Resilient Design of Cloud-Based Control Systems Against Cyber Attack
[Thesis]
Rahman, Mohammad Arafatur
Keel, Lee H.
Tennessee State University
2020
113 p.
Ph.D.
Tennessee State University
2020
Over a while, the control system evolves with technology, such as cloud-based control system, become more sophisticated. These changes provide many benefits in terms of maintainability, scalability. However, it also creates new challenges in terms of security. Ensuring a secure system is a crucial requirement to avoid the costly impact of the failure of security. In this thesis, we have designed a system that comprises two subsystems that address two aspects of control system security in the context of the cloud. One is a detection mechanism for the physical system integrity attack, and another one is a resilient control mechanism for the cloud-based networked control system attacked through network congestion. This document has been written following the systems engineering approach. Attacks on the physical system integrity such as a change in control parameter, hardware trojan, result in a change of dynamical property of the system that leads to undesirable behavior which may be harmful to the system. Our selected method can detect whether the physical system has been compromised. The proposed technique uses a hidden monitoring signal that does not affect the system's performance and works on the live system. We also show that a specific type of attack (Replay attack) on signals/data can be modeled as an attack on the system integrity, and therefore, the technique can be used. Once this detection is performed, then a redundant system can be activated for the resilient operation. In cloud-based networked control systems, signals, including control actions, are transmitted over a communication link. The network bandwidth can be compromised, causing delay and packet drops, which ultimately affects the performance and stability of the underlying control system. Our selected resilient control is based upon a real-time network resource management strategy to overcome such drawbacks. The subsystems are developed, verified, and integrated to perform as a system on the cloud platform. Finally, the system is validated at various scenarios to demonstrate the effectiveness of a resilient design of the system according to the requirement.