Resilient Control for Networked Control Systems Subject to Cyber/Physical Attacks

  • Taouba Rhouma
  • Karim Chabir
  • Mohamed Naceur Abdelkrim
Research Article


In this paper, we investigate a resilient control strategy for networked control systems (NCSs) subject to zero dynamic attacks which are stealthy false-data injection attacks that are designed so that they cannot be detected based on control input and measurement data. Cyber resilience represents the ability of systems or network architectures to continue providing their intended behavior during attack and recovery. When a cyber attack on the control signal of a networked control system is computed to remain undetectable from passive model-based fault detection and isolation schemes, we show that the consequence of a zero dynamic attack on the state variable of the plant is undetectable during attack but it becomes apparent after the end of the attack. A resilient linear quadratic Gaussian controller, having the ability to quickly recover the nominal behavior of the closed-loop system after the attack end, is designed by updating online the Kalman filter from information given by an active version of the generalized likelihood ratio detector.


Networked control systems (NCSs) cyber physical attacks Kalman filtering resilient control anomaly detector 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    P. Antsaklis, J. Baillieul. Special issue on technology of networked control systems. Proceedings of the IEEE, vol. 95, no. 1, pp. 5–8, 2007.CrossRefGoogle Scholar
  2. [2]
    J. P. Hespanha, P. Naghshtabrizi, Y. G. Xu. A survey of recent results in networked control systems. Proceedings of the IEEE, vol. 95, no. 1, pp. 138–162, 2007.CrossRefGoogle Scholar
  3. [3]
    K. Stouffer, J. Falco, K. Scarfone. Guide to industrial control systems (ICS) security. NIST Special Publication, 2007.Google Scholar
  4. [4]
    Z. D. Tian, X. W. Gao, B. L. Gong, T. Shi. Time-delay compensation method for networked control system based on time-delay prediction and implicit PIGPC. International Journal of Automation and Computing, vol. 12, no. 6, pp. 648–656, 2015.CrossRefGoogle Scholar
  5. [5]
    A. Teixeira, D. Pérez, H. Sandberg, K. H. Johansson. Attack models and scenarios for networked control systems. In Proceedings of the 1st International Conference on High Confidence Networked Systems, ACM, New York, USA, pp. 55–64, 2012.CrossRefGoogle Scholar
  6. [6]
    Y. Chen, S. Kar, J. M. F. Moura. Dynamic Attack Detection in Cyber-Physical Systems with Side Initial State Information, 2015.Google Scholar
  7. [7]
    S. Amin, A. A. Cárdenas, S. S. Sastry, Safe and secure networked control systems under denial-of-service attacks. In Proceedings of the 12th International Conference on Hybrid Systems: Computation and Control, Springer, San Francisco, USA, pp. 31–45, 2009.CrossRefGoogle Scholar
  8. [8]
    Y. Liu, P. Ning, M. K. Reiter. False data injection attacks against state estimation in electric power grids. In Proceedings of the 16th ACM Conference on Computer and Communications Security, ACM, Chicago, USA, pp. 21–32, 2009.Google Scholar
  9. [9]
    A. Teixeira, H. Sandberg, K. H. Johansson. Networked control systems under cyber attacks with applications to power networks. In Proceedings of American Control Conference, IEEE, Baltimore, USA, pp. 3690–3696, 2010.Google Scholar
  10. [10]
    F. Pasqualetti, F. Dórfler, F. Bullo. Cyber-physical security via geometric control: Distributed monitoring and malicious attacks. In Proceedings of the 51th Annual Conference on Decision and Control, IEEE, Maui, USA, pp. 3418–3425, 2012.Google Scholar
  11. [11]
    Y. L. Mo, B. Sinopoli. Secure control against replay attacks. In Proceedings of the 47th Annual Allerton Conference on Communication, Control, and Computing, IEEE, Monticello, USA, pp. 911–918, 2009.Google Scholar
  12. [12]
    R. S. Smith. A decoupled feedback structure for covertly appropriating networked control systems. In Proceedings of the 18th IFAC World Congress, IFAC, Milan, Italy, pp. 90–95, 2011.Google Scholar
