Next Article in Journal
An Adaptive Delay-Tolerant Routing Algorithm for Data Transmission in Opportunistic Social Networks
Next Article in Special Issue
Compliance with HIPAA and GDPR in Certificateless-Based Authenticated Key Agreement Using Extended Chaotic Maps
Previous Article in Journal
Low-Cost Implementation of Passivity-Based Control and Estimation of Load Torque for a Luo Converter with Dynamic Load
Previous Article in Special Issue
Distance-Based Resource Allocation for Vehicle-to-Pedestrian Safety Communication
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

A Distributed Observer-Based Cyber-Attack Identification Scheme in Cooperative Networked Systems under Switching Communication Topologies

1
Department of Mechanical and Construction Engineering, Northumbria University, Newcastle upon Tyne NE1 8ST, UK
2
LAMIH UMR CNRS 8201, Université Polytechnique Hauts-de-France, 59313 Valenciennes, France
*
Author to whom correspondence should be addressed.
Electronics 2020, 9(11), 1912; https://doi.org/10.3390/electronics9111912
Submission received: 16 October 2020 / Revised: 9 November 2020 / Accepted: 11 November 2020 / Published: 13 November 2020
(This article belongs to the Special Issue Emerging Trends and Approaches to Cyber Security)

Abstract

:
This paper studies an approach for detecting cyber attacks against networked cooperative systems (NCS) that are assumed to be working in a cyber-physical environment. NCS are prone to anomalies both due to cyber and physical attacks and faults. Cyber-attacks being more hazardous given the cooperative nature of the NCS may lead to disastrous consequences and thus need to be detected as soon as they occur by all systems in the network. Our approach deals with two types of malicious attacks aimed at compromising the stability of the NCS: intrusion attacks/local malfunctions on individual systems and deception/cyber-attacks on the communication between the systems. In order to detect and identify such attacks under switching communication topologies, this paper proposes a new distributed methodology that solves global state estimation of the NCS where the aim is identifying anomalies in the networked system using residuals generated by monitoring agents such that coverage of the entire network is assured. A cascade of predefined-time sliding mode switched observers is introduced for each agent to achieve a fast estimate of the global state whereby the settling time is an a priori defined parameter independently of the initial conditions. Then, using the conventional consensus algorithm, a set of residuals are generated by the agents that is capable of detecting and isolating local intrusion attacks and communication cyber-attacks in the network using only locally exchanged information. In order to prove the effectiveness of the proposed method, the framework is tested for a velocity synchronization seeking network of mobile robots.

1. Introduction

Networked Control Systems are control systems where the control loops are closed through a communication network whereby necessary signals for the control mission are exchanged among the system components through a network, namely wireless. Indeed, one of the main advantages of such systems is the capability of connecting their cyberspace to their physical space thus enabling the execution of several tasks from long distance. Figure 1 represents an example of a NCS, its environment and basic components. These systems, sometimes referred to as cyber-physical systems (CFS) [1,2] or multi-agent systems (MAS) in the literature [3], have attracted a lot of research interest in recent years due to their numerous potential use in various applications and industries ranging from flocking of mobile vehicles, terrestrial exploration, manufacturing plant monitoring, formation control in spacecraft flights to unmanned aerial vehicles and autonomous underwater vehicles, just to mention a few (see [4,5,6,7,8,9]).
However, the nature of NCS makes them extremely vulnerable to external malicious attacks while sharing information through a wireless network, which may compromise the efficiency of cooperative control algorithms and can lead to heavily degraded performances of the overall system and possibly to catastrophic effects. Consequently, the issue of cyber security in such systems has been attracting considerable attention in the literature [10,11].
Some of the research works have focused on local physical component faults, namely actuator and sensor faults (e.g., [12,13,14,15,16]). A relatively recent survey of different approaches to fault diagnosis in swarm systems was presented in [17], where the advantages of distributed designs in contrast with centralized and decentralized ones have been highlighted.
System security plays an increasingly enhanced role in the reliability of NCS as it allows for maintaining unbiased user defined coordination between the agents by detecting violating and malicious information. A few potential ways to violate security measures are deception or cyber-attacks. Indeed, these types of attacks are usually more difficult to identify as they can be coordinated. They typically include false data injection attacks (FDIA) [18], denial of service (DoS) [19], replay attacks [20], amongst others. Indeed, such types of attacks are aimed at destabilising the network by injecting control structures with deceptive information. A number of instances have been outlined in the past [21]. Detecting them has thus become a central focus for system security and control.

