Supervisory Control of Petri Nets in the Presence of Replacement Attacks

Abstract

This article addresses the robust control problem of discrete event systems assuming that replacement attacks may occur, thus making it appear that an event that has occurred looks like another event. In particular, we assume that this is done by tampering with the sensor-readings in the sensor communication channel. Specifically, we use Petri nets as the reference formalism to model the plant and assume a control specification in terms of a generalized mutual exclusion constraint. We propose three different methods to derive a control policy that is robust to the possible replacement attacks. The first two methods lead to an optimal (i.e., maximally permissive) policy but are computationally inefficient when applied to large-size systems. On the contrary, the third method computes a policy more efficiently and reveals more easily implementable in practice. However, this is done at the expense of optimality.