An active security control approach is developed in this article for cyber-physical systems (CPSs) under denial-of-service (DoS) attacks, where DoS attacks exist in both the sensor-to-controller ...(S-C) channel and the controller-to-actuator (C-A) channel. Due to the cost constraints of attacks, it is reasonable to consider that the number of maximum continuous DoS attacks in both the S-C and the C-A channels is bounded. Then, to defend the two-channel DoS attacks, an active security control strategy that makes full use of the unattacked intervals is designed to ensure that the control inputs are updated timely in each period. Meanwhile, a security controller that contains both the current and future control inputs is designed. Under the active security control strategy and the security controller, the addressed CPS under two-channel DoS attacks can be asymptotically stable without losing the control performance. Finally, both the simulations and experiments are given to demonstrate the effectiveness of the proposed active security control approach.
This paper develops a fully distributed framework to investigate the cooperative behavior of multiagent systems in the presence of distributed denial-of-service (DoS) attacks launched by multiple ...adversaries. In such an insecure network environment, two kinds of communication schemes, that is, sample-data and event-triggered communication schemes, are discussed. Then, a fully distributed control protocol with strong robustness and high scalability is well designed. This protocol guarantees asymptotic consensus against distributed DoS attacks. In this paper, "fully" emphasizes that the eigenvalue information of the Laplacian matrix is not required in the design of both the control protocol and event conditions. For the event-triggered case, two effective dynamical event-triggered schemes are proposed, which are independent of any global information. Such event-triggered schemes do not exhibit Zeno behavior even in the insecure environment. Finally, a simulation example is provided to verify the effectiveness of theoretical analysis.
This article presents a resilient model predictive control (MPC) framework to attenuate adverse effects of denial-of-service (DoS) attacks for cyber-physical systems (CPSs), where the system dynamics ...is modeled by a linear time-invariant system. A DoS attacker targets at blocking the controller to actuator (C-A) communication channel by launching adversarial jamming signals. We show that, in order to guarantee exponential stability of the closed-loop system, several conditions for resilient MPC should be satisfied. And these established conditions are explicitly related to the duration of DoS attacks and MPC parameters such as the prediction horizon and the terminal constraint. Two key techniques, including the μ-step positively invariant set and the modified initial feasible set are exploited for achieving exponential stability in the presence of DoS attacks. Moreover, the maximum allowable duration of the DoS attacker is also obtained by using the μ-step positively invariant set. Finally, the effectiveness of the proposed MPC algorithm is verified by simulated studies and comparisons.
This paper addresses the fuzzy load frequency control (LFC) problem for nonlinear multiarea power systems subject to cross-layer denial-of-service (DoS) attacks and network resource constraints. A ...novel switched interval type-2 fuzzy power model with three modes is established to reflect the impact of cross-layer DoS attacks. Moreover, to save network resources, memory-based dynamic event-triggered mechanisms, whose threshold parameters and conditions fully utilize historical packets, are proposed. Then, the boundary information of multiple membership function samples combined with slack matrices is considered to facilitate stability analysis. Besides, the piecewise Lyapunov-Krasovskii functional approach is used to ensure the exponential stability of systems. Finally, the proposed resilient LFC strategy is demonstrated by three-area power systems.
