamics Attacks Subject to Actuator Saturation: A Constrained Optimization Approach

Wolleswinkel, Bart, Mazo, Manuel, and Ferrari, Riccardo

In European Control Conference 2025
CDC24

A Self-Triggered Control Watermarking Scheme for Detecting Replay Attacks

Wolleswinkel, Bart, Ferrari, Riccardo, and Mazo, Manuel

In 2024 IEEE 63rd Conference on Decision and Control (CDC) 2024

DOI
CDC23

Secure State Estimation under Actuator and Sensor Attacks using Sliding Mode Observers

Keijzer, Twan, Ferrari, Riccardo M.G., and Sandberg, Henrik

In Conference on Decision and Control 2023
CDC22

A Fully Homomorphic Encryption Scheme for Real-Time Safe Control

Stobbe, Pieter, Keijzer, Twan, and Ferrari, Riccardo M.G.

In Conference on Decision and Control 2022

Abs arXiv

Fully Homomorphic Encryption (FHE) has made it possible to perform addition and multiplication operations on encrypted data. Using FHE in control thus has the advantage that control effort for a plant can be calculated remotely without ever decrypting the exchanged information. FHE in its current form is however not practically applicable for real-time control as its computational load is very high compared to traditional encryption methods. In this paper a reformulation of the Gentry FHE scheme is proposed and applied on an FPGA to solve this problem. It is shown that the resulting FHE scheme can be implemented for real-time stabilization of an inverted double pendulum using discrete time control.
CDC22

Hierarchical Cyber-Attack Detection in Large-Scale Interconnected Systems

Keijzer, Twan, Gallo, Alexander J., and Ferrari, Riccardo M.G.

In Conference on Decision and Control 2022

Abs arXiv

In this paper we present a hierarchical scheme to detect cyber-attacks in a hierarchical control architecture for large-scale interconnected systems (LSS). We consider the LSS as a network of physically coupled subsystems, equipped with a two-layer controller: on the local level, decentralized controllers guarantee overall stability and reference tracking; on the supervisory level, a centralized coordinator sets references for the local regulators. We present a scheme to detect attacks that occur at the local level, with malicious agents capable of affecting the local control. The detection scheme is computed at the supervisory level, requiring only limited exchange of data and model knowledge. We offer detailed theoretical analysis of the proposed scheme, highlighting its detection properties in terms of robustness, detectability and stealthiness conditions.
SAFEPROCESS22

Cryptographic switching functions for multiplicative watermarking in cyber-physical systems

Gallo, Alexander J., and Ferrari, Riccardo M.G.

In IFAC Symposium on Fault Detection, Supervision and Safety for Technical Processes 2022

Abs arXiv

In this paper we present a novel switching function for multiplicative watermarking systems. The switching function is based on the algebraic structure of elliptic curves over finite fields. The resulting function allows for both watermarking generator and remover to define appropriate system parameters, sharing only limited information, namely a private key. We prove that the resulting watermarking parameters lead to a stable watermarking scheme.
CDC21

Design of multiplicative watermarking against covert attacks

Gallo, Alexander J., Anand, Sribalaji C., Teixeira, André M.H., and Ferrari, Riccardo M.G.

In Conference on Decision and Control 2021

arXiv
ECC21

Detection of Cyber-Attacks in a Collaborative Intersection Control Scenario

Keijzer, Twan, Jarmolowitz, Fabian, and Ferrari, Riccardo M.G.

In European Control Conference 2021

arXiv video
ECC21

Detection of Network and Sensor Cyber-Attacks in Platoons of Cooperative Autonomous Vehicles: a Sliding-Mode Observer Approach

Keijzer, Twan, and Ferrari, Riccardo M.G.

In European Control Conference 2021

arXiv video
CDC19

A Sliding Mode Observer Approach for Attack Detection and Estimation in Autonomous Vehicle Platoons using Event Triggered Communication

Keijzer, Twan, and Ferrari, Riccardo M.G.

In Conference on Decision and Control 2019
NECSYS19

Privacy-Preserving of System Model with Perturbed State Trajectories Using Differential Privacy: With Application to a Supply Chain Network

Nandakumar, Lakshminarayanan, Ferrari, Riccardo M.G., and Keviczky, Tamas

In IFAC Workshop on Distributed Estimation and Control in Networked Systems 2019
SAFEPROCESS18

Differentially-Private Distributed Fault Diagnosis for Large-Scale Nonlinear Uncertain Systems

Rostampour, Vahab, Ferrari, Riccardo M.G., Teixeira, André M.H., and Keviczky, Tamas

In IFAC Symposium on Fault Detection, Supervision and Safety for Technical Processes 2018
NECSYS18

Attack Detection and Estimation in Cooperative Vehicles Platoons: A Sliding Mode Observer Approach

Jahanshahi, Niloofar, and Ferrari, Riccardo M.G.

In IFAC Workshop on Distributed Estimation and Control in Networked Systems 2018
ECC18

Detection of Sensor Data Injection Attacks with Multiplicative Watermarking

Teixeira, André M.H., and Ferrari, Riccardo M.G.

2018
IFAC17

Detection and Isolation of Replay Attacks through Sensor Watermarking

Ferrari, Riccardo M.G., and Teixeira, André M.H.

2017
IFAC17

A Message Passing Algorithm for Automatic Synthesis of Probabilistic Fault Detectors from Building Automation Ontologies

Ferrari, Riccardo M.G., Baldi, Simone, and Dibowski, Henrik

In IFAC World Congress 2017
ACC17

Detection and isolation of routing attacks through sensor watermarking

Ferrari, Riccardo M.G., and Teixeira, André M.H.

In American Control Conference 2017

Abs

In networked control systems, leveraging the peculiarities of the cyber-physical domains and their interactions may lead to novel detection and defense mechanisms against malicious cyber-attacks. In this paper, we propose a multiplicative sensor watermarking scheme, where each sensor’s output is separately watermarked by a Single Input Single Output (SISO) filter. Hence, such scheme does not require communication between multiple sensors, but can still lead to detection and isolation of malicious cyber-attacks. In particular, we analyze the benefits of the proposed watermarking scheme for two attack scenarios: the physical sensor re-routing attack and the cyber measurement re-routing one. For each attack scenario, detectability and isolability properties are analyzed with and without the proposed watermarking scheme and we show how the watermarking scheme can be leveraged to detect cyber sensor routing attacks. In order to detect compromised sensors, we design an observer-based detector with a robust adaptive threshold. Additionally, we identify the sensors involved in the re-routing attacks by means of a tailored Recursive Least Squares parameter estimation algorithm. The results are illustrated through a numerical example.
SPRINGER

Safety, security, and privacy for cyber-physical systems

Springer 2021

Website
SPRINGER

Introduction

Ferrari, Riccardo M.G., and Teixeira, André M.H.

In Safety, security, and privacy for cyber-physical systems, Springer 2021

Website
SPRINGER

Detection of Cyber-Attacks: a Multiplicative Watermarking Scheme

Ferrari, Riccardo M.G., and Teixeira, André M.H.

In Safety, security, and privacy for cyber-physical systems, Springer 2021

Website
SPRINGER

Differentially Private Anomaly Detection for Interconnected Systems

Ferrari, Riccardo M.G., Degue, Kwassi H, and Le Ny, Jerome

In Safety, security, and privacy for cyber-physical systems, Springer 2021

Website
SPRINGER

Conclusions

Ferrari, Riccardo M.G.

In Safety, security, and privacy for cyber-physical systems, Springer 2021

Website

Additional References

The Algorithmic Foundations of Differential Privacy

Dwork, Cynthia, and Roth, Aaron

Now Publishers 2014
Homomorphic Encryption from Learning with Errors: Conceptually-Simpler, Asymptotically-Faster, Attribute-Based

Gentry, Craig, Sahai, Amit, and Waters, Brent

In Advances in Cryptology – CRYPTO 2013 2013