banner

Cyber Physical Systems

safety, security and privacy

Cyber-physical systems (CPSs) represent a class of networked control systems with vast and promising applications. This class may include for instance smart cities, intelligent transportation systems based on fleets of cooperative and autonomous vehicles or distributed sensing and control solutions that leverage Internet-of-Things (IoT) devices. As a common trait, these systems are expected to provide important functionalities that may positively influence our life and society. However, said positive outcomes may be hindered by novel threats to the safety of CPSs, such as malicious cyber-attacks that could negatively affect the physical domain. Furthermore, the sheer amount of data gathered, exchanged and processed by those architectures are going to pose fundamental societal interrogatives regarding privacy and confidentiality, and the fair use of such data (Ferrari & Teixeira, 2021). Prevention, resilience and detection are key functionalities through which we can avoid that attacks in the cyber domain lead to loss of safety in the physical one.

We contributed to the problem of detecting stealthy cyber attacks in networked control systems by proposing a multiplicative sensor watermarking technique (Ferrari & Teixeira, 2021; Gallo et al., 2021). By taking inspiration from lightweight authentication techniques, we introduce a deterministic distortion into data sent by sensors to the controller, which is unknown to the attacker. This leads to a knowledge imbalance between an eavesdropping attacker and a defender, where the latter can use knowledge of the watermark and a model-based residual generator to detect otherwise stealthy attacks such as rerouting (Ferrari & Teixeira, 2017), replay (Ferrari & Teixeira, 2017) and zero-dynamics (Teixeira & Ferrari, 2018) injection ones. Differently than physical watermarking, our approach allows for perfect watermarking removal at controller level, thus unaffecting control performances.

We further explored the use of Differential Privacy (Dwork & Roth, 2014) to allow for privacy preserving distributed state estimation and anomaly detection, thus preventing the leakage of private data by eavesdroppers or by curious, although not necessarily malicious, third parties (Rostampour et al., 2018; Rostampour et al., 2020). Currently we are working towards fast, real time implementations of Fully Homomorphic Encryption schemes as a tool to guarantee confidentiality and integrity in a much more robust, albeit computationally expensive way (Gentry et al., 2013).

Joint work with (mostly): André Teixeira, Twan Keijzer, Alex Gallo, Vahab Rostampour.

