Abstract

In this thesis, the safety and security problems in Cyber-Physical Systems (CPSs) are addressed. In general, CPSs are referred to as physical systems tightly coupled with computation and communication capabilities, which have the potential to improve traditional engineering systems in terms of efficiency, reliability, and performance. However, such added features come along with potential vulnerabilities to cyber-attacks, as testified by the different types of cyber-attacks reported against CPSs. In the last decade, several control solutions have been proposed to detect such attacks and mitigate their impact on CPSs.

In the first part of this thesis, we show that most of the studied attacks, if performed for a finite-time duration, can be straightforwardly detected in the post-attack phase. Moreover, we show the existence of a new type of cyber-attacks, namely finite-time covert attacks, affecting both constrained and unconstrained control systems. It is formally proved that this class of attacks is undetectable, during their actions and after their termination, if the anomaly detector is implemented on the controller side of the CPS. To design such attacks against unconstrained control systems, we combine a finite impulse response receding-horizon filter and reachability arguments. On the other hand, for constrained control systems we resort to a Set-Theoretic Model Predictive Control (ST-MPC) approach leveraging robust reachability arguments.

In the second part of the thesis, we consider a constrained control system, subject to state and control input constraints, and we propose a novel networked control architecture to ensure the plant’s safety, i.e., fulfillment of plant’s safety constraints in the presence of cyber-attacks on the communication channels, regardless of attacker’s actions and duration. To this end, two different detectors are proposed to detect attacks on the setpoint signal as well as on the control inputs and sensor measurements. In addition, an Emergency Controller (EC), local to the plant, is designed to replace the networked controller whenever an attack is detected. The concept of a robust N−step attack-safe region is introduced to ensure that the EC is activated, regardless of the detector performance, at least one step before the safety constraints are violated.

In the third part of the thesis, we propose a novel networked control architecture aiming to minimize the tracking performance degradation under cyber-attacks. On the plant side, a local controller is designed to take care of attacks on the actuation channel. In particular, given a finite number of pre-determined admissible safe equilibrium points, this unit exploits a Voronoi partition of the state space and a family of dual-mode set-theoretic model predictive controllers to safely confine, in a finite number of steps, the system state into the closest robust control invariant region. On the other hand, on the controller side, the reference tracking controller operations are enhanced with an add-on module in charge of dealing with attack occurrences on the measurement channel. Specifically, by leveraging the Voronoi partition used on the plant’s side and robust reachability arguments, the objective of this unit is to reduce the tracking performance loss by allowing a supervised system open-loop evolution until the best possible outcome in terms of tracking is achieved.