2. Related Work and Contribution

When it comes to cyber security in NCS, some of the works in literature has tackled problems such as false data injection in state estimation [18], secure computations in networked systems [22], to name a few. One way to increase resilience of MAS with respect to these faults is to design a robust control algorithm that is resilient to the effects of certain faults and attacks [23]. Another way, as pointed out in [24], is to develop monitoring schemes to detect failures in the MAS caused by attacks and faults.
On the other hand, [25] has provided an exhaustive literature review on model-based techniques in fault detection and isolation where observer-based techniques have proven to be powerful software-based tools in fault diagnosis due to their efficiency and online implementation capability. Such techniques have been used for instance in [26,27,28,29,30,31,32,33,34,35] for cyber-attack detection in NCS.
However, most of the works on observer-based attack detection of control systems consider centralized architectures, second order systems or do not consider the case of a possibly dynamic communication topologies. Unfortunately, the study of global fault detection for NCS with switching topologies subject to cyber-attacks is still in its infancy.
Motivated by all of the above and the recent works in [36] where a novel approach called predefined-time stability has been proposed, this paper introduces a new approach to identify faults and deception attacks in a cooperating networked system with a switching topology. The objective in this work is to deal with these non-cooperative and malicious activities. The proposed protocol makes an agent act as a central node monitoring the whole system activities in a distributed fashion. Compared to the existing works in the literature, our main contributions are:
(1)
The design of a bank of distributed predefined-time sliding mode observers (SMO) for global state estimation for a multi-agent system with integrator dynamics whereby the convergence time is an a priori user defined parameter, in order to overcome the problem of attack detection under switching topologies.
(2)
A residual based approach is proposed where the equivalent control concept is used to detect different faults and attacks that might occur anywhere in the system (i.e., an intrusion attack reflective of a local malfunction in agent or a cyber-attack affecting a communication link between two agents) in a distributed way based on the topological properties of the network. This allows detection and identification of multiple simultaneous attacks and intrusions.
The rest of the manuscript is organized as follows: Section 2 provides a brief background on graph theory. Section 3 introduces some important definitions, lemmas and the problem formulation of the global fault detection and identification issue. Section 4 presents the main results, namely the design of banks of distributed predefined-time sliding mode observers for state estimation and residual generation based on local information. Section 5 presents numerical simulation results, where our approach is applied in the context of a practical application to consensus seeking fleet of mobile robots, in order to show the efficacy of our approach. Finally, Section 6 draws the main conclusions of this work and present future scopes for research on the considered topic.
Notations: The superscript T stands for the matrix transpose and we denote by I the identity matrix and by 1 the vector with all elements one, both with appropriate dimensions. The set of real-valued m × n matrices is given by I R m × n . λ min · represents the smallest non-zero eigenvalue of a square matrix [ · ] . · 1 and · 2 denote the 1- and 2- norms, respectively. ( · ) e q refers to the equivalent control value of ( · ) and D + ( · ) refers to the upper right-hand Dini derivative of ( · ) . For the sake of simplicity, the time argument is omitted when it is not required for clarity. Table 1 presents a list of the employed acronyms:

3. Graph Theory

In this paper, we are going to refer to networked systems as multi-agent systems and given that networked multi-agent systems need to exchange information amongst them, it is natural to model them using graph theory. In general, a communication topology composed of N systems is represented by Q = ( N , F ) whereby N = { 1 , . . . , N } is the node set consisting of N nodes/vertices each representing an agent, and F N × N is the edge set representing the communication links between two agents. Here, we shall assume that Q is connected, undirected and N i { 1 , . . . , N } { i } is a non-empty subset of agents that agent i can interact with. In this work, we shall further assume that the communication topology is time-varying. As a result, we denote by T ˜ = τ 1 , τ 2 , . . . , τ M set of all possible known topologies and by M : = { 1 , . . . , M } the set of indices corresponding to these topologies. More precisely, the communication topology is characterised by a switching graph Q σ ( t ) = Q ( t ) where σ ( t ) : [ 0 , ) M is piecewise constant switching signal and determines the communication topology with 0 = t 0 < t 1 < t 2 . . . being the switching instants of σ ( t ) . Furthermore, it is assumed that σ ( t ) satisfies the minimum dwell time condition [37], and t w + 1 t w = τ w < T w with T w a known constant. Therefore, when σ ( t ) = s M , the topology Q ( t ) = Q σ ( t ) = Q s is activated. For the rest of this paper, we refer to the active mode using the superscript s . The adjacency matrix A s = [ a i j s ] I R N × N is defined by a i j s > 0 when the i t h agent can receive information from the j t h agent and a i j s = 0 otherwise. The diagonal of matrix A s is null since self-connections are not allowed. Let D s be the in-degree diagonal matrix with entries d i s = j = 1 N a i j s . Then, the Laplacian matrix L s is defined as:
L s = D s A s I R N × N
Let us denote by L i s I R ( N 1 ) × ( N 1 ) the Laplacian matrix L s defined without agent i, and by:
L i , s = d i a g ( 1 i , s , , i 1 i , s , i + 1 i , s , , N i , s ) I R ( N 1 ) × ( N 1 )
the associated diagonal matrix defining the interconnections between agent i and the remaining agents under the active topology s , k i , s > 0 if information of agent i is accessible by the k t h agent; otherwise k i , s = 0 .

