CN110850817B - Safety estimation method of networked industrial control system - Google Patents
Safety estimation method of networked industrial control system Download PDFInfo
- Publication number
- CN110850817B CN110850817B CN201910994731.5A CN201910994731A CN110850817B CN 110850817 B CN110850817 B CN 110850817B CN 201910994731 A CN201910994731 A CN 201910994731A CN 110850817 B CN110850817 B CN 110850817B
- Authority
- CN
- China
- Prior art keywords
- node
- estimator
- estimation
- matrix
- industrial control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/418—Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS], computer integrated manufacturing [CIM]
- G05B19/41885—Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS], computer integrated manufacturing [CIM] characterised by modeling, simulation of the manufacturing system
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Abstract
The invention discloses a safety estimation method of a networked industrial control system. The existing method can only monitor the system state at fixed time and fixed point, and is difficult to accurately reflect the real-time running state of the system. The method comprises the steps of firstly establishing a model of state estimation of the networked industrial control system, then establishing an error system model of safety estimation, and finally solving an estimator gain matrix. The method adopts a complex network estimation method based on an event trigger strategy, considers the influence of network attack on a system, designs a recursive state estimator by an extended Kalman filtering method, and determines a gain matrix of the state estimator by solving two Riccath differential equations. Based on the event trigger strategy, the network burden and energy consumption caused by a large amount of information transmission are reduced, the constructed estimator can realize timely and accurate estimation of the system state under the condition of suffering network attack, and a timely and effective method is provided for safety estimation, monitoring and control of a networked industrial control system.
Description
Technical Field
The invention belongs to the technical field of automatic control, and relates to a safety estimation method of a networked industrial control system, which considers the network attack possibly suffered by an important industrial control system and can be used for the safe operation and estimation of a modern large-scale networked industrial control system.
Background
The structure of the modern industrial control system is more and more complex, and gradually develops towards networking direction, so that the combination of a computer network and a control network is promoted, the industrial control field is widened, and meanwhile, a great challenge is brought to the safe operation of the industrial control system. For example, viruses and trojans attack industrial control systems on the global scale frequently, the scope of influence, economic loss and duration of the attacks are far from those of common network security events, so that the attacks not only cause huge economic loss, but also bring serious threats to national security.
Although the industrial control system usually includes a monitoring device, the application of the industrial control system is often limited, and the system state can only be monitored at regular time and fixed point, so that the real-time state of the system is difficult to accurately reflect, and particularly, timely and effective early warning cannot be performed when an emergency occurs. Therefore, for a complex networked industrial control system suffering from network attack, an effective new method for safety estimation is urgently needed to be provided, so that the important industrial control system is ensured to be safely and effectively monitored.
Disclosure of Invention
The invention aims to provide a safety estimation method of an industrial control system based on a complex network, aiming at the problem that the state estimation of the networked industrial control system in China is difficult to be carried out timely and accurately under the network attack.
Distributed Control Systems (DCS) are widely used in modern industrial processes, which usually employ a hierarchical structure, each level consisting of several subsystems. It is necessary for different subsystems to achieve several specified limited goals. One subsystem of the DCS is selected as a node, and different subsystems of the DCS form a typical complex network structure. Each part in the DCS system is connected by a communication network, so that information flows between adjacent subsystems, and a coupling relationship exists between nodes, which is expressed as an external coupling characteristic of a complex network. For a certain node, the main control parameters comprise temperature, pressure, concentration, flow and flow rate, and there may be coupling relations between different parameters, such as flow and flow rate, and the coupling relations between the five different parameters form the internal coupling of the complex network.
In order to save network resources and reduce the burden of a network communication channel, the invention adopts a complex network security estimation method based on an event trigger strategy, considers the influence of network attack possibly suffered on the state of an industrial control system, designs a recursive state estimator by using an extended Kalman filtering method, determines a gain matrix of the state estimator by solving two Riccati (Riccati) differential equations, and provides a timely and effective method for the security estimation and operation of the networked industrial control system under the network attack.
