Abstract: security issues in networked control systems (NCSs) have received increasing attention in recent years. However, security protection often requires extra energy consumption, computational overhead, and time delays, which could adversely affect the real-time and energy-limited system. In this paper, random cryptographic protection is implemented. It is less expensive with respect to computational overhead, time, and energy consumption, compared with persistent cryptographic protection. Under the consideration of weak attackers who have little system knowledge, ungenerous attacking capability and the desire for stealthiness and random zero{-}measurement attacks are introduced as the malicious modification of measurements into zero signals. NCS is modeled as a stochastic system with two correlated Bernoulli distributed stochastic variables for implementation of random cryptographic protection and occurrence of random zero{-}measurement attacks; the stochastic stability can be analyzed using a linear matrix inequality (LMI) approach. The proposed stochastic stability analysis can help determine the proper probability of running random cryptographic protection against random zero{-}measurement attacks with a certain probability. Finally, a simulation example is presented based on a vertical take-off and landing (VTOL) system. The results show the effectiveness, robustness, and application of the proposed method, and are helpful in choosing the proper protection mechanism taking into account the time delay and in determining the system sampling period to increase the resistance against such attacks.

随机零值攻击下基于随机加密防护的网络化控制系统随机稳定性分析

[1]Amin S, Litrico X, Sastry S, et al., 2013. Cyber security of water scada systems—part I: analysis and experimentation of stealthy deception attacks. IEEE Trans Contr Syst Technol, 21(5):1963-1970.

[2]Bennett C, Wicker SB, 2010. Decreased time delay and security enhancement recommendations for AMI smart meter networks. Power & Energy Society Innovative Smart Grid Technologies Conf, p.1-6.

[3]Cao HY, Zhu PD, Lu XC, et al., 2013. A layered encryption mechanism for networked critical infrastructures. IEEE Netw, 27(1):12-18.

[4]Ding DR, Wang ZD, Ho DWC, et al., 2017a. Observer-based event-triggering consensus control for multiagent systems with lossy sensors and cyber-attacks. IEEE Trans Cybern, 47(8):1936-1947.

[5]Ding DR, Wang ZD, Ho DWC, et al., 2017b. Distributed recursive filtering for stochastic systems under uniform quantizations and deception attacks through sensor networks. Automatica, 78:231-240.

[6]Ding DR, Wei GL, Zhang SJ, et al., 2017c. On scheduling of deception attacks for discrete-time networked systems equipped with attack detectors. Neurocomputing, 219:99-106.

[7]Feng Z, Wen GH, Hu GQ, 2017. Distributed secure coordinated control for multiagent systems under strategic attacks. IEEE Trans Cybern, 47(5):1273-1284.

[8]Hu J, Liu S, Ji DH, et al., 2016. On co-design of filter and fault estimator against randomly occurring nonlinearities and randomly occurring deception attacks. Int J Gener Syst, 45(5):619-632.

[9]Jiang W, Pop P, Jiang K, 2016. Design optimization for security- and safety-critical distributed real-time applications. Microprocess Microsyst, 52:401-415.

[10]Keel LH, Bhattacharyya SP, Howze JW, 1988. Robust control with structure perturbations. IEEE Trans Autom Contr, 33(1):68-78.

[11]Kogiso K, Fujita T, 2015. Cyber-security enhancement of networked control systems using homomorphic encryption. IEEE 54^th Annual Conf on Decision and Control, p.6836-6843.

[12]Muradore R, Quaglia D, 2015. Energy-efficient intrusion detection and mitigation for networked control systems security. IEEE Trans Ind Inform, 11(3):830-840.

[13]Pang ZH, Liu GP, 2012. Design and implementation of secure networked predictive control systems under deception attacks. IEEE Trans Contr Syst Technol, 20(5):1334-1342.

[14]Pasqualetti F, Dörfler F, Bullo F, 2013. Attack detection and identification in cyber-physical systems. IEEE Trans Autom Contr, 58(11):2715-2729.

[15]Qiu MK, Gao WZ, Chen M, et al., 2011. Energy efficient security algorithm for power grid wide area monitoring system. IEEE Trans Smart Grid, 2(4):715-723.

[16]Qiu MK, Su H, Chen M, et al, 2012. Balance of security strength and energy for a PMU monitoring system in smart grid. IEEE Commun Mag, 50(5):142-149.

[17]Shoukry Y, Gatsis K, Alanwar A, et al., 2016. Privacy-aware quadratic optimization using partially homomorphic encryption. IEEE 55$^text{th}$ Conf on Decision and Control, p.5053-5058.

[18]Tarn TJ, Rasis Y, 1976. Observers for nonlinear stochastic systems. IEEE Trans Autom Contr, 21(4):441-448.

[19]Teixeira A, Pérez D, Sandberg H, et al., 2012. Attack models and scenarios for networked control systems. Proc 1^st Int Conf on High Confidence Networked Systems, p.55-64.

[20]Teixeira A, Sou KC, Sandberg H, et al., 2015. Secure control systems: a quantitative risk management approach. IEEE Contr Syst, 35(1):24-45.

[21]Vamvoudakis KG, Hespanha JP, Sinopoli B, et al., 2014. Detection in adversarial environments. IEEE Trans Autom Contr, 59(12):3209-3223.

[22]Wang D, Wang ZD, Shen B, et al., 2016. Recent advances on filtering and control for cyber–physical systems under security and resource constraints. J Franklin Inst, 353(11):2451-2466.

[23]Wang WY, Xu Y, Khanna M, 2011. A survey on the communication architectures in smart grid. Comput Netw, 55(15):3604-3629.

[24]Wang YN, Lin ZR, Liang X, et al., 2016. On modeling of electrical cyber-physical systems considering cyber security. Front Inform Technol Electron Eng, 17(5):465-478.

[25]Xu SY, Lam J, Chen TW, 2004. Robust H_∞ control for uncertain discrete stochastic time-delay systems. Syst Contr Lett, 51(3):203-215.

[26]Zeng WT, Chow M, 2013. Modeling and optimizing the performance–security tradeoff on D-NCS using the coevolutionary paradigm. IEEE Trans Ind Inform, 9(1):394-402.

[27]Zhang JF, Blum RS, Lu XX, et al., 2015. Asymptotically optimum distributed estimation in the presence of attacks. IEEE Trans Signal Process, 63(5):1086-1101.