4. Preliminaries and Problem Statement

Before stating the main results, a brief overview of the techniques employed in our work are presented hereafter.

4.1. Definitions and Useful Lemmas

Consider the following nonlinear system:
ξ ˙ ( t ) = Φ ( t , ξ ( t ) ; ϕ ) ξ ( 0 ) = ξ 0
where ξ ( t ) I R n is the state and ϕ I R g where g I N is the system parameters considered to be constant ( ϕ ˙ = 0 ). Φ : I R + × I R n is assumed to be a nonlinear function with its origin as an equilibrium point, i.e., Φ ( t , 0 ; ϕ ) = 0 .
Definition 1
([38]). The origin of (1) is said to be globally finite-time stable if it is globally asymptotically stable and any solution ξ ( t , ξ 0 ) of (1) reaches the equilibrium point at some finite time moment, i.e., t Γ ( ξ 0 ) , ξ ( t , ξ 0 ) = 0 , where Γ : I R n I R + { 0 } is called the settling-time function.
Definition 2
([39]). The origin of (1) is a globally fixed-time equilibrium if it is globally finite-time stable and there exists a strictly positive number T m a x such that for all ξ 0 I R n the settling-time function Γ : I R n I R + is bounded, i.e., Γ ( ξ 0 ) T m a x for all ξ 0 I R n , the solution ξ ( t , ξ 0 ) of system (3) is defined and ξ ( t , ξ 0 ) I R n for t [ 0 , T m a x ) : lim t T m a x ξ ( t , ξ 0 ) = 0 .
Definition 3
([36]). For the parameter vector ϕ of system (1) and a constant T p : = T p ( ϕ ) > 0 , the origin of (1) is said to be predefined-time stable if it is fixed-time stable and the settling-time function Γ : I R n I R is such that for all ξ 0 I R n , Γ ( ξ 0 ) T p and T p = sup ξ 0 I R n Γ ( ξ 0 ) .
Let us recall some lemmas concerning predefined-time stability.
Lemma 1
([40]). Consider the system
ξ ˙ ( t ) = α | ξ ( t ) | p + η | ξ ( t ) | q r sign ( ξ ( t ) ) , ξ ( 0 ) = ξ 0
with ξ I R . The parameters of the system are real numbers α , η , p , q , r > 0 satisfying the constraints r p < 1 , r q > 1 . Let ϕ = [ α , η , p , q , r ] T I R 5 be the parameter vector, then its origin ξ = 0 is fixed-time stable and the settling time function satisfies T ( ξ 0 ) T f = γ ( ϕ ) , where:
γ ( ϕ ) = Γ ( 1 r p q p ) Γ ( r q 1 q p ) Γ ( r ) ( q p ) α r α η 1 r p q p
and Γ ( · ) is the well known Gamma function defined as Γ ( z ) = 0 + e t t z 1 d t .
Remark 1.
The concept of predefined-time stability is introduced where a settling time bound T p is set in advance as a function of system parameters ϕ, i.e., T p = T p ( ϕ ) , and a strong notion of this class of stability is given when T p = T f , i.e., T p is the least upper bound of the settling time.
Lemma 2
([40]). Let us consider the nonlinear system (1) with ξ ( 0 ) as the initial condition, where ξ ( t ) I R n is the state and ϕ I R u with u I N , is the system parameters considered to be constant. Φ : I R + × I R n is assumed to be a nonlinear function with its origin as an equilibrium point. Suppose there exists a continuous radially unbounded candidate Lyapunov function V : I R n I R such that
V ( 0 ) = 0 V ( ξ ) > 0 , ξ I R n { 0 } ,
and its derivative along the trajectories of (1) satisfies
D + V ( ξ ) γ ( ϕ ) T p α V p + η V q r , ξ I R n { 0 } ,
with α , η , p, q, r > 0 , r p < 1 , r q > 1 , γ ( ϕ ) is given in (2) and D + V is the upper right-hand Dini derivative of V ( ξ ) . Then, the origin is predefined-time stable with predefined time T p .
Now, let us recall some complementary key lemmas that will be used throughout this paper.
Lemma 3.
Let n N . If a = ( a 1 , , a n ) is a sequence of positive numbers, then the following inequality is satisfied:
1 n i = 1 N a i α a i p + η a i q k 1 n i = 1 N a i α 1 n i = 1 N a i p + η 1 n i = 1 N a i q k
for α , η , p , q , k > 0 with p k < 1 and q k > 1 .
Lemma 4.
Let f be the function defined as
f ( z ) = z ( α z p + η z q ) k
for α , η , p , q , k > 0 with p k < 1 and q k > 1 . Then, f ( z ) is monotonically increasing for all z > 0 .
Lemma 5
([41]). Let z = [ z 1 , , z N ] T I R N and
| | z | | p = i = 1 N | z i | p p
Then, l r : | | z | | l | | z | | r .

