CN113364796A - Self-triggering model prediction control security defense method and system under FDI attack - Google Patents
Self-triggering model prediction control security defense method and system under FDI attack Download PDFInfo
- Publication number
- CN113364796A CN113364796A CN202110681208.4A CN202110681208A CN113364796A CN 113364796 A CN113364796 A CN 113364796A CN 202110681208 A CN202110681208 A CN 202110681208A CN 113364796 A CN113364796 A CN 113364796A
- Authority
- CN
- China
- Prior art keywords
- control
- self
- triggering
- fdi
- attack
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 25
- 230000007123 defense Effects 0.000 title claims abstract description 15
- 239000013068 control sample Substances 0.000 claims abstract description 34
- 238000004806 packaging method and process Methods 0.000 claims abstract description 8
- 238000005070 sampling Methods 0.000 claims abstract description 8
- 238000004364 calculation method Methods 0.000 claims abstract description 7
- 230000001960 triggered effect Effects 0.000 claims description 18
- 238000005457 optimization Methods 0.000 claims description 9
- 238000013461 design Methods 0.000 claims description 4
- 238000004422 calculation algorithm Methods 0.000 description 12
- 238000004088 simulation Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 4
- 238000011160 research Methods 0.000 description 4
- 230000000737 periodic effect Effects 0.000 description 3
- 238000012360 testing method Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000011217 control strategy Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000002347 injection Methods 0.000 description 2
- 239000007924 injection Substances 0.000 description 2
- PXFBZOLANLWPMH-UHFFFAOYSA-N 16-Epiaffinine Natural products C1C(C2=CC=CC=C2N2)=C2C(=O)CC2C(=CC)CN(C)C1C2CO PXFBZOLANLWPMH-UHFFFAOYSA-N 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000000368 destabilizing effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000004801 process automation Methods 0.000 description 1
- 239000000523 sample Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a self-triggering model prediction control security defense method and a system under FDI attack, which comprises the following steps: discrete sampling is carried out on continuous control signals, and an original control sample U is calculated by adopting a self-triggering MPC*(ii) a Determining control data to be encrypted according to the original control sample obtained by calculation; encrypting the control data to be encrypted, and packaging and sending the encrypted data to an actuator; when the network is attacked by FDI, the actuator acquires the latest control sample by using the received data packet, and the latest control sample is applied to complete the self-triggering prediction control safety under the FDI attack.
Description
Technical Field
The invention relates to a control security method and a control security system, in particular to a self-triggering model prediction control security defense method and a self-triggering model prediction control security defense system under FDI attack.
Background
In recent years, with the rapid development of information science and technology, CPS (cyber-physical system) which is promoted by the deep integration of industrialization and informatization has become a research hotspot. The CPS is widely applied to smart homes, automatic automobiles, smart buildings, smart power grids and smart traffic at present[5]And the like, have become core technologies for supporting and leading a new generation of industrial revolution.
Because CPS carries out information interaction through the network, the CPS inevitably suffers from malicious network attack in the long-time running process. According to statistics of internet control system (ICS-CERT) of the national security department of America in 2019, 509 related vulnerability attacks of technical process automation management system components are involved, 94 vulnerabilities are increased compared with vulnerabilities discovered in 2018, and therefore a large number of security accidents are caused. For example, in 3 months in 2019, a border firewall of a power facility in the western united states suffers from an unknown network attack, resulting in a communication disruption between a power system operation center and enterprise equipment.
For the CPS security problem, a team of courtroom and macro courtyards has deeply set forth the problem and established different CPS security threat models. The FDI attack modifies transmitted data at a network layer, so that the performance of an attacked system is significantly reduced, and therefore, the FDI attack is more dangerous and complex than other types of network attacks (such as denial of service attacks), because misleading information contained in a maliciously tampered data packet not only reduces or even deteriorates the performance of the system, but also has certain concealment. Therefore, the study of FDI attack has become one of the major concerns in the industry and academia, with recent results in the literature [9-10 ]. Model Predictive Control (MPC) has been widely applied to various CPS systems as an advanced control strategy which is good at dealing with complex constraint optimization problems, so that a large amount of achievements have emerged in recent years to study MPC problems under network attacks, for example, a flexible MPC controller is designed by utilizing all worst cases which may be caused by a denial-of-service attack, and a system state under the denial-of-service attack is reconstructed by utilizing an observer designed at the controller side to ensure the performance of the MPC control system.