The method comprises the following specific steps:
step (1), establishing a spatial model for state estimation of a networked industrial control system;
establishing a dynamic equation of the state of the networked industrial control system based on the complex network model:
the state vector of the node i at the moment k is represented, k is 0,1,2 …, i belongs to N, and N represents the number of nodes forming the complex network;respectively representing the temperature, pressure, concentration, flow and flow rate of the controlled quantity,represents n0The column vector of the dimension, superscript T represents the transposition of the matrix;
represents the measured output value of node i at time k,temperature, concentration and flow rate of the output quantity are respectively expressed;
=diag{γ1,γ2,γ3,γ4,γ5denotes the internal coupling matrix of the complex network model, diag {. cndot } denotes the diagonal matrix, γl≧ 0(l ═ 1,2,3,4,5) is a known constant representing the internal coupling coefficient of node i;
an external coupling matrix representing a complex network model with matrix dimensions of NxN, constantsRepresenting the connection condition between nodes i, j, and the content of i, j belongs to N: when in useWhen, it represents that the nodes i, j are communicated; when in useWhen the node I is not communicated with the node j, the node I is not communicated with the node j;
vi,k∈R1Representing the measurement noise of node i at time k, with variance Ri,kI.e. E { v }i,k}=0,E {. is the mathematically expected symbol;
Ai,k∈R5×5、Bi,k∈R5×1、Ci,k∈R3×5and Di,k∈R3×1Are all known matrices, symbolsRepresents n1×n2A real matrix of dimensions.
If the node i suffers from a network attack at time k, a set of random variables d satisfying Bernoulli distribution is usedi,kTo describe, di,kSatisfies the following conditions:whereinProb {. for a known scalar represents the probability of a random event.
Measurement output after being affected by spoofing attackTherein, ζi,k=-yi,k+μi,kSpoof signal, y, representing an attacker inputi,kIs the measured output value, mu, of node ii,kIs a signal with limited energy, and the k is more than or equal to 0 for any k, so as to meet the requirementWhereinIs a known scalar.
Using an event-triggered communication protocol:whereinIs a positive scalar quantity;is about measuring the outputSum positive scalar quantityI.e. the condition triggered by the event;indicating node i at trigger time stThe transmitted measurement output value, t ═ 0,1,2.
According to an event-triggered communication protocol, only ifWhen the trigger condition is met, the measurement data is transmitted; otherwise, not transmitting the measurement data;
Step (2), establishing an error system model of safety estimation;
(2-1) constructing a safety estimator:
based on an extended Kalman filtering method, establishing an estimator model:
whereinRepresents a state vector xi,kA step of prediction value at the moment k;represents a state vector xi,k+1An estimate at time k + 1; ki,k+1∈R5×3Is the estimator gain matrix to be solved.
(2-2) establishing an estimation error system:
defining prediction error of node iAnd estimation errorEstablishing an estimation error system model:
step (3), solving a gain matrix of the safety estimator;
(3-1) solving the covariance of the prediction error Pi,k+1|k:Obtaining a prediction error covariance Pi,k+1|kOne upper bound of (c):
(3-2) solving the estimation error covariance Pi,k+1|k+1:
obtaining an estimation error covariance Pi,k+1|k+1One upper bound of (c):
h(h 1.., 6) is 6 arbitrary positive scalars within the interval (0,1), the superscript-1 representing the matrix or the inverse of the scalar; scalar ξi,k+1E {0,1}, and xi when the event trigger condition at the moment k is meti,k+10; conversely xii,k+1=1。
(3-3) solving an estimator gain matrix:
the following two ricatty difference equations are solved:
wherein the content of the first and second substances,andare two solutions of the system of equations and the initial values satisfyI.e. the estimated error covariance Pi,k+1|k+1An upper bound of; to pairCalculating a partial derivative:
Ki,k+1Namely a gain matrix of the networked industrial control system safety estimator.
The method of the invention is a complex network estimation method based on the event trigger strategy, which can save network resources and reduce the burden of network communication channels. Considering the influence of network attacks on the system, a recursive state estimator is designed through an extended Kalman filtering method, and a gain matrix of the state estimator is determined by solving two Riccati (Riccati) difference equations.
The estimator constructed by the invention can realize timely and accurate estimation of the system state under the condition of network attack, and ensures the safety monitoring and control of the system, so the estimator is called as a safety estimator and can provide a timely and effective method for the safety estimation, monitoring and control of a networked industrial control system.
