1. Chapter 3. The problem of state estimation under sensor attack is formalized; harmful attacks are characterized in general terms by means of a misleading relation. The notion of attack alphabet is introduced and attack words are defined to describe how observations can be corrupted by the attacker. On this alphabet two different observers are constructed: they describe the different state estimates computed by the attacker and by the operator for each corrupted observation. A formal procedure to design a supremal stealthy joint subestimator is presented. This structure, constructed refining the concurrent composition of the two observers, is guaranteed to describe all stealthy attacks. The supremal stealthy joint subestimator allows one to determine if a harmful attack exists and, if such is the case, to compute it. 2. Chapter 4. The problem of robust supervisor synthesis against sensor and actuator attacks is formulated. The supervisor under attack that describes the evolution of the supervisor according to the corrupted observation is computed. The attack structure is constructed as the concurrent composition of the attacker observer defined in Chapter 3 and the supervisor under attack. Based on such a structure, a robust supervisor can be synthesized by further restricting the behavior of the supervisor under attack. 3. Chapter 5. The problem of stealthy sensor attacks is formalized in the context of bounded LPN. The attacker monitor and the operator monitor, which characterize the state estimation of the attacker and that of the operator, can be constructed on the basis of the set of augmented labels. The joint monitor is computed as the concurrent composition of the attacker monitor and the operator monitor. An algorithm to build the extended reachability graph on the basis of the RG of the joint monitor is presented. The effectiveness of an augmented function can be tested efficiently based on the BRG of the extended reachability graph and the GMEC approach. Finally, to determine if there exists an effective augmented function that is stealthy, function g defined in Chapter 3 needs to be adopted.
Cyber security in discrete event systems: from state estimation to supervisory control
ZHANG, QI
2022-05-27
Abstract
1. Chapter 3. The problem of state estimation under sensor attack is formalized; harmful attacks are characterized in general terms by means of a misleading relation. The notion of attack alphabet is introduced and attack words are defined to describe how observations can be corrupted by the attacker. On this alphabet two different observers are constructed: they describe the different state estimates computed by the attacker and by the operator for each corrupted observation. A formal procedure to design a supremal stealthy joint subestimator is presented. This structure, constructed refining the concurrent composition of the two observers, is guaranteed to describe all stealthy attacks. The supremal stealthy joint subestimator allows one to determine if a harmful attack exists and, if such is the case, to compute it. 2. Chapter 4. The problem of robust supervisor synthesis against sensor and actuator attacks is formulated. The supervisor under attack that describes the evolution of the supervisor according to the corrupted observation is computed. The attack structure is constructed as the concurrent composition of the attacker observer defined in Chapter 3 and the supervisor under attack. Based on such a structure, a robust supervisor can be synthesized by further restricting the behavior of the supervisor under attack. 3. Chapter 5. The problem of stealthy sensor attacks is formalized in the context of bounded LPN. The attacker monitor and the operator monitor, which characterize the state estimation of the attacker and that of the operator, can be constructed on the basis of the set of augmented labels. The joint monitor is computed as the concurrent composition of the attacker monitor and the operator monitor. An algorithm to build the extended reachability graph on the basis of the RG of the joint monitor is presented. The effectiveness of an augmented function can be tested efficiently based on the BRG of the extended reachability graph and the GMEC approach. Finally, to determine if there exists an effective augmented function that is stealthy, function g defined in Chapter 3 needs to be adopted.
| File | Dimensione | Formato | |
|---|---|---|---|
|
tesi di dottorato_Qi Zhang.pdf
accesso aperto
Descrizione: tesi di dottorato_Qi Zhang
Tipologia:
Tesi di dottorato
Dimensione
5.42 MB
Formato
Adobe PDF
|
5.42 MB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