Since the event-triggered and self-triggered MPCs have the characteristics of occupying less communication resources and consuming energy in the network control system compared with the periodic time-triggered MPCs, various event-triggered and self-triggered MPC mechanism research achievements for the network control system are endless.
Self-triggering is to transmit control data of one trigger interval to the executor through network packaging at the trigger time, so it is more vulnerable to network attacks than the time-triggered periodic MPC mechanism. However, the existing research results mainly focus on the problem of denial of service attack for the periodic time-triggered MPC mechanism and the event-triggered MPC mechanism, and the feasibility and the stability of the control system cannot be guaranteed since the existing research results for FDI attack appear.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a method and a system for defending the prediction control safety of a self-triggering model under the FDI attack.
In order to achieve the purpose, the method for defending the self-triggering model prediction control safety under the FDI attack comprises the following steps:
discrete sampling is carried out on continuous control signals, and an original control sample U is calculated by adopting a self-triggering MPC*;
Determining control data to be encrypted according to the original control sample obtained by calculation;
encrypting the control data to be encrypted, and packaging and sending the encrypted data to an actuator;
when the network is attacked by FDI, the actuator acquires the latest control sample by using the received data packet, and applies the latest control sample to complete the self-triggering prediction control security under the FDI attack.
Control sample U calculated by adopting self-triggering MPC*Comprises the following steps:
wherein, tkFor the trigger time, N is the number of self-triggering intervals.
Determining control data to be encrypted according to the original control sample obtained by calculation by using the formula (20);
wherein E (. DELTA.) isi) Upper bound of prediction error, LJLipschitz constant, σ, for optimal cost function in MPC optimization problemJFor design parameters, l ∈ [1, N ]]。
Upper error bound E (Δ)l) Comprises the following steps:
when l is equal to 1, the ratio of the total of the two,
when 1 < l < N, then
Lipschitz constant LJComprises the following steps:
wherein L isF,Respectively the Lipschitz constant, T, of the phase and terminal cost functions in the MPC optimization problemPIs the prediction time domain.
Design parameter sigmaJComprises the following steps:
wherein F (x)*(s),u*(s)) is the phase cost function in the MPC optimization problem, and γ ∈ (0,1) is the tuning parameter.
Control data u to be encrypted*(tk) Andand encrypting, and packaging and sending the encrypted data to the actuator.
the actuator applies the control samples U' in a zero-order hold manner.
When the network is not under attack, the executor applies the original control sample U in a zero-order hold manner*。
The encrypted data package is sent to the executor through the network.
A self-triggering model predictive control security defense system under FDI attack comprises:
a sampling module; for discrete sampling of continuous control signals, using a self-triggering MPC to calculate an original control sample U*;
The determining module is used for determining control data to be encrypted according to the original control sample obtained by calculation;
the encryption module is used for encrypting the control data to be encrypted and packaging and sending the encrypted data to the actuator;
and the execution module is used for acquiring the latest control sample by using the received data packet and applying the latest control sample to finish the self-triggering model predictive control security defense under the FDI attack when the network is attacked by the FDI.
The invention has the following beneficial effects:
the method and the system for defending against the self-triggering model predictive control safety under the FDI attack have the advantages that during specific operation, aiming at the safety control problem of the self-triggering model predictive control under the False Data Injection (FDI) attack of an information physical fusion system, discrete sampling is firstly carried out on continuous control signals, key encryption is carried out on a small number of key data, then the discretized control samples are transmitted at a network end, the control signals are reconstructed at a controlled system based on a preset mode, and finally when the system is subjected to the false data injection attack, the latest control samples are obtained by utilizing received data packets through an actuator and are applied, so that the feasibility and the stability of the control system are guaranteed, the operation is simple and convenient, and the method and the system have wide application value in the automatic control system.
Drawings
FIG. 1 is a diagram of a system model of the present invention;
FIG. 2 is a schematic diagram of control data;
FIG. 3 is a system state variable diagram;
FIG. 4 is a comparison graph of the operation traces in the simulation test;
FIG. 5 is a graph comparing control data in a simulation test;
FIG. 6 is a graph comparing trigger intervals in a simulation experiment.