  13. [13]
    A. A. Cardenas, S. Amin, S. Sastry. Secure control: Towards survivable cyber-physical systems. In Proceedings of the 28th International Conference on Distributed Computing SystemsWorkshops, IEEE, Beijing, China, pp. 495–500, 2008.Google Scholar
  14. [14]
    F. Pasqualetti. Secure Control Systems: A Control- Theoretic Approach to Cyber-Physical Security, Ph.D. dissertation, University of California, USA, 2012.Google Scholar
  15. [15]
    P. M. Frank. Fault diagnosis in dynamic systems using analytical and knowledge-based redundancy: A survey and some new results. Automatica, vol. 26, no. 3, pp. 459–474, 1990.MathSciNetCrossRefzbMATHGoogle Scholar
  16. [16]
    J. Chen and R. J. Patton. Robust Model-Based Fault Diagnosis for Dynamic Systems, Boston, USA: Kluwer Academic Publishers, 1999.CrossRefzbMATHGoogle Scholar
  17. [17]
    S. X. Ding. Model-Based Fault Diagnosis Techniques: Design Schemes, Algorithms, and Tools, Berlin Heidelberg, Germany: Springer, 2008.Google Scholar
  18. [18]
    K. Chabir, D. Sauter, I. M. Al-Salami, C. Aubrun. On fault detection and isolation (FDI) design for networked control systems with bounded delay constraints. In Proceedings of the 8th IFAC Symposium on Fault Detection, Supervision and Safety of Technical Processes, Mexico City, Mexico, pp. 1107–1112, 2012.Google Scholar
  19. [19]
    M. Brunner, H. Hofinger, C. Krauss, C. Roblee, P. Schoo, S. Todt. Infiltrating critical infrastructures with next-generation attacks. Fraunhofer Institute for Secure Information Technology, [Online], Available:, 2010.Google Scholar
  20. [20]
    A. Teixeira, I. Shames, H. Sandberg, K. H. Johansson. Revealing stealthy attacks in control systems. In Proceedings of the 50th Annual Allerton Conference on Communication, Control, and Computing, IEEE, Monticello, USA, pp. 1806–1813, 2012.Google Scholar
  21. [21]
    J. Y. Keller, D. Sauter. Monitoring of stealthy attack in networked control systems. In Proceedings of Conference on Control and Fault-Tolerant Systems, IEEE, Nice, France, pp. 462–467, 2013.Google Scholar
  22. [22]
    J. Y. Keller, K. Chabir, D. Sauter. Input reconstruction for networked control systems subject to deception attacks and data losses on control signals. International Journal of Systems Science, vol. 47, no. 4, pp. 814–820, 2016.MathSciNetCrossRefzbMATHGoogle Scholar
  23. [23]
    V. L. Do, L. Fillatre, I. Nikiforov. A statistical method for detecting cyber/physical attacks on SCADA systems. In Proceedings of IEEE Conference on Control Applications, IEEE, Antibes, France, pp. 364–369, 2014.Google Scholar
  24. [24]
    A. Willsky, H. Jones. A generalized likelihood ratio approach to the detection and estimation of jumps in linear systems. IEEE Transactions on Automatic Control, vol. 21, no. 1, pp. 108–112, 1976.MathSciNetCrossRefzbMATHGoogle Scholar
  25. [25]
    Y. M. Zhang, J. Jiang. Bibliographical review on reconfigurable fault-tolerant control systems. Annual Reviews in Control, vol. 32, no. 2, pp. 229–252, 2008.CrossRefGoogle Scholar
  26. [26]
    Y. Yuan, Q. Y. Zhu, F. C. Sun, Q. Y. Wang, T. Ba¸sar. Resilient control of cyber-physical systems against denialof- service attacks. In Proceedings of the 6th International Symposium on Resilient Control Systems, IEEE, San Francisco, USA, pp. 54–59, 2013.Google Scholar
  27. [27]
    C. De Persis, P. Tesi. Resilient control under denial-ofservice. IFAC Proceedings Volumes, vol. 47, no. 3, pp. 134–139, 2014.CrossRefGoogle Scholar
  28. [28]
    X. Zhu. Resilient Control and Intrusion Detection for SCADA Systems, Ph. D. dissertation, University of California, USA, 2011.Google Scholar

Copyright information

© Institute of Automation, Chinese Academy of Sciences and Springer-Verlag GmbH Germany, part of Springer Nature 2017

Authors and Affiliations

  1. 1.Modeling, Analysis and Control of Systems (MACS) Laboratory, National Engineering School of Gabes (ENIG)University of GabesGabesTunisia

Personalised recommendations