Publications

  1. IEEE_LCSS
    Secure State Estimation under Actuator and Sensor Attacks using Sliding Mode Observers
    Keijzer, Twan, Ferrari, Riccardo M.G., and Sandberg, Henrik
    IEEE Control Systems Letters 2023
  2. IEEE_TAC
    Privatized distributed anomaly detection for large-scale nonlinear uncertain systems
    Rostampour, Vahab, Ferrari, Riccardo M.G., Teixeira, André M.H., and Keviczky, Tamas
    IEEE Transactions on Automatic Control 2020
  3. IEEE_TAC
    A Switching Multiplicative Watermarking Scheme for Detection of Stealthy Cyber-Attacks
    Ferrari, Riccardo M.G., and Teixeira, André M.H.
    IEEE Transactions on Automatic Control 2021
  4. CDC23
    Secure State Estimation under Actuator and Sensor Attacks using Sliding Mode Observers
    Keijzer, Twan, Ferrari, Riccardo M.G., and Sandberg, Henrik
    In Conference on Decision and Control 2023
  5. CDC22
    A Fully Homomorphic Encryption Scheme for Real-Time Safe Control
    Stobbe, Pieter, Keijzer, Twan, and Ferrari, Riccardo M.G.
    In Conference on Decision and Control 2022
  6. CDC22
    Hierarchical Cyber-Attack Detection in Large-Scale Interconnected Systems
    Keijzer, Twan, Gallo, Alexander J., and Ferrari, Riccardo M.G.
    In Conference on Decision and Control 2022
  7. SAFEPROCESS22
    Cryptographic switching functions for multiplicative watermarking in cyber-physical systems
    Gallo, Alexander J., and Ferrari, Riccardo M.G.
    In IFAC Symposium on Fault Detection, Supervision and Safety for Technical Processes 2022
  8. CDC21
    Design of multiplicative watermarking against covert attacks
    Gallo, Alexander J., Anand, Sribalaji C., Teixeira, André M.H., and Ferrari, Riccardo M.G.
    In Conference on Decision and Control 2021
  9. ECC21
    Detection of Cyber-Attacks in a Collaborative Intersection Control Scenario
    Keijzer, Twan, Jarmolowitz, Fabian, and Ferrari, Riccardo M.G.
    In European Control Conference 2021
  10. ECC21
    Detection of Network and Sensor Cyber-Attacks in Platoons of Cooperative Autonomous Vehicles: a Sliding-Mode Observer Approach
    Keijzer, Twan, and Ferrari, Riccardo M.G.
    In European Control Conference 2021
  11. CDC19
    A Sliding Mode Observer Approach for Attack Detection and Estimation in Autonomous Vehicle Platoons using Event Triggered Communication
    Keijzer, Twan, and Ferrari, Riccardo M.G.
    In Conference on Decision and Control 2019
  12. NECSYS19
    Privacy-Preserving of System Model with Perturbed State Trajectories Using Differential Privacy: With Application to a Supply Chain Network
    Nandakumar, Lakshminarayanan, Ferrari, Riccardo M.G., and Keviczky, Tamas
    In IFAC Workshop on Distributed Estimation and Control in Networked Systems 2019
  13. SAFEPROCESS18
    Differentially-Private Distributed Fault Diagnosis for Large-Scale Nonlinear Uncertain Systems
    Rostampour, Vahab, Ferrari, Riccardo M.G., Teixeira, André M.H., and Keviczky, Tamas
    In IFAC Symposium on Fault Detection, Supervision and Safety for Technical Processes 2018
  14. NECSYS18
    Attack Detection and Estimation in Cooperative Vehicles Platoons: A Sliding Mode Observer Approach
    Jahanshahi, Niloofar, and Ferrari, Riccardo M.G.
    In IFAC Workshop on Distributed Estimation and Control in Networked Systems 2018
  15. ECC18
    Detection of Sensor Data Injection Attacks with Multiplicative Watermarking
    Teixeira, André M.H., and Ferrari, Riccardo M.G.
    2018
  16. IFAC17
    Detection and Isolation of Replay Attacks through Sensor Watermarking
    Ferrari, Riccardo M.G., and Teixeira, André M.H.
    2017
  17. IFAC17
    A Message Passing Algorithm for Automatic Synthesis of Probabilistic Fault Detectors from Building Automation Ontologies
    Ferrari, Riccardo M.G., Baldi, Simone, and Dibowski, Henrik
    In IFAC World Congress 2017
  18. ACC17
    Detection and isolation of routing attacks through sensor watermarking
    Ferrari, Riccardo M.G., and Teixeira, André M.H.
    In American Control Conference 2017
  19. SPRINGER
    Safety, security, and privacy for cyber-physical systems
    Springer 2021
  20. SPRINGER
    Introduction
    Ferrari, Riccardo M.G., and Teixeira, André M.H.
    In Safety, security, and privacy for cyber-physical systems, Springer 2021
  21. SPRINGER
    Detection of Cyber-Attacks: a Multiplicative Watermarking Scheme
    Ferrari, Riccardo M.G., and Teixeira, André M.H.
    In Safety, security, and privacy for cyber-physical systems, Springer 2021
  22. SPRINGER
    Differentially Private Anomaly Detection for Interconnected Systems
    Ferrari, Riccardo M.G., Degue, Kwassi H, and Le Ny, Jerome
    In Safety, security, and privacy for cyber-physical systems, Springer 2021
  23. SPRINGER
    Conclusions
    Ferrari, Riccardo M.G.
    In Safety, security, and privacy for cyber-physical systems, Springer 2021

Additional References

  1. The Algorithmic Foundations of Differential Privacy
    Dwork, Cynthia, and Roth, Aaron
    Now Publishers 2014
  2. Homomorphic Encryption from Learning with Errors: Conceptually-Simpler, Asymptotically-Faster, Attribute-Based
    Gentry, Craig, Sahai, Amit, and Waters, Brent
    In Advances in Cryptology – CRYPTO 2013 2013