| As the development of informatization and industrialization,human society has entered an unprecedented stage of rapid development.The modern control systems and devices,such as SCADA,DCS,PLC,have been widely used in various major infrastructure and energy industries.The cyberphysical system(CPS)integrates the functions of sensing,computing,communication and control in depth,which greatly improves the frequency of information interaction and the openness of the interaction port,at the same time;it also brings great challenges to the security protection of the system.In CPS,the security problem has been the main research content in the computer field.In recent years,with the frequent occurrence of the security events in industrial control network,especially experts and scholars in the field of networked control have gradually paid the attentions in the control field.And it has gradually become a hot research problem in CPS.From the definition of security problem to the design,implementation of defense strategy,there are essential differences between computer field and network control field.The computer field mainly pays attention to the authenticity of the information layer data,does not care about the various control performance and the index of the system.From the TCP/IP communication principle,the network attack process is analyzed and the defense scenarios are designed.For networked control system(NCS),it is aiming to satisfy various control performance.Generally,fault diagnosis(FD)and fault-tolerant control,stability control,optimization control,game theory and other methods are used to analyze the impact of attack on the system.And design the security control strategy which can resist attack and satisfy the control index.In this paper,the research content belongs to the field of network control methods.The current research work of security issue with CPS mainly focuses on networked industrial control systems and modern power systems,but most of the work is just the introduction of the concept of attack.However,modeling process and control method are still the classical methods of networked control,and lack of analysis of attack process in networked control system.In the process of modeling,there is a lack of a unified mathematical model for multivariate(multi-sources)cyberattack.In the design of security control method,some scholars adopt FD as the breakthrough point to study security control problem,which has certain practical significance,but lacks the comprehensive consideration to the history time of system state.Meanwhile,the relvent reseach of security defense scenarios design based on predictive control and switching control are quite deficient.Furthermore,the research results of combining the design of control strategy with the current security and defense methods in computer field are very few,and a very few scholars integrate the research contents and methods involved in the field of computer and communication into the CPS system.To design control strategies that are both safe and stable.The traditional methods of robust control and fault diagnosis will not be able to cope with the damage such as the unavailability and unreliability of the information brought about by the attack and even the change of the communication topology.In this paper,the shortcomings of the above research are studied,including the unified mathematical modeling of several typical cyber-attacks from the perspective of parameter uncertainties.A fault diagnosis method based on multi-historical instant state information is utilized to study the security of the system with homogeneous polynomial technique(HPT).The defense strategy of event-based predictive control is designed for intermittent DoS,and the method of switching control is used to resist the impact of attack on the system.Combined with the thought and technology of security control in computer field,a novel control framework is proposed with defense function,the defense against hidden attack and spoofing attack can be realized.The main research contents of this paper are as follows:(1)Firstly,for the unknown cyber attack,fault diagnosis is the starting point.If the fault can notbe identified by traditional fault diagnosis and fault-tolerant methods,it is assumed that thefault of this kind of system is caused by network attack.Based on this,a method ofsynthetically considering the state of the system at multiple historical times is proposed.Byadopting the homogeneous polynomial method and introducing relaxation variables,theconservatism of the system is reduced and the sensitivity of detecting unknown type attacksis improved.(2)Secondly,through mechanism analysis and mathematical derivation,using the methods ofnetwork control for reference,multiple source network attacks,such as information disclosure,denial of service attack,hidden attack and replay attack,etc.A typical closed-loop networkedcontrol system model with uncertain parameters is established and the robust performance ofthe system under finite attack energy constraints is analyzed based on the model.(3)Thirdly,for the high attack energy,the general robust control method can not guarantee thestability of the system under the condition that the intermittent DoS attack time is longer thanthe system can withstand the loss of the upper limitation of time delay or the amount of datadropout.The defense strategy of predictive control based on event trigger mechanism isdesigned to compensate the the key data loss caused by attack.The security control of NCSunder intermittent DoS attack is realized,and the system performance index is satisfied.(4)Fourth,when the attack energy continues to increase,the prediction accuracy will not onlydecrease rapidly with the increase of prediction length,but also cause the change ofcommunication channel topology.This chapter takes intermittent DoS attack as a typical case.The DoS attack on different channels in the running process of the system is analyzed,and itis modeled as a switching system.The switching control of the control system underintermittent DoS attack is realized by adopting the switching control strategy.The finite timebounded stability of the system is guaranteed.(5)Finally,aiming at the hidden attack behavior in the communication channel,by using theunidirectionality of hash function and the uniqueness of time stamp generation,the traditionalclosed-loop networked control system is improved.In the controller and the controlled object,the hardware unit including data encryption and decryption,data encapsulation budget anddata storage buffer are designed respectively,and the information transmitted in the channelis deeply fused.By using hash encryption function and timestamp generation algorithm,bydetecting the confidentiality and integrity of information,it is found that the hidden attackbehavior is hidden in the system,and the condition of whether the hidden attack exists or notis given. |
PDF Full Text Request