Detailed Description
A safety estimation method of a networked industrial control system comprises the following specific steps:
step (1), establishing a spatial model for state estimation of a networked industrial control system;
establishing a dynamic equation of the state of the networked industrial control system based on the complex network model:
the state vector of the node i at the moment k is represented, k is 0,1,2 …, i belongs to N, and N represents the number of nodes forming the complex network;respectively representing the temperature, pressure, concentration, flow and flow rate of the controlled quantity,represents n0The column vector of the dimension, superscript T represents the transposition of the matrix;
represents the measured output value of node i at time k,temperature, concentration and flow rate of the output quantity are respectively expressed;
=diag{γ1,γ2,γ3,γ4,γ5denotes the internal coupling matrix of the complex network model, diag {. cndot } denotes the diagonal matrix, γl≧ 0(l ═ 1,2,3,4,5) is a known constant representing the internal coupling coefficient of node i;
an external coupling matrix representing a complex network model with matrix dimensions of NxN, constantsRepresenting the connection condition between nodes i, j, and the content of i, j belongs to N: when in useWhen, it represents that the nodes i, j are communicated; when in useWhen the node I is not communicated with the node j, the node I is not communicated with the node j;
vi,k∈R1Representing the measurement noise of node i at time k, with variance Ri,kI.e. E { v }i,k}=0,E {. is the mathematically expected symbol;
Ai,k∈R5×5、Bi,k∈R5×1、Ci,k∈R3×5and Di,k∈R3×1Are all known matrices, symbolsRepresents n1×n2A real matrix of dimensions.
If the node i suffers from a network attack at time k, a set of random variables d satisfying Bernoulli distribution is usedi,kTo describe, di,kSatisfies the following conditions:whereinProb {. for a known scalar represents the probability of a random event.
Measurement output after being affected by spoofing attackTherein, ζi,k=-yi,k+μi,kSpoof signal, y, representing an attacker inputi,kIs the measured output value, mu, of node ii,kIs a signal with limited energy, and the k is more than or equal to 0 for any k, so as to meet the requirementWhereinIs a known scalar.
Using an event-triggered communication protocol:whereinIs a positive scalar quantity;is about measuring the outputSum positive scalar quantityI.e. the condition triggered by the event;indicating node i at trigger time stTransmitted byThe output value is measured, t ═ 0,1,2.
According to an event-triggered communication protocol, only ifWhen the trigger condition is met, the measurement data is transmitted; otherwise, not transmitting the measurement data;
Step (2), establishing an error system model of safety estimation;
(2-1) constructing a safety estimator:
based on an extended Kalman filtering method, establishing an estimator model:
whereinRepresents a state vector xi,kA step of prediction value at the moment k;represents a state vector xi,k+1An estimate at time k + 1; ki,k+1∈R5×3Is the estimator gain matrix to be solved.
(2-2) establishing an estimation error system:
defining prediction error of node iAnd estimation errorEstablishing an estimation error system model:
step (3), solving a gain matrix of the safety estimator;
(3-1) solving the covariance of the prediction error Pi,k+1|k:Obtaining a prediction error covariance Pi,k+1|kOne upper bound of (c):
(3-2) solving the estimation error covariance Pi,k+1|k+1:
obtaining an estimation error covariance Pi,k+1|k+1One upper bound of (c):
h(h 1.., 6) is 6 arbitrary positive scalars within the interval (0,1), the superscript-1 representing the matrix or the inverse of the scalar; scalar ξi,k+1E {0,1}, and xi when the event trigger condition at the moment k is meti,k+10; conversely xii,k+1=1。
(3-3) solving an estimator gain matrix:
the following two ricatty difference equations are solved:
wherein the content of the first and second substances,andare two solutions of the system of equations and the initial values satisfyI.e. the estimated error covariance Pi,k+1|k+1An upper bound of; to pairCalculating a partial derivative:
Ki,k+1Namely the gain matrix of the networked industrial control system safety estimator solved by the invention.
