Cloud Control Systems: Analysis, Design and Estimation ()

Cover
Cloud Control Systems:
Analysis, Design and Estimation
Copyright
Contents
Dedication
About the authors
Preface
Acknowledgments
1 An overview
	1.1 Preliminaries
		1.1.1 Real-time distributed control systems
		1.1.2 Synopsis of the security problem
	1.2 Basics of cloud control systems
		1.2.1 Cloud control security
		1.2.2 Different types of cyber attacks
		1.2.3 Passive versus active attacks
		1.2.4 Fundamental requirements
		1.2.5 Design consideration
	1.3 A view on modeling cloud control systems
		1.3.1 Development and activities
		1.3.2 Architecture of cloud control systems
	1.4 Notes
2 Cloud control systems venture
	2.1 Introduction
		2.1.1 Characteristics
		2.1.2 Cloud control system venture
		2.1.3 Security
	2.2 Cloud control system security objectives
		2.2.1 Confidentiality
		2.2.2 Integrity
		2.2.3 Availability
		2.2.4 Reliability
		2.2.5 Robustness
		2.2.6 Trustworthiness
	2.3 Types of attacks in cloud control system
		2.3.1 Detection of cyber attacks
		2.3.2 Bayesian detection with binary hypothesis
		2.3.3 Weighted least-squares approaches
		2.3.4 χ2 Detector based on Kalman filters
		2.3.5 Fault detection and isolation techniques
	2.4 Denial-of-service attacks
		2.4.1 Approaches of modeling a denial-of-service attack
			2.4.1.1 Queuing model
			2.4.1.2 Stochastic model
		2.4.2 Secure estimation approaches
		2.4.3 Secure control approaches of denial-of-signal attack
			2.4.3.1 Stochastic time delay system approach
			2.4.3.2 Impulsive system approach, hybrid model
			2.4.3.3 Small-gain approach
			2.4.3.4 Triggering strategy
			2.4.3.5 Game theory approach
		2.4.4 Jamming attack
	2.5 Deception attack
		2.5.1 Modeling the deception attack
		2.5.2 Secure estimation approaches of the deception attack
		2.5.3 Secure control approaches of the deception attack
		2.5.4 Replay attack
	2.6 Notes
3 Distributed denial-of-service attacks
	3.1 Introduction
	3.2 Methods and tools
		3.2.1 DDoS strategy
		3.2.2 Types of DDoS attacks
	3.3 Detection techniques against DDoS attacks
		3.3.1 Literature review
		3.3.2 Signature-based detection technique
		3.3.3 Anomaly-based detection technique
		3.3.4 Artificial neural network intrusion detection techniques
		3.3.5 Genetic algorithm intrusion detection systems
	3.4 Epilogue
	3.5 Stabilization of distributed discrete systems
		3.5.1 Introduction
		3.5.2 Distributed cloud control system (DCCS)
		3.5.3 Characteristics of the denial-of-service attacks
		3.5.4 Nominal design results
		3.5.5 A small-gain approach for distributed CPS
		3.5.6 Stability analysis under denial-of-service attacks
		3.5.7 Illustrative example
	3.6 Notes
4 Distributed cloud control systems
	4.1 Introduction and wireless control design challenge
	4.2 Embedded virtual machines
		4.2.1 Network CCS related work
		4.2.2 Design flow of embedded virtual machines
		4.2.3 Platform-independent domain-specific language
		4.2.4 Control problem synthesis
	4.3 EVM architecture
		4.3.1 Embedded virtual machine extensions to the nano-RK RTOS
		4.3.2 Virtual component interpreter
		4.3.3 Virtual tasks
		4.3.4 Virtual component manager
			4.3.4.1 Virtual task handling (controlled by the VT handler)
				4.3.4.1.1 VC state
				4.3.4.1.2 VT migration and activation
				4.3.4.1.3 Control of tasks executed on other nodes
				4.3.4.1.4 VT assignment
			4.3.4.2 Network management (performed by the network manager)
				4.3.4.2.1 Transparent radio interface
				4.3.4.2.2 Logical-to-physical address mapping
	4.4 Virtual task assignment
		4.4.1 General formulation
		4.4.2 Problem relaxation
	4.5 EVM runtime operation
		4.5.1 Adaptation to planned and unplanned network changes
		4.5.2 Communication schedulability analysis
		4.5.3 Computation schedulability analysis
	4.6 EVM implementation
		4.6.1 EVM case study
		4.6.2 Limitations of the EVM approach
	4.7 Wireless control networks
		4.7.1 An intuitive overview
		4.7.2 Model development
	4.8 Synthesis of an optimal wireless control network
		4.8.1 Robustness to link failures
		4.8.2 Wireless control networks with observer style updates
	4.9 Robustness to node failure
	4.10 Control of continuous-time plants
	4.11 Process control application
		4.11.1 Case description
		4.11.2 Wireless control network experimental platform
		4.11.3 Wireless control networks results
	4.12 Notes
5 Secure stabilization of distributed systems
	5.1 Introduction
	5.2 Networked distributed system
		5.2.1 Denial-of-service attacks-frequency and duration
	5.3 Analytical results
		5.3.1 A small-gain approach
		5.3.2 Stabilization under denial of service
	5.4 Approximation of resilience with reduced communication
		5.4.1 Zeno-free event-triggered control
		5.4.2 Hybrid transmission strategy under DoS
	5.5 Simulation results
		5.5.1 Simulation example 1
		5.5.2 Simulation example 2
	5.6 Notes
6 False data injection attacks
	6.1 Related work
	6.2 Kalman filter-based systems
		6.2.1 Physical plant
		6.2.2 Data buffer
		6.2.3 Communication network
		6.2.4 Control prediction generator
		6.2.5 Network delay compensator
	6.3 FDI attacks
		6.3.1 Design results
	6.4 Simulation results
		6.4.1 Case 1: A and F are stable
		6.4.2 Case 2: A is stable and F is unstable
		6.4.3 Case 3: A is unstable and F is stable
	6.5 Experimental results
		6.5.1 Case 1: F is stable
		6.5.2 Case 2: F is unstable
	6.6 Notes
7 Stabilization schemes for secure control
	7.1 Introduction and objectives
		7.1.1 Process dynamics and ideal control action
		7.1.2 DoS and actual control action
		7.1.3 Control objectives
		7.1.4 Stabilizing control update policies
	7.2 Input-to-state stability under denial of service
		7.2.1 Assumptions of time-constrained denial of service
		7.2.2 Input-to-state stability under denial of service
		7.2.3 Disturbance-free case
		7.2.4 Resilient control logic
		7.2.5 Periodic sampling logic
	7.3 Event-based periodic sampling logic
		7.3.1 Self-triggering sampling logic
		7.3.2 Simulation examples and discussions
		7.3.3 Numerical example
		7.3.4 Slow-on-the-average DoS: disturbance-free case
	7.4 Observer-based secure control
		7.4.1 Problem formulation
		7.4.2 Design results
		7.4.3 Illustrative example I
	7.5 Stabilization of discrete-time systems under DoS attack
		7.5.1 Preliminaries
		7.5.2 Discrete-time distributed system
		7.5.3 Characteristics of the DoS attacks
		7.5.4 Design results
		7.5.5 The small-gain approach
		7.5.6 Stability analysis under DoS attacks
		7.5.7 Illustrative example II
	7.6 Notes
8 Secure group consensus
	8.1 Couple-group consensus conditions under denial-of-service attacks
		8.1.1 Introduction
		8.1.2 Algebraic graph theory
		8.1.3 Consensus problem
		8.1.4 Group consensus
		8.1.5 Attack model
		8.1.6 First-order group consensus under DoS attack
		8.1.7 Simulation studies
	8.2 Adaptive cluster consensus with unknown control coefficients
		8.2.1 Introduction
		8.2.2 Algebraic graph theory
		8.2.3 Consensus
		8.2.4 Group consensus
		8.2.5 Single-integrator linear dynamics
		8.2.6 Single integrator with nonlinear dynamics
		8.2.7 Linear double-integrator dynamics
		8.2.8 Nonlinear dynamics
		8.2.9 Simulation studies
		8.2.10 Single integrator with linear dynamics
		8.2.11 Single integrator with nonlinear dynamics
		8.2.12 Double integrator with linear dynamics
		8.2.13 Double integrator with nonlinear dynamics
	8.3 Notes
9 Cybersecurity for the electric power system
	9.1 Problem description
	9.2 Risk assessment methodology
		9.2.1 Risk analysis
		9.2.2 Risk mitigation
	9.3 Power system control security
		9.3.1 Model of microgrid system
		9.3.2 Observation model and cyber attack
		9.3.3 Cyber attack minimization in smart grids
		9.3.4 Stabilizing feedback controller
	9.4 Security of a smart grid infrastructure
		9.4.1 Introduction
		9.4.2 A cyber-physical approach to smart grid security
		9.4.3 Cybersecurity approaches
		9.4.4 System model
		9.4.5 Cybersecurity requirements
		9.4.6 Attack model
			9.4.6.1 Attack entry points
			9.4.6.2 Adversary actions
				Cyber consequences:
				Physical consequences:
		9.4.7 Countermeasures
			9.4.7.1 Key management
		9.4.8 Secure communication architecture
		9.4.9 System and device security
		9.4.10 System-theoretic approaches
		9.4.11 Security requirements
		9.4.12 Attack model
		9.4.13 Countermeasures
		9.4.14 Bad data detection
		9.4.15 The need for cyber-physical security
		9.4.16 Defense against replay attacks
		9.4.17 Cybersecurity investment
	9.5 Notes
10 Resilient design under cyber attacks
	10.1 Introduction
	10.2 Problem statement
		10.2.1 System model
		10.2.2 Attack monitor
		10.2.3 Switching the controller
		10.2.4 Simulation results I
	10.3 Secure control subject to stochastic attacks
		10.3.1 Problem formulation and preliminaries
		10.3.2 Design results
		10.3.3 Simulation results II
	10.4 Notes
11 Safety assurance under stealthy cyber attacks
	11.1 Introduction
	11.2 Cloud system model subject to cyber attacks
	11.3 Stealthy deception attack design
		11.3.1 Actuators are compromised
		11.3.2 Sensors are compromised
		11.3.3 Both actuators and sensors are compromised
		11.3.4 Application to UAV navigation systems
	11.4 Notes
12 A unified game approach under DoS attacks
	12.1 Introduction
	12.2 Problem description
		12.2.1 Model of NCS subject to DoS attack
		12.2.2 MTOC and CTOC design
		12.2.3 Defense and attack atrategy design
	12.3 MTOC and CTOC control strategies
	12.4 Defense and attack strategies
		12.4.1 Development of defense strategies
		12.4.2 Development of attack strategies
	12.5 Validation results
		12.5.1 Building model description
		12.5.2 Strategy design
		12.5.3 Robust study
		12.5.4 Comparative study
	12.6 Experiment verification
	12.7 Notes
13 Secure estimation subject to cyber stochastic attacks
	13.1 Estimation against stochastic cyber attacks
		13.1.1 Introduction
		13.1.2 Problem formulation
		13.1.3 Secure estimation design results
		13.1.4 Illustrative example I
	13.2 Resilience state estimation against integrity attacks
		13.2.1 Introduction
		13.2.2 System model
		13.2.3 Attack model
		13.2.4 Generic resilient estimator
		13.2.5 Resilient estimator with L1-penalty
		13.2.6 Resilience analysis
		13.2.7 Necessary and sufficient conditions
		13.2.8 Performance evaluation without attacks
		13.2.9 Performance evaluation under attacks
		13.2.10 Illustrative example II
	13.3 Notes
14 Cloud-based approach in data centers
	14.1 Preliminaries
		14.1.1 A modeling approach
		14.1.2 Architecture
		14.1.3 Tier levels
	14.2 Modeling and control for energy efficiency
		14.2.1 Server level control
		14.2.2 Group level control
		14.2.3 Data center level control
	14.3 A cloud control system model of data centers
		14.3.1 Computational network
		14.3.2 Thermal network
		14.3.3 Control strategies
		14.3.4 Baseline controller
		14.3.5 Uncoordinated controller
		14.3.6 Coordinated controller
		14.3.7 Simulation results I
		14.3.8 A cyber-physical index for data centers
	14.4 Dynamic server provisioning
		14.4.1 Zone level model
		14.4.2 System dynamics
		14.4.3 Performance model
		14.4.4 Data center level model
		14.4.5 Zone-level controller
		14.4.6 Data center level controller
		14.4.7 Simulation results II
	14.5 Notes
References
Index
Back Cover