4.2. Problem Statement

Consider a homogeneous multi-agent system composed of N agents labelled by i { 1 , . . . , N } , and described by the following n t h -order dynamics
ξ ˙ i , 1 ( t ) = ξ i , 2 ( t ) ξ ˙ i , 2 ( t ) = ξ i , 3 ( t ) ξ ˙ i , n 1 ( t ) = ξ i , n ( t ) ξ ˙ i , n ( t ) = u i ( t ) + f i a ( t ) z i ( t ) = ξ i , 1 ( t )
where ξ i , l ( t ) I R is agent i’s l t h state variable with ξ i ( t ) = [ ξ i , 1 ( t ) , ξ i , 2 ( t ) , . . . , ξ i , n ( t ) ] T I R n , f i a ( t ) I R is a process fault affecting the dynamics of the agent which could be exogenous and might correspond to an internal malfunction, local intrusion attack, etc, u i ( t ) I R is the control input and z i ( t ) I R is agent i’s internal measurement. Note that there is a multitude of practical applications of such systems, namely robotic systems, power systems, etc. Research on cyber-attack identification for such systems is of both practical and theoretical significance.
Furthermore, it is considered that agents have access to their control inputs, but they do not receive their neighbours’ inputs. If needed, they have to reconstruct them using state estimates from exchanged information which are possibly corrupted. The exchanged information is expressed as
z k i ( t ) = k i , s ( z i ( t ) + f ˇ k i e ( t ) ) , z ^ i k j ( t ) = a k j s ( z ^ i j ( t ) + f k j e ( t ) )
where z k i ( t ) I R is agent i’s output signal sent to agent k with z k k ( t ) = z k ( t ) , and z ^ i k j ( t ) I R is agent j’s estimate of agent i’s output which is sent to agent k, the term z ^ i j ( t ) will be defined in the next Section. Both pieces of information are subject to an edge fault denoted f ˇ k i e ( t ) I R and f k j e ( t ) I R , respectively. Note that, these types of faults may affect all broadcasted information of an agent to another. This might include DoS, FDIA, deception attacks, cyber-attacks, etc. In this paper, a solution to the following questions is investigated:
  • How can we detect a cyber-attack anywhere in the MAS while keeping a distributed approach of the detection scheme?
  • How can we distinguish said attacks from local malfunctions/intrusions?
The conceptual idea in this work is that information locally produced by the sensors is considered to be secure, while the one sent over the communication network/cyber layer of the system is vulnerable to external attacks. The next section lays out our main results.

5. Proposed Methodology

The proposed distributed bank of predefined-time observers for output and state estimation and global cyber-attack detection scheme is laid out in this section.