Claims (1)
1. A safety estimation method of a networked industrial control system is characterized by comprising the following specific steps:
step (1), establishing a spatial model for state estimation of a networked industrial control system;
establishing a dynamic equation of the state of the networked industrial control system based on the complex network model:
wherein the content of the first and second substances,representing a state vector of a node i at the moment k, wherein k is 0,1,2, i belongs to N, and N represents the number of nodes forming the complex network;respectively representing the temperature, pressure, concentration, flow and flow rate of the controlled quantity,represents n0The column vector of the dimension, superscript T represents the transposition of the matrix;represents the measured output value of node i at time k,temperature, concentration and flow rate of the output quantity are respectively expressed; biag { γ ═1,γ2,γ3,γ4,γ5Denotes the internal coupling matrix of the complex network model, diag {. cndot } denotes the diagonal matrix, γl≧ 0(l ═ 1,2,3,4,5) is a known constant representing the internal coupling coefficient of node i;
an external coupling matrix representing a complex network model with matrix dimensions of NxN, constantsRepresenting the connection condition between nodes i, j, and the content of i, j belongs to N: when in useWhen, it represents that the nodes i, j are communicated; when in useWhen the node I is not communicated with the node j, the node I is not communicated with the node j;
vi,k∈R1Representing the measurement noise of node i at time k, with variance Ri,kI.e. E { v }i,k}=0,E {. is the mathematically expected symbol;
Ai,k∈R5×5、Bi,k∈R5×1、Ci,k∈R3×5and Di,k∈R3×1Are all known matrices, symbolsRepresents n1×n2A real matrix of dimensions;
if the node i suffers from a network attack at time k, a set of random variables d satisfying Bernoulli distribution is usedi,kTo describe, di,kSatisfies the following conditions:whereinProb {. for a known scalar represents the probability of a random event;
measurement output after being affected by spoofing attackTherein, ζi,k=-yi,k+μi,kSpoof signal, y, representing an attacker inputi,kIs the measured output value, mu, of node ii,kIs a signal with limited energy, and the k is more than or equal to 0 for any k, so as to meet the requirementWhereinIs a known scalar;
using an event-triggered communication protocol:whereinIs a positive scalar quantity;is about the measurement output after being affected by the spoofing attackSum positive scalar quantityI.e. the condition triggered by the event;indicating node i at trigger time stA transmitted measurement output value, t ═ 0,1, 2.;
according to an event-triggered communication protocol, only ifWhen the trigger condition is met, the measurement data is transmitted; otherwise, not transmitting the measurement data;
Step (2), establishing an error system model of safety estimation;
(2-1) constructing a safety estimator:
based on an extended Kalman filtering method, establishing an estimator model:
whereinRepresents a state vector xi,kA step of prediction value at the moment k;represents a state vector xi,k+1An estimate at time k + 1; ki,k+1∈R5×3Is estimator gain matrix to be solved;
(2-2) establishing an estimation error system:
defining prediction error of node iAnd estimation errorEstablishing an estimation error system model:
step (3), solving a gain matrix of the safety estimator;
Obtaining a prediction error covariance Pi,k+1|kOne upper bound of (c):
(3-2) solving the estimation error covariance Pi,k+1|k+1:
obtaining an estimation error covariance Pi,k+1|k+1One upper bound of (c):
his any positive scalar in the interval (0,1), h is 1,2, …,6, superscript-1 denotes the matrix or the inverse of the scalar; scalar ξi,k+1E {0,1}, and xi when the event trigger condition at the moment k is meti,k+10; conversely xii,k+1=1;
(3-3) solving an estimator gain matrix:
the following two ricatty difference equations are solved:
wherein the content of the first and second substances,andare two solutions of the system of equations and the initial values satisfy I.e. the estimated error covariance Pi,k+1|k+1An upper bound of; to pairCalculating a partial derivative:
Ki,k+1Namely a gain matrix of the networked industrial control system safety estimator.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910994731.5A CN110850817B (en) | 2019-10-18 | 2019-10-18 | Safety estimation method of networked industrial control system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910994731.5A CN110850817B (en) | 2019-10-18 | 2019-10-18 | Safety estimation method of networked industrial control system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110850817A CN110850817A (en) | 2020-02-28 |
CN110850817B true CN110850817B (en) | 2020-10-23 |
Family
ID=69596546
