Masoud Abbaszadeh (editor) - Security and Resilience in Cyber-Physical Systems: Detection, Estimation and Control

MATLAB and Simulink are registered trademarks of The MathWorks, Inc. See https://www.mathworks.com/trademarks for a list of additional trademarks.

This Springer imprint is published by the registered company Springer Nature Switzerland AG

The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland

Cyber-physical systems enable interoperability of cyber and physical worlds through control, computation, and communications. Control, optimization, monitoring, and diagnostic schemes that operate cyber-physical systems (e.g., power generation, transportation, oil & gas, computing and communication systems, healthcare systems, etc.) are increasingly connected via local networks or the Internet. As a result, these control systems have been increasingly vulnerable to threats and jamming, such as cyber-attacks (e.g., associated with a computer virus, malicious software, etc.), that could disrupt their operation, damage equipment, inflict malfunctions, etc. Many of current cybersecurity methods primarily consider attack detection and mitigation in Information Technology (IT, such as, computers that store, retrieve, transmit, manipulate data) and Operational Technology (OT, such as direct monitoring devices and communication bus interfaces) at the network and communication layers. Cyber-attacks can still penetrate through these protection layers and reach the physical domain as seen in 2010 with the Stuxnet attack. Such attacks can negatively affect the performance of a control system and may cause total shut down or catastrophic damage to the system. Currently, fewer methods are available to automatically detect, during a cyber-incident, attacks at the physical domain layer (i.e. the process level) where sensors, controllers, and actuators are located. In some cases, multiple attacks may occur simultaneously (e.g., more than one actuator, sensor, or parameter inside control system devices might be altered maliciously by an unauthorized party at the same time). Furthermore, some subtle consequences of cyber-attacks, such as stealthy attacks occurring at the physical layer, might not be readily detectable (e.g., when only one monitoring node, such as a sensor node, is used in a detection algorithm). In addition, to maintain system availability and integrity and to protect assets, attack resilience much be achieved through resilient estimation and control methodologies, which are beyond existing fault-tolerant control approaches. It may also be important to determine and distinguish when a monitoring node is experiencing a malicious attack (as opposed to a natural fault/failure) and, in some cases, exactly what type of attack is occurring. Existing approaches to protect an industrial control system, such as fault detection and diagnostics technologies, may not adequately address these problems, especially when multiple, simultaneous attacks occur, since multiple faults/failure diagnostic technologies are not designed for detecting stealthy attacks in an automatic manner. It would therefore be desirable to research and develop new theories and technologies to protect cyber-physical systems, including those in critical infrastructure, from cyber-attacks in an automatic and accurate manner even when attacks percolate through the IT and OT layers and directly harm the control systems.

This book is intended to cover some of the latest research on cyber-physical security and resilience and highlight active research directions and solutions that are currently pursued in academia and industry. A collection of book chapters are gathered from well-known experts in the field with diverse technical backgrounds of controls, estimation, machine learning, signal processing, and information theory, as well as diverse geographical representation from North America, Europe, and Asia. The book addresses a very important topic with a growing attention from the research community and critical applications and implications in industries and governments. The book chapters comprise of a blend of new theoretical results on detection, resilient estimation, and control combined with machine learning techniques, as well as important application areas such as power generation, electric power grid, autonomous systems, communication networks, and chemical plants. In the recent years, there have been multiple books published on cyber-security from various perspectives, including vulnerability and impact analysis, safety, security, privacy, networks intrusion detection and mitigation, etc. While there are synergies between the current book and the previously published books, the book complements previous publications by addressing cyber-physical security at the physical sensing and control layer of cyber-physical systems, and systems resilience under attack via resilient estimation and control. The book is not solely based on control/estimation theory but a combination of control theory and machine learning approaches to cyber-physical security and resilience, by which several chapters are taking a Controls+AI approach. The book is aimed for both researchers and technology developers in the academia and industry. This area is vast and rapidly growing, with crucial needs for additional research and development. The editors hope that this book will be a useful advancement in that front.