Cyberattack and Machine-Induced Fault Detection and Isolation Methodologies for Cyber-Physical Systems

Abstract

In this article, the problem of simultaneous cyberattack and fault detection and isolation (CAFDI) for both centralized and large-scale interconnected cyber-physical systems (CPSs) is studied. The proposed methodologies include centralized and distributed CAFDI approaches, which involve the use of two filters on the plant and command and control (C&C) sides of the CPS, as well as an unknown input observer (UIO)-based detector on the plant side. The article characterizes the conditions under which the proposed methodologies can detect various types of deception attacks, such as covert attacks, zero dynamics attacks, and replay attacks. In the proposed centralized CAFDI methodology, the transmission of estimates from the C&C side filter to the plant side is required, with the assumption that a certain number of communication channels are secured. Consequently, a bank UIO-based detectors are utilized on the plant side to detect and isolate anomalies. It is also assumed that adversaries have knowledge of system parameters, filters, and the UIO-based detector. To address the limitations of secure communication channels, modifications to the two side filters and the UIO-based detector have been developed and implemented that eliminates the need for any secured communication channel in the modified CAFDI module. However, information must now be sent to and received from the plant side filter. Consequently, we develop a distributed CAFDI methodology for the interconnected large-scale CPS which consists of several subsystems. Finally, a hardware-in-the-loop (HIL) simulation of a four-area power network system under presence of both cyberattacks and faults using an OPAL-RT real-time simulator and Raspberry Pi is provided to illustrate the effectiveness of our proposed distributed CAFDI methodology.