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910994731.5A Active CN110850817B (en) | 2019-10-18 | 2019-10-18 | Safety estimation method of networked industrial control system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110850817B (en) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112260867B (en) * | 2020-10-21 | 2022-04-01 | 山东科技大学 | State estimation method of event-triggered transmission complex network based on collective member estimation |
CN113810906B (en) * | 2021-02-24 | 2024-04-16 | 浙江工业大学 | Sensor attack estimation method for networked servo motor |
CN113037393B (en) * | 2021-03-15 | 2022-02-08 | 电子科技大学 | Control method of event-triggered communication system based on terahertz channel capacity |
CN114884694B (en) * | 2022-04-06 | 2023-05-30 | 北京北卡星科技有限公司 | Industrial control network security risk assessment method based on hierarchical modeling |
CN115022031B (en) * | 2022-05-31 | 2023-07-21 | 重庆邮电大学 | Safety consistency control method for solving influence of FDI attack on multi-agent system |
CN115859030B (en) * | 2022-11-29 | 2023-06-16 | 哈尔滨理工大学 | Two-step state estimation method under complex coupling |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103166233B (en) * | 2013-03-13 | 2015-06-17 | 中冶南方工程技术有限公司 | Continuous time state estimation method based on Kalman-Bucy filter |
CN103303237B (en) * | 2013-06-21 | 2015-06-17 | 湖南大学 | Air bag detonation control method based on genetic neural network |
CN107942653B (en) * | 2017-10-30 | 2019-11-12 | 南京航空航天大学 | Aviation electric fuel oil pump flow control system sensor fault robust Fault-Tolerant method |
CN108036785A (en) * | 2017-11-24 | 2018-05-15 | 浙江大学 | A kind of aircraft position and orientation estimation method based on direct method and inertial navigation fusion |
US10505652B2 (en) * | 2017-12-29 | 2019-12-10 | Khalifa University of Science and Technology | Methods and systems for estimating offset skew and drift |
CN109978055B (en) * | 2019-03-26 | 2021-04-23 | 京东方科技集团股份有限公司 | Information fusion method and system for multi-sensor system, computer device and medium |
CN110119085B (en) * | 2019-04-03 | 2022-03-15 | 杭州电子科技大学 | Manutec R3 type industrial robot dynamic optimization system |
-
2019
- 2019-10-18 CN CN201910994731.5A patent/CN110850817B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN110850817A (en) | 2020-02-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110850817B (en) | Safety estimation method of networked industrial control system | |
Amin et al. | Cyber security of water SCADA systems—Part II: Attack detection using enhanced hydrodynamic models | |
CN113741309B (en) | Dual-dynamic event trigger controller model design method based on observer | |
US20200302054A1 (en) | Method for detecting physical intrusion attack in industrial control system based on analysis of signals on serial communication bus | |
CN110161882A (en) | A kind of fault detection method of the networked system based on event trigger mechanism | |
CN113009825A (en) | Deception-attacked nonlinear networked system state estimation method | |
CN112286051A (en) | Neural network quantitative control method based on adaptive event trigger mechanism under complex network attack | |
CN108053126A (en) | A kind of electric power CPS methods of risk assessment under Dos attacks | |
CN104734916A (en) | Efficient multistage anomaly flow detection method based on TCP | |
CN112865752A (en) | Filter design method based on adaptive event trigger mechanism under hybrid network attack | |
CN109190375B (en) | Equation set for analyzing malicious program propagation rules and malicious program diffusion prediction method | |
CN110224852A (en) | Network security monitoring method and device based on HTM algorithm | |
CN109274678B (en) | Estimation method for malicious attack of Internet of vehicles in packet loss environment | |
CN115022031A (en) | Security consistency control method for solving influence of FDI attack on multi-agent system | |
CN108345711A (en) | Based on event driven EMU robust sensor intermittent fault detection method | |
Chen et al. | Event-triggered generalized dissipative filtering for delayed neural networks under aperiodic DoS jamming attacks | |
CN108847983A (en) | Intrusion detection method based on MQTT agreement | |
CN110365311B (en) | Design method of multi-rate time-varying network system filter under random sensor saturation | |
CN113110321B (en) | Distributed estimation method of networked industrial control system based on event trigger | |
CN110515069B (en) | Self-adaptive consistency information filtering method for distributed target tracking | |
CN110910027B (en) | Network security situation assessment method based on security factors | |
CN110164510B (en) | Urban river water quality estimation method | |
CN113411312B (en) | State estimation method of nonlinear complex network system based on random communication protocol | |
CN115328093A (en) | Safety state estimation method of double-time-scale industrial information physical system | |
Tomic et al. | Jamming-resilient control and communication framework for cyber physical systems |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |