Login | Register

Cyber-Attack Detection and Mitigation in Networked Control Systems


Cyber-Attack Detection and Mitigation in Networked Control Systems

Ghaderi, Mohsen (2019) Cyber-Attack Detection and Mitigation in Networked Control Systems. Masters thesis, Concordia University.

This is the latest version of this item.

[thumbnail of Ghaderi_MASc_S2020.pdf]
Text (application/pdf)
Ghaderi_MASc_S2020.pdf - Accepted Version
Available under License Spectrum Terms of Access.


Cyber-Physical System (CPS) is the term used to describe the physical systems equipped with computation and communication capabilities. CPSs can be used in different applications e.g. autonomous vehicles, water distribution systems, smart grids, industry 4.0 and Internet of Things (IoT). CPSs have expectation of improving the capability of traditional engineering system but on the other hand, they arise several concerns about their security against cyber-attacks. In the last decade, several cyber-attacks targeting SCADA systems have been reported, see e.g. Maroochy water breach and the Stuxnet worm aimed Iran's nuclear facility. From a control point of view, a CPS can be interpreted as a Networked Control System (NCS) where the risk of cyber-attacks can be modeled as the possibility that malicious agents could compromise the communication channels. In order to benefit from CPSs, specially in safety critical systems, their vulnerabilities to cyber-attacks must be properly faced. In this thesis two control architectures for CPS are developed. In the first, starting from the analysis of active detection mechanisms available in the literature, we propose a novel architecture capable of detecting a broad class of False Data Injection (FDI) attacks. Such strategy has been contrasted with the well-known watermarking detection mechanism and it is shown that our solution is capable of detecting replay attacks without degrading the closed-loop performance of the system. Moreover, it is shown that compared to detection schemes resorting to auxiliary systems, the proposed strategy is less involved and of easier implementation. In particular, it can be installed on the existing NCS infrastructure without changing communications, controller or state estimator. In the second architecture, we propose another novel architecture capable of detecting and mitigating a broad class of FDI attacks. First, we propose a detection mechanism based on a coding scheme to limit the attacker's disclosure and disruptive resources and prevent the existence of stealthy attacks. Second, we propose an emergency local controller that is activated when an attack is detected or the plant's safety is in danger. It is proved that the proposed architecture always guarantees the safety of the system, regardless of the attack actions and detector performance. Moreover, plant's normal operation recovery is ensured once the attack is terminated.

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Electrical and Computer Engineering
Item Type:Thesis (Masters)
Authors:Ghaderi, Mohsen
Institution:Concordia University
Degree Name:M.A. Sc.
Program:Electrical and Computer Engineering
Date:11 November 2019
Thesis Supervisor(s):Lucia, Walter
Keywords:Cyber-Physical Systems
ID Code:988584
Deposited By: Mohsen Ghaderi
Deposited On:27 Oct 2022 13:52
Last Modified:27 Oct 2022 13:52

Available Versions of this Item

All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Research related to the current document (at the CORE website)
- Research related to the current document (at the CORE website)
Back to top Back to top