Estimation and Prevention of Actuator Enablement Attacks in Discrete-Event Systems Under Supervisory Control

• Published in: IEEE transactions on automatic control Vol. 69; no. 9; pp. 5963 - 5978
• Main Authors: He, Zhaoyang, Wu, Naiqi, Li, Zhiwu
• Format: Journal Article
• Language: English
• Published: New York IEEE 01.09.2024; The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
• Subjects: Actuator attack; Actuators; Algorithms; Automata; automaton; Control systems; Discrete event systems; discrete-event system; Intrusion; Modules; Prevention; Resists; Sensors; Supervisory control
• ISSN: 0018-9286; 1558-2523
• DOI: 10.1109/TAC.2024.3367656

This article addresses the problems of estimation and prevention of actuator attacks in the framework of discrete-event systems under supervisory control, where an attack estimation helps an intruder evaluate whether a controlled system can be driven to an undesirable state after being attacked based on partial observation before an actual attack is enforced. The intruder implements an actuator enablement attack by enabling a vulnerable actuator event that has been disabled by a supervisor. To solve this problem, from the intruder's viewpoint, we first introduce a concept of strong actuator enablement estimability (AE-estimability) that allows the intruder to definitely decide that a controlled system can reach an undesirable state after receiving attacks. Then, a concept of weak AE-estimability is proposed to make the intruder incapable of accurately deciding whether an undesirable state in the controlled system subject to attacks is reached even if it has already been reached. We then construct an estimator for assisting the intruder to verify these two estimabilities. From the perspective of prevention, to protect a controlled system from attacks without changing the original behavior of the system, we design a prevention module to mislead an intruder's attack estimation by using the reverse sensor functions to modify sensor readings. Finally, an information construct called a reverse sensor structure is presented to characterize the interaction among an intruder, an estimator, and a prevention module. An algorithm is given to synthesize reverse sensor functions based on the proposed structure.