Abstract

There is a growing interest towards Cyber-Physical Systems (CPSs) due to their wide range of applications such as power systems, smart grids, aerospace, transportation, and process control systems in recent years. CPSs are more reliable than conventional systems and show higher level of performance in complex environments which make them more functional in different applications.
CPS is prone to anomalies such as machine induced faults and cyber-attacks, which can destabilize the system and cause significant degradation in the system's performance or result in system failure. Hence, the study of cybersecurity challenges such as detection of anomalies and designing a resilient controller in the presence of anomalies have recently attracted significant attention. In addition, diagnosis of simultaneous cyber-attack and the physical fault is an important challenge which requires more attention in the literature. The main aim of this thesis is to design a fault and cyber-attack detection mechanism in the presence of a disturbance in CPSs and Multi-Agent Systems (MASs).

In the first chapter of this thesis, the design of fault and cyber-attack detection scheme is investigated for linear cyber-physical systems. Two different types of filters have been designed to detect concurrent fault and attacks in a cyber-physical system. It is assumed that the agent is equipped with a local controller which receives a reference signal from the command and control unit and computes the controller signal internally. Hence, the control signal is generated locally and it is not prone to cyber-attack. On the other hand, the measurement signal is communicated over wireless network from the system to the command and control unit which is prone to cyber-attacks. Accordingly, the sensor measurement is prone to both cyber-attack and fault. It should be noted that it is assumed that there exist two communication channel for sending and receiving. In particular, the reference signal is transmitted from command and control station to the system in one channel and the other channel is used to transmit the output signal from the system to the command and control station and only the later is prone to attack. The filters are designed based on a multi-objective framework by utilizing the $ \mathcal{H}_\infty $ and $ \mathcal{H}_{-} $ formulation in a finite frequency domain. The efficiency of the proposed method in simultaneous detection of fault and cyber-attack is verified by simulating a VTOL aircraft in presence of disturbances and measurement noise. The proposed method can detect fault and cyber-attacks within a specific range of magnitudes which are within the performance of VTOL system.

The second chapter investigates the problem of the concurrent fault and cyber-attack detection in a MAS in the presence of disturbances. The MAS under healthy condition is equipped with a consensus controller based on the output information of neighbors. Hence, only the output measurement is communicated among the agents by a wireless network. The attack is assumed to be injected as a false data on the communication link between agents. To achieve this goal, a fault detection Luenberger observer is designed based on multi-objective framework by utilizing $ \mathcal{H}_\infty $ and $ \mathcal{H}_{-} $ formulation. Despite the previous chapter results, the design procedure has been done in full frequency domain rather than the finite frequency domain which results in less computational complexity but it can be used for strictly proper system (Fault and cyber-attack on the output signal). The fault detection observer is designed locally for each agent and can detect faults in the sensor and actuator. On the other hand, an Unknown Input Observer (UIO) is designed for each agent in its neighbors to detect cyber-attack which is injected as a false data on the link between agents. In particular, each agent is equipped with a local fault detection Luenberger-based observer and a bank of UIO which detect the cyber-attack in the neighboring agents. The efficacy of the proposed method is validated by simulation of a group of UAVs model forming a multi-agent system. The main aim of attack is not to destabilize the system but to fool the monitoring station. Thus, the cyber-attack is assumed to have the same effect as fault. Accordingly, the magnitude of cyber-attack cannot be beyond the performance limitation of the UAV. The proposed method can detect cyber-attack and fault within the performance limitation of a UAV.