Detailed Description
The invention is described in further detail below with reference to the accompanying drawings:
the self-triggering model prediction control security defense method under FDI attack comprises the following steps:
1. obtaining a self-triggering MPC control sequence
The network control system as shown in fig. 1, wherein the controlled system is described by the following continuous-time nonlinear input affine system:
wherein,respectively, system state and input, and input constraints existThe control target is to asymptotically stabilize equation (1) to the origin, i.e., x (t) → time, x (t) → 0, and to achieve this target, it is assumed that the nonlinear system given by equation (1) satisfies Φ (x, u):for theContinued lipschitz and the presence of a lipschitz constant LφAnd | | | g (x) | is bounded at the upper bound by LG;
The MPC algorithm is facilitated to obtain the optimal control input u of the control system*(s) and optimum State trajectory x*(s) is:
u*(s),x*(s),s∈[tk,tk+TP],x*(tk)=x(tk) (9)
2. Selecting data to be encrypted
Selecting a set of transmitted control samples U*First control signal sample u in*(tk) Andan emphasis encryption is performed, wherein,and selecting according to a self-adaptive algorithm to obtain the target.
The self-adaptive algorithm comprises the following steps:
obtaining control data from Lei 1*(s) to u' (t)k+△j) The analytical upper bound of the system state error.
The introduction 1 is:
control signal u' (t) constructed based on equation (13)k+△j) And the optimal control sequence u obtained by solving the OCP*(s) corresponding to the state error | | | x (t)k+△l)-x*(tk+△l) The upper bound value of | | is E (Δ)l);
When i is 1, then
When 1 < i < N, then
Wherein,
let the control sample that finally needs protection beThen selects based on the following judgment conditions
Wherein,F(x*(s),u*(s)) is a phase cost function in the MPC optimization problem,respectively the Lipschitz constant, T, of the phase and terminal cost functions in the MPC optimization problemPIs the prediction time domain. Gamma epsilon (0,1) is an adjusting parameter.
3. Signal reconstruction method
After the system is attacked, the actuator end bases on the control sample u*(tk) Andconstructing a continuous control curve u'(s) wherein:
wherein,the control data actually applied by the actuator at this time is data on the curve u '(s), that is, the actuator applies the control sample u' (t) in a manner of zero-order holdk+△j)。
The control sequence applied by the actuator at this time is:
fig. 2 is a diagram illustrating control data under different conditions.
It is required to be explained thatWhen the system is attacked and then the fitted control data is used, the next trigger interval of the system will be tk+1=tk+△NIs reduced toAlthough the total trigger interval is reduced, the system can still stably operate under the attack, and when the system is not attacked, the actuator normally applies U*。
The security control strategy is summarized by the above analysis as algorithm 1 shown below.
Simulation test
The present invention is applied to the two-dimensional incomplete vehicle system shown in fig. 3 to verify its validity, and the corresponding control objective is to drive the system from its initial position to its target position.
The system equation is:
wherein χ ═ x y θ]TIs a system state variable, u ═ v ω]TFor control input, [ x y ]]Is the position of the vehicle, theta is the angle of the vehicle, [ v ω [ [ v ω ]]TLinear and angular velocities, respectively.
Firstly, the system is started from the initial position [ -54-pi/2 ] by adopting a self-triggering MPC algorithm]Driven to the origin with the constraint ofLipschitz constantLG=1.0[24]The stage and terminal cost function is F ═ χTQχ+uTRu,Vf=χTχ, wherein Q ═ 0.1I3,R=0.05I2Adjusting parameter sigma to 0.99, epsilonf0.4, 6 is triggered interval number N; then, based on the self-triggering MPC algorithm, the control sample U transmitted by the system each time is obtained*All are maliciously tampered, and the control sample U after tampering is madeaSatisfying the set constraint; considering that an attacker can adopt various malicious tampering means to the U*Tampering is carried out, but the final result is U no matter what tampering means is adoptedaDeviation from the original control sample U*Therefore, the attack simulation means is adopted to transmit the packet U*Each set of control data u in (1)*Random malice tampering to satisfyAn arbitrary value. Next, algorithm 1 is used to reconstruct the control data in the FDI-attacked self-triggered MPC system, and the reconstructed control data is applied to the system, where γ is 0.99.
Under the driving of the designed algorithm 1, as shown in fig. 4, the vehicle running track and the self-triggered MPC algorithm eventually tend to be stable, but the system will be in a destabilizing state after the control data is tampered with maliciously and when no defensive measures are taken, the triangle mark in fig. 4 indicates that the position system is triggered, and the controlled system needs to communicate with the controller to obtain the control data.
FIG. 5 shows control data v and ω actually applied by the system in different control modes; FIG. 6 shows the triggering intervals of the FDI attack free self-triggered MPC and Algorithm 1, and Table 1 shows the second control data u requiring advanced encryption in each transmitted packet*(tk+△im) It can be seen from fig. 6 and table 1 that the trigger interval is not too lossy when driven using algorithm 1.
TABLE 1
Experimental results show that when the robot control system disclosed by the invention is subjected to FDI attack, the system still tends to be stable, and the control performance is basically equal to that under the triggering condition and the attack-free condition. Meanwhile, the algorithm 1 does not occupy a large amount of calculation and transmission resources when reconstructing the control data, so that the method has wide application value in an automatic control system.
Claims (13)
1. A self-triggering model prediction control security defense method under FDI attack is characterized by comprising the following steps:
discrete sampling is carried out on continuous control signals, and an original control sample U is calculated by adopting a self-triggering MPC*;
Determining control data to be encrypted according to the original control sample obtained by calculation;
encrypting the control data to be encrypted, and packaging and sending the encrypted data to an actuator;
when the network is attacked by FDI, the actuator acquires the latest control sample by using the received data packet, and applies the latest control sample to complete the self-triggering model prediction control safety under the FDI attack.
2. The method for defending against self-triggering model predictive control under FDI attack as claimed in claim 1, wherein the control sample U calculated by self-triggering MPC is adopted*Comprises the following steps:
wherein, tkFor the trigger time, N is the number of self-triggering intervals.
3. The method for defending against self-triggered model predictive control under FDI attack as recited in claim 1, wherein the control data to be encrypted is determined from the calculated original control sample by using equation (20);
wherein E (. DELTA.) isl) Upper bound of predicted state to actual state error, LJLipschitz constant, σ, for optimal cost function in MPC optimization problemJFor design parameters, l ∈ [1, N ]]。
4. The method for defending against self-triggering model predictive control under FDI attack as recited in claim 3, wherein the upper error bound E (Δ)l) Comprises the following steps:
when l is equal to 1, the ratio of the total of the two,
when 1 < l < N, then
6. The FDI attack self-triggering model predictive control security defense method according to claim 3, wherein the Lepristz constant L isJComprises the following steps:
10. the method for defending against self-triggered model predictive control under FDI attack as recited in claim 1, wherein the executor applies control samples U' in a zero-order hold manner.
11. The method for defending against self-triggered model predictive control under FDI attack as recited in claim 1, wherein when the network is not under attack, the executor applies the original control samples U in a zero-order-hold manner*。
12. The method for defending against self-triggered model predictive control under FDI attack as recited in claim 1, wherein the encrypted data packet is sent to an executor through a network.
13. A self-triggering model predictive control security defense system under FDI attack is characterized by comprising the following components:
a sampling module; for discrete sampling of continuous control signals, using a self-triggering MPC to calculate an original control sample U*;
The determining module is used for determining control data to be encrypted according to the original control sample obtained by calculation;
the encryption module is used for encrypting the control data to be encrypted and packaging and sending the encrypted data to the actuator;
and the execution module is used for acquiring the latest control sample by using the received data packet and applying the latest control sample to finish the self-triggering prediction control security under the FDI attack when the network is attacked by the FDI.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110681208.4A CN113364796B (en) | 2021-06-18 | 2021-06-18 | Self-triggering model prediction control security defense method and system under FDI attack |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110681208.4A CN113364796B (en) | 2021-06-18 | 2021-06-18 | Self-triggering model prediction control security defense method and system under FDI attack |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113364796A true CN113364796A (en) | 2021-09-07 |
