Event-triggered control for stochastic networked control systems against Denial-of-Service attacks

Abstract

Recently, the security issues in networked control systems have become a major challenge, since networked control systems (NCSs) are vulnerable to malicious attacks. In this paper, a new event-triggered mechanism (ETM) is proposed, under which data packets could be actively dropped within consecutive steps, saving more communication resource than the existing ETM. Moreover, the effect of Denial-of-Service (DoS) attacks obeying Bernoulli distribution is considered and analysed. Furthermore, the corresponding estimation error covariance of the state is derived and the performance of system is analysed under the ETM both in the absence and presence of DoS attacks. Finally, the effectiveness of the proposed ETM is demonstrated by Monte Carlo simulation experiments and the feasibility of theoretical results is validated by numerical examples.

Introduction

During the past few decades, NCSs have been widely applied in various practical areas, such as traffic management, mobile sensor networks, health care devices and so on [1], [2], [6], [35], [40]. However, the use of communication networks in NCSs makes the systems vulnerable to the possible malicious attacks, e.g., Denial-of-Service (DoS) attacks [3], replay attacks [45], false data injection attacks [27], deception attacks [10], stealthy attacks [36], covert attacks [29] and zero dynamics attacks [37], which may destabilize the systems, even destroy the systems in the worst case. In particular, the critical NCS-based infrastructures play a fundamental role in modern society. Their disruption can have a significant impact on public health, safety and lead to large economic losses. A well-known network security incident is the attack to Ukraine’s power grid in 2015 as described in [41]. In this incident, the computers at a power grid control center were remotely operated by adversaries, causing power outages in the Ukraine. Therefore, secure control of these NCSs is of greatest importance, which has really attracted much attention.

Recently, security issue of NCSs subject to DoS attacks have been studied widely. DoS attacks aim at blocking the communication link and effectively prevent transmission of data packets, causing the loss of data packets or even destroy the system in some severe cases. In [7], the authors considered the problem of finding optimal control and attack strategies assuming a maximum number of jamming actions over a prescribed finite control horizon, when DoS attacks either evolve according to a Bernoulli process or follow a hidden Markov process model. The authors of [11] proposed a novel attack model to describe a more complex case, that is, the DoS attacks and the deception attacks occur simultaneously in the system. Meanwhile, the behaviors of the attacker satisfy Bernoulli distribution with known conditional probabilities. From the view of energy-constrained DoS attacks, an optimal attack strategy has been presented to maximize the cost of the Linear Quadratic Gaussian control (LQG) [46]. The authors further studied the attack effect on the systems with multiple subsystems [47].

Different from the traditional time-triggered control, i.e., the sampling of sensors and updating of controllers are executed periodically, the control tasks under event-triggered control (ETC) are executed after the occurrence of an event, which is generated by designed triggering conditions [38]. The event-triggered dissipative control was considered in [42], where the system states of the stochastic plant were first sampled non-uniformly. Some effective ETMs were proposed to alleviate the degradation of system performance under different situations of DoS attacks. For example, the resilient event-triggering communication scheme was given under periodic DoS jamming attacks in [23]. Similarly, in [33], the resilient ETM was given based on the output such that the system could tolerate a larger time delay when DoS attacks occur. And the security-based resilient ETM was also proposed to guarantee the security performance of systems in [34]. As well as the authors of [26] considered the decentralized observed-based ETM when DoS attacks occurred on different channels. However, the transmission source saved due to the existence of ETMs, which is the main feature brought by ETMs, is not considered and analysed in these work. Some other research, see [12], [13], [15], [21], [25], [30], [44], demonstrated that ETC can hugely decrease communication traffic over networks and maintain a satisfactory closed-loop performance. This indicated that each sampling in ETC systems is very important to ensure the stability of the closed-loop systems. In [39], the authors analysed the trade-off between the sensor-to-controller communication rate and the closed-loop system performance indexed by the conventional LQG control cost. Several sensor data schedules were presented and compared, and two event-based sensor data schedules were demonstrated which have better trade-off than an optimal off-line schedule. However, the data in [39] would be transmitted from sensor to estimator at least once within any two consecutive instants, i.e., the average transmission rate of ETM is at least 50%, which motivates us to investigate a new ETM to save more communication resource.

In this paper, a class of linear stochastic systems subject to DoS attacks are considered, where ETC is employed to mitigate communication loads. The contributions of this paper are summarised as follows.

• A new ETM is proposed, under which data packets could be actively dropped for every steps, in order to save more communication resources.

• The estimation error covariance of the state is derived and the performance indexed by LQG control cost function of system is analysed.

• The scenario when the system is under DoS attacks is considered and analysed.

The rest of the paper is organized as follows. Section II presents the problem description. A new ETM is proposed in both situations that DoS attacks are absent or present and the stability of systems in both two situations are shown as well in Section III. Then the corresponding performance of systems indexed by LQG control cost function is analysed. Numerical examples are given to illustrate the efficiency and the feasibility of the proposed results in Section IV, followed by the conclusions in Section V.

Notations: $\mathbb{R}$ is the set of real number. $\mathbb{Z}$ is the set of non-negative integers. $\mathbb{N}$ is the set of positive integers. ${\mathbb{S}}_{+}^n$ and ${\mathbb{S}}_{++}^n$ denote the set of n by n symmetric positive semi-define and positive define matrices over the real field, respectively. $k\in \mathbb{Z}$ is the time index. ${\mathbb{R}}^n$ stands for the n dimensional Euclidean space. $\mathbb{E}[·]$ is the expectation of a random variable and $\mathbb{E}$[ · | · ] is the conditional expectation. Var( · ) stands for the variance of a random variable. Pr( · ) is the probability of a random event. Tr[ · ] is the trace of a matrix. ( · )^T stands for the transposition. ‖ · ‖_∞ stands for the Infinity norm. ‖ · ‖ stands for the Euclidean norm. ϱ( · ) denotes the spectral radius of a matrix. Define a function $h:{\mathbb{S}}_{+}^n\mapsto {\mathbb{S}}_{+}^n$ as $h\left(X\right)\triangleq AX{A}^T+Q$. Define $\Gamma \left(\delta \right)\triangleq \mathbb{E}\left[g{g}^T\right|{\parallel g\parallel }_{\infty }\le \delta ],$ where $\delta \in {\mathbb{R}}_{>0}$ and $g\in {\mathbb{R}}^r$ is a random variable obeying the standard normal distribution. If $g\in \mathbb{R},$ then $\Gamma \left(\delta \right)=1-\beta \left(\delta \right),$ where β(δ) is defined by $\beta \left(\delta \right)=\frac{2}{\sqrt{2\pi }}\delta e^{-\frac{{\delta }^2}{2}}{[1-2q\left(\delta \right)]}^{-1}$ and q(δ) is the standard q-function defined by $q\left(\delta \right)\triangleq {\int }_{\delta }^{\infty }\frac{1}{\sqrt{2\pi }}{e}^{-\frac{x^2}{2}}dx$.