|dc.description.abstract||Until 1960s, control systems consisted mainly of mechanical or analog electronic devices exchanging information among system components, i.e., sensors, controllers, and actuators, via wired communication. However, recent advancement in computer and communication industries have led to the growing use of Internet, embedded systems, wireless and digital communication technologies in many industrial control systems and transformed them into Networked Control Systems (NCSs).
A defining feature of an NCS is that it consists of a number of devices implemented distributively so that system information is exchanged through a shared communication network. In light of many distinct advantages of NCSs including flexible architectures and less installation and maintenance costs, the development and application of NCSs have been recently boosted in a wide range of practical areas and critical infrastructures including transportation systems, electrical power systems and smart grids, remote surgery, industrial and manufacturing systems.
Owing to heterogeneous IT components and open network connections among controllers, sensors, actuators, and other networked components, the Confidentiality, Integrity, and Availability (CIA) of exchanged data in an NCS may suffer from vulnerability to malicious cyber attacks. Undoubtedly, this kind of threat is mainly launched by an adversary in either the physical world or the cyber-space with the aim of substantial economic benefits or disrupting human life. Therefore, it is imperative to properly address security issues of NCSs so as to ensure their reliable and safe performance.
In securing NCSs, reliable attack detection is of utmost importance. Generally speaking, when cyber attacks are detected and located in a timely fashion, the damage to overall systems can be controlled within a tolerable limit. Motivated by security concerns of NCSs, the first major contribution of this thesis is the development of a novel centralized detection method based on set-membership filtering technique so as to detect cyber attacks in an NCS subject to Unknown-But-Bounded (UBB) process noise and UBB measurement noise. In response to it, a set-membership filter is designed so as to construct two ellipsoidal sets: 1) a prediction set and 2) an estimation set. The estimation ellipsoidal set is calculated through updating the prediction ellipsoidal set with the current sensor measurement data. Whether the filter can detect the occurrence of such an attack is determined by the existence of intersection between these two sets.
The developed centralized detection method may not be straightforwardly applicable for a large-scale NCS because it requires full knowledge of the entire network information. Furthermore, the computational overhead for this detection method is quite high and hence, it may make the use of the detection system unrealistic. Therefore, the second major contribution of this thesis is the development of a distributed attack detection method for a vehicular platoon system, which is one of the large-scale NCSs from real engineering world. Moreover, two recovery mechanisms are developed to mitigate the adversarial impacts of attacks on the performance of the vehicle platooning system. With these two recovery mechanisms, the system can be brought back to the normal condition after detection of the attacks.
In some practical situations, it is quite common for a crafty adversary to launch assorted attacks of different models and strategies for comprehensively compromising the sensor measurements and control signals. It has been well acknowledged that different attack strategies are generally stealthy to any detection method. Motivated by this observation, the property of system’s resiliency is of utmost significance. In this study, the focus lies on resilient remote tracking control through a shared communication network. Thus, the third major contribution of this thesis is the analysis of the joint problem of resilient tracking control and resilient estimation in NCSs subject to the presence of various cyber attacks that are modeled in a unified framework which leads the NCS to be operated and controlled via some digital and unprotected communication networks.||