CN113364796B CN113364796B (en) | 2022-08-02 |
Family
ID=77535297
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110681208.4A Active CN113364796B (en) | 2021-06-18 | 2021-06-18 | Self-triggering model prediction control security defense method and system under FDI attack |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113364796B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115718427A (en) * | 2022-11-16 | 2023-02-28 | 哈尔滨理工大学 | Security-guaranteed non-fragile networked prediction control method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190253440A1 (en) * | 2016-09-07 | 2019-08-15 | Singapore University Of Technology And Design | Defense system and method against cyber-physical attacks |
CN110830514A (en) * | 2019-12-12 | 2020-02-21 | 四川大学 | Detection method for collusion-based false data injection attack of smart power grid |
CN110942109A (en) * | 2019-12-17 | 2020-03-31 | 浙江大学 | PMU false data injection attack prevention method based on machine learning |
CN111786977A (en) * | 2020-06-22 | 2020-10-16 | 西安建筑科技大学 | Optimal false data injection attack method oriented to network self-triggering model prediction control |
-
2021
- 2021-06-18 CN CN202110681208.4A patent/CN113364796B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190253440A1 (en) * | 2016-09-07 | 2019-08-15 | Singapore University Of Technology And Design | Defense system and method against cyber-physical attacks |
CN110830514A (en) * | 2019-12-12 | 2020-02-21 | 四川大学 | Detection method for collusion-based false data injection attack of smart power grid |
CN110942109A (en) * | 2019-12-17 | 2020-03-31 | 浙江大学 | PMU false data injection attack prevention method based on machine learning |
CN111786977A (en) * | 2020-06-22 | 2020-10-16 | 西安建筑科技大学 | Optimal false data injection attack method oriented to network self-triggering model prediction control |
Non-Patent Citations (2)
Title |
---|
YING WAN等: "Distributed Event-Based Control for Thermostatically Controlled Loads Under Hybrid Cyber Attacks", 《 IEEE TRANSACTIONS ON CYBERNETICS》 * |
程子豪: "网络攻击下电力系统弹性频率控制和主动防御控制研究", 《中国优秀博硕士学位论文全文数据库(博士)工程科技Ⅱ辑(月刊)2021年第03期》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115718427A (en) * | 2022-11-16 | 2023-02-28 | 哈尔滨理工大学 | Security-guaranteed non-fragile networked prediction control method |
Also Published As
Publication number | Publication date |
---|---|
CN113364796B (en) | 2022-08-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Dibaei et al. | Attacks and defences on intelligent connected vehicles: A survey | |
Ring | Connected cars–the next targe tfor hackers | |
Andreeva et al. | Industrial control systems vulnerabilities statistics | |
Schmittner et al. | Using SAE J3061 for automotive security requirement engineering | |
Malik et al. | Analysis and simulation of cyber attacks against connected and autonomous vehicles | |
CN106685653B (en) | Vehicle remote firmware updating method and device based on information security technology | |
Limbasiya et al. | A systematic survey of attack detection and prevention in connected and autonomous vehicles | |
CN113242251A (en) | Vehicle-mounted network safety protection system and application method thereof | |
Plappert et al. | Attack surface assessment for cybersecurity engineering in the automotive domain | |
Islam et al. | Improving CAN bus security by assigning dynamic arbitration IDs | |
CN113364796B (en) | Self-triggering model prediction control security defense method and system under FDI attack | |
Lee et al. | Enhanced Android App‐Repackaging Attack on In‐Vehicle Network | |
Stabili et al. | Analyses of secure automotive communication protocols and their impact on vehicles life-cycle | |
Wu et al. | A decentralized lightweight blockchain-based authentication mechanism for Internet of Vehicles | |
Dobaj et al. | Cybersecurity Threat Analysis, Risk Assessment and Design Patterns for Automotive Networked Embedded Systems: A Case Study. | |
Oyler et al. | Security in automotive telematics: a survey of threats and risk mitigation strategies to counter the existing and emerging attack vectors | |
Daily et al. | Towards a cyber assurance testbed for heavy vehicle electronic controls | |
Castiglione et al. | Hazard driven threat modelling for cyber physical systems | |
CN114301739B (en) | Central gateway security architecture, system and storage medium | |
Shibly et al. | Personalized federated learning for automotive intrusion detection systems | |
Nilsson et al. | Creating a secure infrastructure for wireless diagnostics and software updates in vehicles | |
Niroumand et al. | Security of Connected and Autonomous Vehicles: A Review of Attacks and Mitigation Strategies | |
Fallstrand et al. | Applicability analysis of intrusion detection and prevention in automotive systems | |
Efstathiadis et al. | Smart cars and over-the-air updates | |
Kenyon | Transportation cyber-physical systems security and privacy |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |