Abstract: Resilience has emerged as a property of major interest for the design and analysis of a complex system. It describes the ability of the system to continue providing its designed services or functions, even after possibly disruptive changes in the system (caused either by faults, or other naturally occurring phenomena, or by malicious actions). Resilience has been enjoying a spotlight in many different fields, including the Discrete Event Systems (DES) community. This workshop aims to report recent research achievements related to resilience of DES and to identify relevant challenges. It will focus on two main themes: cyber security and information condentiality, which include opacity analysis and synthesis of attack-resilient supervisors, and fault tolerance, which include robust fault diagnosis, and fault tolerant control for discrete-event systems.
Assoc Prof Rong Su, School of Electrical and Electronic Engineering, Nanyang Technological University, 50 Nanyang Avenue, Singapore 639798, Email: rsu@ntu.edu.sg
This workshop is technically co-sponsored by the Smart Cities Technical Committee and the Discrete Event Systems Technical Committee in IEEE Control Systems Society.
Topic 1: Cyber Security and Information Condentiality
Notions of Opacity for Privacy and Security in Discrete Event Systems
Abstract: This talk discusses how notions of opacity can be used to capture, analyse, and enforce privacy/security properties in emerging interconnected discrete event systems. More specifically, we start with an overview language and state-based opacity, as well as extensions to probabilistic and timed systems. To illustrate these formulations, we focus on systems that are described by (nondeterministic) automata and assume that a passive intruder observes system activity through some natural projection mapping, using knowledge of the system model in order to make inferences about the possible state of the system. The talk discusses methods to verify state-based notions of opacity (including current-state opacity, initial-state opacity, K-step opacity, and infinite-step opacity) using various types of state estimators. Several examples are used to illustrate how such notions can be used to characterize privacy and security requirements in many applications of interest, including encryption using pseudo-random generators, coverage of mobile agents in sensor networks, and anonymity requirements in protocols for web transactions.
Resilience to Sensor Deception Attacks in Supervisory Control
Abstract: We consider feedback control systems where sensor readings may be compromised by a malicious attacker intent on causing damage to the system. We study this problem at the supervisory layer of the control system, using discrete transition models of the underlying plant dynamics. We assume that the attacker can edit the (discrete) outputs from the sensors of the system before they reach the supervisory controller. In this context, we discuss two researchproblems: (i) synthesis of stealthy or non-stealthy edit attacks; and (ii) synthesis of a supervisor that is robust against a class of edit attacks. The attack synthesis problem is analyzed under both logical and stochastic models of the plant. Then, two solution methodologies of the problem of robust supervisor synthesis are discussed. The results presented leverage concepts and algorithmic techniques from supervisory control theory and from logical and stochastic games on automata. This is a joint work with Romulo Meira-Goes, Eunsuk Kang, Raymond Kwong, and Herve Marchand.
Supervisory Control for Cyber Security of Discrete-Event Systems
Abstract: One of the major challenges about cyber physical systems is how to protect system integrity from cyber attacks. There has been a large number of different types of attacks discussed in the literature. In this talk I will discuss several types of attacks in the discrete-event system framework, namely covert sensor attacks, where an attacker can arbitrarily alter sensor readings after intercepting them from a target system, aiming to trick a given supervisor to issue improper control commands, which can drive the system to an undesirable state; covert actuator attacks, where an attacker intercepts control commands and alter their contents to trigger damages to the plant without being detected by the supervisor; and covert channel delay attacks, where an attacker deliberately delays (but not change) sensor readings to alter the sequence of observations to in ict damages to the plant without being detected by the supervisor. I will first describe relevant attack models, and present the key concepts of attackability associated with different attacks. Then I will present specific algorithms to synthesize covert attack models. Finally, I will address the resilience issue, and present results about existence of attack-resilient supervisors.
Topic 2: Fault Tolerance Analysis and Control
Robust Failure Diagnosis of Discrete Event Systems and Its Applications
Abstract: Diagnosability is a property of discrete event systems (DES) that ensures that the occurrence of an unobservable failure event is detect after the occurrence of a finite number of events after the failure. Failures in DES are detected online by using a so-called diagnoser automaton, which is actually an observer automaton that not only keeps track of the system state evolution but also has labels that inform whether the system is working within its normal or faulty behavior. However, diagnosers are built assuming exact knowledge of the model of the real plant, and, when, for some reason, the model does not correspond to the actual system behavior, diagnosers may either issue wrong information regarding the failure occurrence or halt in some state; even though the real system continues evolving. In order to overcome these problems, robust diagnosers have been proposed, whose central idea is to ensure the correct functioning of the diagnosis system by taking in consideration not only the plant nominal behavior but also additional information regarding the system functioning and its components. In this talk we address the problem of robust failure diagnosis under the following perspectives: (i) assuming that the communication between local sites and coordinator is not reliable in decentralized systems; (ii) assuming intermittent and permanent sensor failures; (iii) assuming communication delays between measurements sites and local diagnosers in networked DES. We end this talk by also considering decentralized diagnosis of networked DES subject to denial of service attacks, a problem of current interest, being motivated by the increase in the use of communication network for supervision and control of physical system, which increases the vulnerability of these cyber-physical systems since an outsider may interfere in the desired behavior of the system.
Fault-Tolerant Supervisory Control in Terms of Formal Languages
Abstract:A fault-tolerant supervisory controller maintains a prescribed closed-loop performance even when the plant is subject to certain faults. In this workshop, we discuss fault-tolerant supervisory control in terms of formal languages. Doing so, we obtain a general framework in which we can re-interpret established approaches like passive fault tolerance and active fault tolerance. Moreover, a synthesis algorithm for fault-tolerant supervisory controllers can be derived by minor variations of the base algorithms commonly used in the context of supervisory control. For the workshop format, we can present the approach in considerable detail and, hence, provide a technical introduction to fault-tolerant supervisory control.
Department of Electrical and Computer Engineering, Cyprus University of Technology
Notions of Opacity for Privacy and Security in Discrete Event Systems
Department of Electrical Engineering, Universidade Federal do Rio de Janeiro
Robust Failure Diagnosis of Discrete Event Systems and Its Applications
Friedrich-Alexander Universitt Erlangen-Nrnberg
Fault-Tolerant Supervisory Control in Terms of Formal Languages
University of Michigan, Ann Arbor
Resilience to Sensor Deception Attacks in Supervisory Control
Nanyang Technological University
Supervisory Control for Cyber Security of Discrete Event Systems
(1) This workshop consists of presentations, which report recent individual research progresses on specific topics, e.g., opacity and cyber security related synthesis, and fault diagnosis and fault tolerant control. (2)They require audience to have some technical background in modeling, analysis and control of discrete-event systems, thus, suitable for researchers and senior graduate students in relevant fields. To help registered audience better undertand the presented materials, a printout of each presentation will be disseminated during the workshop.
Presentation Title | Speaker | Time Slot |
---|---|---|
Introduction | Rong Su, pre-recorded Nanyang Technological University |
10:00 - 10:05 |
Introduction to Christoforos Hadjicostis | Rong Su, pre-recorded Nanyang Technological University |
10:05 - 10:07 |
Notions of Opacity for Privacy and Security in Discrete Event Systems | Christoforos Hadjicostis, pre-recorded University of Cyprus |
10:07 - 11:00 |
Introduction to Stephane Lafortune | Rong Su, pre-recorded Nanyang Technological University |
11:00 - 11:02 |
Resilience to Sensor Deception Attacks in Supervisory Control | Stephane Lafortune, pre-recorded University of Michigan, Ann Arbor |
11:02 - 12:00 |
Introduction to Rong Su | Rong Su, pre-recorded Nanyang Technological University |
12:00 - 12:02 |
Supervisory Control for Cyber Security of Discrete Event Systems | Rong Su, pre-recorded Nanyang Technological University |
12:02 - 13:00 |
Introduction to Joao Carlos Basilio | Rong Su, pre-recorded Nanyang Technological University |
13:00 - 13:02 |
Robust Failure Diagnosis of Discrete Event Systems and Its Applications | Joao Carlos Basilio, pre-recorded Universidade Federal do Rio de Janeiro |
13:02 - 14:00 |
Introduction to Thomas Moor | Rong Su, pre-recorded Nanyang Technological University |
14:00 - 14:02 |
Fault-Tolerant Supervisory Control in Terms of Formal Languages | Thomas Moor, pre-recorded Friedrich-Alexander Universitt Erlangen-Nrnberg |
14:02 - 15:00 |
Panel Discussions | All Speakers (moderator: Rong Su) live session with all speakers and delegates, screen sharing by delegates may also be allowed to encourage more discussions. | 15:00 - 16:30 |
Assoc Prof Rong Su, School of Electrical and Electronic Engineering, Nanyang Technological University, 50 Nanyang Avenue, Singapore 639798, Email: rsu@ntu.edu.sg