Alexandria Digital Research Library

Secure Control Systems: A Control-Theoretic Approach to Cyber-Physical Security

Pasqualetti, Fabio
Degree Grantor:
University of California, Santa Barbara. Mechanical Engineering
Degree Supervisor:
Francesco Bullo
Place of Publication:
[Santa Barbara, Calif.]
University of California, Santa Barbara
Creation Date:
Issued Date:
Engineering, System Science, Engineering, Mechanical, and Engineering, Computer
Cyber-Physical Security
Distributed Computation
Fault Detection
Graph Theory
Complex Systems
Dissertations, Academic and Online resources
Ph.D.--University of California, Santa Barbara, 2012

Cyber-physical systems and networks form a ubiquitous computing substrate that underlies much of modern technological society. Examples include embedded systems, such as medical devices, communication peripherals, smart vehicles, and large-scale systems, such as transportation networks, power generation grids, and water distribution systems. Researchers and hackers have recently shown that cyber-physical systems are vulnerable to remote attacks targeting their physical infrastructure or their data management and communication layer. Due to the crucial role of cyber-physical systems in everyday life, the development of advanced security monitors is of utmost importance.

This thesis addresses problems concerning security of cyber-physical systems. Our contribution is threefold. First, we propose a unified modeling framework for cyber-physical systems, monitors, and attacks. For our model we define the notions of detectability and identifiability of an attack by its effect on output measurements, and we characterize fundamental monitoring limitations. Additionally, we provide algebraic and graph-theoretic tests for the existence of undetectable and unidentifiable attacks in cyber-physical systems. Second, we design centralized and distributed monitors for the detection and identification of attacks from output measurements. Our monitors leverage on tools from control theory and distributed computing, such as conditioned invariant subspaces and waveform relaxation techniques. Our monitors are provably correct, and effective against attacks targeting both the physical infrastructure and the communication layer. Third, we exploit our findings to design undetectable attack strategies. Our attack design method relies upon the control-theoretic notion of controlled invariant subspace. Our attack strategy is specific, in the sense that the attack signal is cast to alter the system functionality in a pre-specified manner. Finally, we present several illustrative examples. Besides showing the effectiveness of our methods for the analysis of systems vulnerabilities, the design of security monitors, and the synthesis of attack strategies, our numerical examples confirm that our methods are effective also in the presence of system noise and unmodeled dynamics.

Physical Description:
1 online resource (264 pages)
UCSB electronic theses and dissertations
Catalog System Number:
Inc.icon only.dark In Copyright
Copyright Holder:
Fabio Pasqualetti
Access: This item is restricted to on-campus access only. Please check our FAQs or contact UCSB Library staff if you need additional assistance.