Application of the unified control and detection framework to detecting stealthy integrity cyber-attacks on feedback control systems

This paper addresses issues of detecting stealthy integrity cyber-attacks on automatic control systems. A general form of integrity cyber-attacks that cannot be detected using the established observer-based technique is first introduced as kernel attacks. The well-known replay, zero dynamics and covert attacks are special forms of the kernel attacks. Existence conditions for the kernel attacks are presented. It is demonstrated, in the unified framework of control and detection, that all kernel attacks can be structurally detected when not only the observer-based residual, but also the control signal based residual signals are used for the detection purpose. Two schemes for detecting kernel attacks are then proposed, which allow reliable attack detection without loss of control performance. While the first scheme is similar to the well-established moving target method and auxiliary system aided detection scheme, the second one is realised with encrypted transmissions of control and monitoring signals in the feedback control system, which prevents adversary to gain system knowledge by means of eavesdropping attacks. Both schemes are illustrated by an experimental study on a three-tank control system. (C) 2022 Elsevier Ltd. All rights reserved.