## CPS Security

**This is the wiki for the NSF SaTC project TWC: Small: Intrusion Detection and Resilience Against Attacks in Cyber and Cyber-Physical Control Systems**

NSF award number: CNS-1421122.

**PI: Stéphane Lafortune**

#### Abstract

This project investigates of a novel methodology for analyzing and designing secure cyber and cyber-physical systems that contain feedback control loops and that interact with their environment through a set of potentially vulnerable sensors and actuators. The actuators and sensors can be compromised by a malicious attacker intent on altering the system behavior by corrupting sensor values or actuator commands, thereby enabling or forcing the execution of unsafe behavior. Using a formal model-based approach, the following problems are being investigated: (i) Detection of intrusions that result in compromised system components (sensors or actuators); (ii) Design of remedial control strategies that combat malicious attackers upon detection of intrusion; and (iii) Design of control strategies that are resilient to potential intrusions and prevent damage from being inflicted upon the system. The technical approach being pursued has its foundations in the theories of diagnosability, opacity, and supervisory control of discrete-state event-driven dynamic systems. The research plan to the problems of intrusion detection and resilience against attacks contains a creative blend of these theories with game-theoretic approaches to reactive synthesis problems, in order to capture the dynamic game between the control system (acting as the defender) and the attacker. The goal of the defender is to optimize its trade-off between functionality and vulnerability. Given the prevalence of feedback control loops in cyber and cyber-physical systems, the methodology being developed will impact a large class of technological systems that are of great societal importance.

### Publications

**Journal Papers**

- L. K. Carvalho, Y.-C. Wu, R. Kwong, and S. Lafortune, “Detection and Mitigation of Classes of Attacks on Supervisory Control Systems“, Automatica, Vol. 97, pp. 121-133, November 2018.
- Y. Ji, Y.C. Wu, and S. Lafortune, “Enforcement of Opacity by Public and Private Insertion Functions“, Automatica, Vol. 93, pp. 369-378, July 2018.
- Y.-C. Wu, V. Raman, B.C. Rawlings, S. Lafortune, and S. Seshia, “Synthesis of Obfuscation Policies to Ensure Privacy and Utility“, Journal of Automated Reasoning, Vol. 60, No. 1, pp. 107-131, January 2018.
- X. Yin and S. Lafortune, “On the Decidability and Complexity of Diagnosability for Labeled Petri Nets“, IEEE Transactions on Automatic Control, Vol. 62, No. 11, pp. 5931-5938, November 2017.
- X. Yin and S. Lafortune, “Verification Complexity of a Class of Observational Properties for Modular Discrete Event Systems“, Automatica, Vol. 83, pp. 199-205, September 2017.
- X. Yin and S. Lafortune, “A New Approach for the Verification of Infinite-Step and K-Step Opacity using Two-Way Observers“, Automatica, Vol. 80, pp. 162-171, June 2017.
- X. Yin and S. Lafortune, “A uniform approach for synthesizing property-enforcing supervisors for partially-observed discrete-event systems”, IEEE Transactions on Automatic Control, Vol. 61, No. 8, pp. 2140-2154, August 2016.
- X. Yin and S. Lafortune, “Codiagnosability and coobservability under dynamic observations: Transformation and verification”, Automatica, vol. 61, pp. 241-252, November 2015.

**Conference Papers**

- S. Mohajerani, Y. Ji, and S. Lafortune, “Efficient Synthesis of Edit Functions for Opacity Enforcement using Bisimulation-based Abstractions”, Proceedings of the 57th IEEE Conference on Decision and Control, December 2018.
- R. Meira-Goes, B.C. Rawlings, N. Recker, G. Willett, and S. Lafortune, “Demonstration of Indoor Location Privacy Enforcement using Obfuscation“, 14th IFAC Workshop on Discrete Event Systems WODES 2018, pp. 145-151, June 2018.
- C. Keroglou, S. Lafortune, and L. Ricker, “Insertion Functions with Memory for Opacity Enforcement“, 14th IFAC Workshop on Discrete Event Systems WODES 2018, pp. 394-399, June 2018.
- Y. Ji, X. Yin, and S. Lafortune, “Opacity Enforcement by Insertion Functions under Energy Constraints“, 14th IFAC Workshop on Discrete Event Systems WODES 2018, pp. 291-297, June 2018.
- R. Meira-Goes, E. Kang, R. Kwong and S. Lafortune, “Synthesis of Stealthy Deception Attacks for Cyber-Physical Systems“, Proceedings of the 56th IEEE Conference on Decision and Control, December 2017.
- Y. Ji and S. Lafortune, “Enforcing Opacity by Publicly Known Edit Functions“, Proceedings of the 56th IEEE Conference on Decision and Control, December 2017.
- C. Keroglou and S. Lafortune, “Verification and Synthesis of Embedded Insertion Functions for Opacity Enforcement“, Proceedings of the 56th IEEE Conference on Decision and Control, December 2017.
- X. Yin, M. Morrison, S. Sheng, and S. Lafortune, “DPO-SYNT: Discrete Control Synthesis for Partially-Observed Systems,” Proceedings of the 20th IFAC World Congress, pp. 6026-6029, July 2017.
- Y.-C. Wu, G. Lederman, and S. Lafortune, “Enhancing opacity of stochastic discrete event systems using insertion functions,” Proceedings of the 2016 American Control Conference, July 2016.
- Y.-C. Wu, V. Raman, S. Lafortune, and S.A. Seshia, “Obfuscator Synthesis for Privacy and Utility“, Proceedings of the 8th NASA Formal Methods Symposium, Lecture Notes in Computer Science, Vol. 9690, Springer, pp. 133-149 June 2016.
- X. Yin and S. Lafortune, “On Two-Way Observer and Its Application to the Verification of Infinite-Step and K-Step Opacity“, Proceedings of the 13th International Workshop on Discrete Event Systems, June 2016.
- L.K. Carvalho, Y.-C. Wu, R.H. Kwong, and S. Lafortune, “Detection and Prevention of Actuator Enablement Attacks in Supervisory Control Systems“, Proceedings of the 13th International Workshop on Discrete Event Systems, June 2016.
- Y.-C. Wu and S. Lafortune, “Synthesis of Opacity-Enforcing Insertion Functions That Can Be Publicly Known“, Proceedings of the 54th IEEE Conference on Decision and Control, pp. 3506-3513, December 2015.
- X. Yin and S. Lafortune, “A general approach for solving dynamic sensor activation problems for a class of properties”, Proc. 54th IEEE Conference on Decision and Control (CDC), Osaka, Japan, December 2015.
- X. Yin and S. Lafortune, “Minimization of sensor activation in decentralized fault diagnosis of discrete event systems”, Proc. 54th IEEE Conference on Decision and Control (CDC), Osaka, Japan, December 2015.
- X. Yin and S. Lafortune, “A New Approach for Synthesizing Opacity-Enforcing Supervisors for Partially-Observed Discrete-Event Systems“, Proceedings of the 2015 American Control Conference, pp. 377-383, July 2015.
- X. Yin and S. Lafortune, “On the relationship between codiagnosability and coobservability under dynamic observations”, Proc. 2015 American Control Conference (ACC), Chicago, USA, pp. 390-395, July 2015.

#### Software Tools

- Our technique of obfuscation by
*insertion*of fictitious events is implemented in the tool called VEiP. - Our technique of obfuscation by
*edit*functions is implemented symbolically in the tool called EdiSyn. EdiSyn is an implementation of the techniques presented in our NFM 2016 paper.

Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.