Event-triggered control for stochastic networked control systems against Denial-of-Service attacks
Introduction
During the past few decades, NCSs have been widely applied in various practical areas, such as traffic management, mobile sensor networks, health care devices and so on [1], [2], [6], [35], [40]. However, the use of communication networks in NCSs makes the systems vulnerable to the possible malicious attacks, e.g., Denial-of-Service (DoS) attacks [3], replay attacks [45], false data injection attacks [27], deception attacks [10], stealthy attacks [36], covert attacks [29] and zero dynamics attacks [37], which may destabilize the systems, even destroy the systems in the worst case. In particular, the critical NCS-based infrastructures play a fundamental role in modern society. Their disruption can have a significant impact on public health, safety and lead to large economic losses. A well-known network security incident is the attack to Ukraine’s power grid in 2015 as described in [41]. In this incident, the computers at a power grid control center were remotely operated by adversaries, causing power outages in the Ukraine. Therefore, secure control of these NCSs is of greatest importance, which has really attracted much attention.
Recently, security issue of NCSs subject to DoS attacks have been studied widely. DoS attacks aim at blocking the communication link and effectively prevent transmission of data packets, causing the loss of data packets or even destroy the system in some severe cases. In [7], the authors considered the problem of finding optimal control and attack strategies assuming a maximum number of jamming actions over a prescribed finite control horizon, when DoS attacks either evolve according to a Bernoulli process or follow a hidden Markov process model. The authors of [11] proposed a novel attack model to describe a more complex case, that is, the DoS attacks and the deception attacks occur simultaneously in the system. Meanwhile, the behaviors of the attacker satisfy Bernoulli distribution with known conditional probabilities. From the view of energy-constrained DoS attacks, an optimal attack strategy has been presented to maximize the cost of the Linear Quadratic Gaussian control (LQG) [46]. The authors further studied the attack effect on the systems with multiple subsystems [47].
Different from the traditional time-triggered control, i.e., the sampling of sensors and updating of controllers are executed periodically, the control tasks under event-triggered control (ETC) are executed after the occurrence of an event, which is generated by designed triggering conditions [38]. The event-triggered dissipative control was considered in [42], where the system states of the stochastic plant were first sampled non-uniformly. Some effective ETMs were proposed to alleviate the degradation of system performance under different situations of DoS attacks. For example, the resilient event-triggering communication scheme was given under periodic DoS jamming attacks in [23]. Similarly, in [33], the resilient ETM was given based on the output such that the system could tolerate a larger time delay when DoS attacks occur. And the security-based resilient ETM was also proposed to guarantee the security performance of systems in [34]. As well as the authors of [26] considered the decentralized observed-based ETM when DoS attacks occurred on different channels. However, the transmission source saved due to the existence of ETMs, which is the main feature brought by ETMs, is not considered and analysed in these work. Some other research, see [12], [13], [15], [21], [25], [30], [44], demonstrated that ETC can hugely decrease communication traffic over networks and maintain a satisfactory closed-loop performance. This indicated that each sampling in ETC systems is very important to ensure the stability of the closed-loop systems. In [39], the authors analysed the trade-off between the sensor-to-controller communication rate and the closed-loop system performance indexed by the conventional LQG control cost. Several sensor data schedules were presented and compared, and two event-based sensor data schedules were demonstrated which have better trade-off than an optimal off-line schedule. However, the data in [39] would be transmitted from sensor to estimator at least once within any two consecutive instants, i.e., the average transmission rate of ETM is at least 50%, which motivates us to investigate a new ETM to save more communication resource.
In this paper, a class of linear stochastic systems subject to DoS attacks are considered, where ETC is employed to mitigate communication loads. The contributions of this paper are summarised as follows.
- 1.
A new ETM is proposed, under which data packets could be actively dropped for every steps, in order to save more communication resources.
- 2.
The estimation error covariance of the state is derived and the performance indexed by LQG control cost function of system is analysed.
- 3.
The scenario when the system is under DoS attacks is considered and analysed.
The rest of the paper is organized as follows. Section II presents the problem description. A new ETM is proposed in both situations that DoS attacks are absent or present and the stability of systems in both two situations are shown as well in Section III. Then the corresponding performance of systems indexed by LQG control cost function is analysed. Numerical examples are given to illustrate the efficiency and the feasibility of the proposed results in Section IV, followed by the conclusions in Section V.
Notations: is the set of real number. is the set of non-negative integers. is the set of positive integers. and denote the set of n by n symmetric positive semi-define and positive define matrices over the real field, respectively. is the time index. stands for the n dimensional Euclidean space. is the expectation of a random variable and [ · | · ] is the conditional expectation. Var( · ) stands for the variance of a random variable. Pr( · ) is the probability of a random event. Tr[ · ] is the trace of a matrix. ( · )T stands for the transposition. ‖ · ‖∞ stands for the Infinity norm. ‖ · ‖ stands for the Euclidean norm. ϱ( · ) denotes the spectral radius of a matrix. Define a function as . Define where and is a random variable obeying the standard normal distribution. If then where β(δ) is defined by and q(δ) is the standard q-function defined by .
Section snippets
Problem statement
In this section, the system model studied in this paper is introduced and the problem formulation is presented.
Main results
In this section, the analyse is divided into two scenarios. One is the absence of DoS attacks in the system, the other is the presence of DoS attacks.
Simulation results
Consider a linear system and assume is Gaussian with
The performance of system is obtained by 5000 different initials and every initial value is iterated 500 steps. It is worthy noting that the method proposed in this paper is suitable for some practical application, such as the applications mentioned in [18], [19], [20], [43].
When and we have and
Conclusion
In this work, we have proposed a new ETM under which data packets could be actively dropped within consecutive steps, as long as the data packet at initial time is transmitted successfully. Then much more communication resource could be spared, reducing the burden of communication in the system. We investigated the estimation error covariance and the system performance with the proposed ETM when DoS attacks obeying Bernoulli distribution are present or absent. An upper bound of is given,
Declaration of Competing Interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
CRediT authorship contribution statement
Li Guo: Investigation, Conceptualization, Methodology, Formal analysis, Writing - original draft, Data curation, Software, Validation, Writing - review & editing. Hao Yu: Investigation, Methodology, Software. Fei Hao: Investigation, Funding acquisition, Supervision.
Acknowledgements
This work was supported by National Nature Science Foundation of China under Grant 61573036 and 61174057.
References (47)
- et al.
Data-injection attacks in stochastic control systems: detectability and performance tradeoffs
Automatica
(2017) - et al.
Optimal LQG control across packet-dropping links
Syst. Control Lett.
(2007) - et al.
Event-triggered state estimation for networked control systems with lossy network communication
Inf. Sci.
(2019) - et al.
An event-triggered approach to state estimation with multiple point–and set-valued measurements
Automatica
(2014) - et al.
A secure control framework for resource-limited adversaries
Automatica
(2015) - et al.
Event-triggered dissipative control for networked stochastic systems under non-uniform sampling
Inf. Sci.
(2018) - et al.
Input-to-state stability of integral-based event-triggered control for linear plants
Automatica
(2017) - et al.
Event-triggered predictor-based control with gain-scheduling and extended state observer for networked control systems
Inf. Sci.
(2019) - et al.
Cyber-security incidents: a review cases in cyber-physical systems
Int. J. Adv. Comput. Sci. Appl.
(2018) - et al.
Safe and secure networked control systems under Denial-of-Service attacks
Hybrid Systems: Computation and Control. Berlin, Germany: Springer-Verlag LNCS 5469
(2009)