The coming decades may see the large scale deployment of networked cyber–physical systems to address global needs in areas such as energy, water, health care, and transportation. However, as recent events have shown, such systems are vulnerable to cyber attacks. Being safety critical, their disruption or misbehavior can cause economic losses or injuries and loss of life. It is therefore important to secure such networked cyber–physical systems against attacks. In the absence of credible security guarantees, there will be resistance to the proliferation of cyber–physical systems, which are much needed to meet global needs in critical infrastructures and services. This paper addresses the problem of secure control of networked cyber–physical systems. This problem is different from the problem of securing the communication network, since cyber–physical systems at their very essence need sensors and actuators that interface with the physical plant, and malicious agents may tamper with sensors or actuators, as recent attacks have shown. We consider physical plants that are being controlled by multiple actuators and sensors communicating over a network, where some sensors could be “malicious,” meaning that they may not report the measurements that they observe. We address a general technique by which the actuators can detect the actions of malicious sensors in the system and disable closed-loop control based on their information. This technique, called “watermarking,” employs the technique of actuators injecting private excitation into the system, which will reveal malicious tampering with signals. We show how such an active defense can be used to secure networked systems of sensors and actuators.
Read full abstract