Cyber Physical Systems

Fully Homomorphic Encryption (FHE) has made it possible to perform addition and multiplication operations on encrypted data. Using FHE in control thus has the advantage that control effort for a plant can be calculated remotely without ever decrypting the exchanged information. FHE in its current form is however not practically applicable for real-time control as its computational load is very high compared to traditional encryption methods. In this paper a reformulation of the Gentry FHE scheme is proposed and applied on an FPGA to solve this problem. It is shown that the resulting FHE scheme can be implemented for real-time stabilization of an inverted double pendulum using discrete time control.

In this paper we present a hierarchical scheme to detect cyber-attacks in a hierarchical control architecture for large-scale interconnected systems (LSS). We consider the LSS as a network of physically coupled subsystems, equipped with a two-layer controller: on the local level, decentralized controllers guarantee overall stability and reference tracking; on the supervisory level, a centralized coordinator sets references for the local regulators. We present a scheme to detect attacks that occur at the local level, with malicious agents capable of affecting the local control. The detection scheme is computed at the supervisory level, requiring only limited exchange of data and model knowledge. We offer detailed theoretical analysis of the proposed scheme, highlighting its detection properties in terms of robustness, detectability and stealthiness conditions.

In this paper we present a novel switching function for multiplicative watermarking systems. The switching function is based on the algebraic structure of elliptic curves over finite fields. The resulting function allows for both watermarking generator and remover to define appropriate system parameters, sharing only limited information, namely a private key. We prove that the resulting watermarking parameters lead to a stable watermarking scheme.

In networked control systems, leveraging the peculiarities of the cyber-physical domains and their interactions may lead to novel detection and defense mechanisms against malicious cyber-attacks. In this paper, we propose a multiplicative sensor watermarking scheme, where each sensor’s output is separately watermarked by a Single Input Single Output (SISO) filter. Hence, such scheme does not require communication between multiple sensors, but can still lead to detection and isolation of malicious cyber-attacks. In particular, we analyze the benefits of the proposed watermarking scheme for two attack scenarios: the physical sensor re-routing attack and the cyber measurement re-routing one. For each attack scenario, detectability and isolability properties are analyzed with and without the proposed watermarking scheme and we show how the watermarking scheme can be leveraged to detect cyber sensor routing attacks. In order to detect compromised sensors, we design an observer-based detector with a robust adaptive threshold. Additionally, we identify the sensors involved in the re-routing attacks by means of a tailored Recursive Least Squares parameter estimation algorithm. The results are illustrated through a numerical example.