Distributed Denial-of-Service (DDoS) attacks pose a serious threat to the stability and security of edge intelligence devices (EIDs). To solve this issue, we first describe the cost of edge ...intelligence environments in detail and introduce the mean-field term, edge intelligence repair speed, and DDoS attack intensity, which provide a theoretical basis for the subsequent model construction. Second, based on Hamilton-Jacobi-Bellman backward and Fokker-Planck-Kolmogorov forward equations, a mean-field model is proposed. The optimal DDoS defense policy is then solved considering the strongest DDoS attack intensity and the best EID repair speed. Further, the focus is turned to the interaction between DDoS attackers and the edge intelligence environment. We give the update rule of the mean-field term and construct a mean-field game (MFG) model with a value function. Finally, we propose a multiagent deep reinforcement learning algorithm called MFGs with dueling double deep <inline-formula> <tex-math notation="LaTeX">Q </tex-math></inline-formula>-learning network (MFGD3QN) to solve the optimal DDoS defense policy problem under the MFG model. In the experiment, we compare MFGD3QN with several benchmark algorithms and verify the superiority of the MFGD3QN algorithm in an edge intelligence environment. We also carry out experiments on different hyperparameters of the MFGD3QN algorithm, lower visibility conditions of the edge intelligence environment, and different repair speeds of EIDs, which verify the robustness and feasibility of the algorithm.
This article focuses on the cooperative control problem of multiagent systems (MASs) subject to limited energy supply, unreliable communication and malicious attacks on devices. As the advancement of ...network technology, Denial-of-Services (DoS) attacks targeting MASs are prevalent. To detect the valid DoS attacks, this article designs a novel detection mechanism, which based on the voltage levels of the transceiver and receiver. Due to the state information may be more difficult to measure, the reduced order dynamic gain k-filters are designed to reconstruct the states based on only the system outputs. Then, based on the detection mechanism and estimated states, event-triggered resilient consensus controller and switched control strategy are designed, such that the MASs achieve leader-following consensus with less consumption of energy and nice resilience to DoS attacks. Finally, a simulation example is presented to demonstrate the effectiveness of the obtained theoretical results.
This article studies the observer-based event-triggered containment control problem for linear multiagent systems (MASs) under denial-of-service (DoS) attacks. In order to deal with situations where ...MASs states are unmeasurable, an improved separation method-based observer design method with less conservativeness is proposed to estimate MASs states. To save communication resources and achieve the containment control objective, a novel observer-based event-triggered containment controller design method based on observer states is proposed for MASs under the influence of DoS attacks, which can make the MASs resilient to DoS attacks. In addition, the Zeno behavior can be eliminated effectively by introducing a positive constant into the designed event-triggered mechanism. Finally, a practical example is presented to illustrate the effectiveness of the designed observer and the event-triggered containment controller.
Consensus control of multiagent systems (MASs) has applications in various domains. As MASs work in networked environments, their security control becomes critically desirable in response to various ...cyberattacks, such as denial of service (DoS). Efforts have been made in the development of both time- and event-triggered consensus control of MASs. However, there is a lack of precise calculation of control input during the attacking periods. To address this issue, a distributed secure consensus control with event triggering is developed for linear leader-following MASs under DoS attacks. It is designed with a dual-terminal event-triggered mechanism, which schedules information transmission through two triggered functions for each follower: one on the measurement channel (sensor-to-controller) and the other on the control channel (controller-to-actuator). To deal with DoS attacks, the combined states in the triggered functions are replaced by their estimations from an observer. Sufficient conditions are established for the duration and frequency of DoS attacks. To remove continuous monitoring of the measurement errors, a self-triggered secure control scheme is further developed, which combines the system states and other information at past triggered instants. Theoretical analysis shows that the followers in MASs under DoS attacks are able to track the leader and meanwhile the Zeno behavior is excluded. Case studies are conducted to demonstrate the effectiveness of our distributed secure consensus control of MASs.
In this article, we study communication-constrained networked control problems for linear time-invariant systems in the presence of Denial-of-Service (DoS) attacks, namely attacks that prevent ...transmissions over the communication network. Our article aims at exploring the tradeoffs between system resilience and network bandwidth capacity. Given a class of DoS attacks, we characterize the bit-rate conditions that are dependent on the unstable eigenvalues of the dynamic matrix of the plant and the parameters of DoS attacks, under which exponential stability of the closed-loop system can be guaranteed. Our characterization clearly shows the tradeoffs between the communication bandwidth and resilience against DoS. An example is given to illustrate the proposed approach.
PDF