5.1. Global Output and State Estimation

Let us define the ’monitored’ agent i as the agent to be diagnosed by a ‘monitoring’ agent k. First, let us consider the case of a fixed communication topology, where no cyber-attack exists in the system (i.e., f ˇ k i e = f k j e = 0 ). Denote by ξ ^ i , l k , agent k’s estimate of the l t h state variable of agent i and by z ^ i k , agent k’s estimate of agent i’s output. The proposed distributed switched observer takes the following structure:
ξ ^ ˙ i , 1 k = ξ ^ i , 2 k + V ( I i , 1 k ) = z ^ i k ξ ^ ˙ i , n 1 k = ξ ^ i , n k + E n 2 s V ( I i , n 1 k ) ξ ^ ˙ i , n k = E n 1 s V ( I i , n k )
with V ( I i , l k ) = κ l k , s ( α | I i , l k | p + η | I i , l k | q ) r + δ l s sign ( I i , l k ) ,
I i , 1 k = j = 1 N a k j s ( z ^ i k j z ^ i k ) + k i , s ( z k i z ^ i k ) I i , m k = ξ ˜ i , m k ξ ^ i , m k , m { 2 , . . . , n }
The auxiliary state variables ξ ˜ i , m k , m { 2 , . . . , n } are defined as
ξ ˜ i , 2 k = ξ ^ i , 2 k + E 1 s κ 1 k , s δ 1 s sign ( I i , 1 k ) e q ξ ˜ i , n 1 k = ξ ^ i , n 1 k + E n 2 s κ n 2 k , s δ n 2 s sign ( I i , n 2 k ) e q ξ ˜ i , n k = ξ ^ i , n k + E n 1 s κ n 1 k , s δ n 1 s sign ( I i , n 1 k ) e q
where the subscript e q denotes the equivalent value of sign function. In the following, it is assumed that the effect of the filter dynamics is negligible w.r.t. those of the observer. Let us define the errors as
ε i , 1 k = z k i z ^ i k ε i , m k = ξ i , m ξ ^ i , m k , m { 2 , . . . , n }
Differentiating them yields the following error dynamics:
ε ˙ i , 1 k = ε i , 2 k κ 1 k , s ( α | I i , 1 k | p + η | I i , 1 k | q ) r + δ 1 s sign ( I i , 1 k )   ε ˙ i , n 1 k = ε i , n k E n 2 s κ n 1 k , s ( ( α | I i , n 1 k | p + η | I i , n 1 k | q ) r   + δ n 1 s ) sign ( I i , n 1 k ) ε ˙ i , n k = u i + f i a E n 1 s κ n k , s ( α | I i , n k | p + η | I i , n k | q ) r + δ n s sign ( I i , n k )
where I i , 1 k can be expressed in terms of the output estimation errors as I i , 1 k = j = 1 N a k j s ( ε i , 1 j ε i , 1 k ) + k i , s ε i , 1 k . Putting (8) in compact form, the following is obtained:
E ˙ i , 1 = E i , 2 H ( E i , 1 ) E ˙ i , n 1 = E i , n E n 2 s H ( E i , n 1 ) E ˙ i , n = 1 ( u i + f i a ) E n 1 s H ( E i , n )
where for each agent i { 1 , . . . , N } and l { 1 , . . . , n } , the estimation errors, the state estimates and the auxiliary variables are concatenated in the vectors: E i , l = [ ε i , l 1 , . . . , ε i , l N ] T , X ^ i , l = [ ξ ^ i , l 1 , . . . , ξ ^ i , l N ] T , X ˜ i , l = [ ξ ˜ i , l 1 , . . . , ξ ˜ i , l N ] T . Let us denote L i s = L i , s + L i s . The terms H ( E i , l ) , l { 1 , . . . , n } are expressed as
H ( E i , 1 ) = κ 1 i , s ( α | L i s E i , 1 | p + η | L i s E i , 1 | q ) k + δ 1 s sign ( L i s E i , 1 ) H ( E i , m ) = κ m i , s ( α | E i , m | p + η | E i , m | q ) k + δ m s sign ( E i , m ) , m { 2 , . . . , n }
Assumption 1.
For every agent, the state variables, the control and fault signals are bounded, and their maximum values are known, i.e., for ξ ¯ i , l , u ¯ , f ¯ a I R + , i { 1 , . . . , N } and l { 1 , . . . , n } : | ξ i , l ( t ) | ξ ¯ i , l , | u i ( t ) | u ¯ , | f i a ( t ) | f ¯ a .
Theorem 1.
Given Assumption 1, for a fixed communication topology and in the absence of cyber-attack, for each agent, the observation errors (9) converge towards zero in a predefined time T s = j = 1 n 1 T p j , s independently of initial conditions, with the observer gains:
δ q s = ξ ¯ i , q + 1 κ q s , q { 1 , . . . , n 1 } δ n s = u ¯ + f ¯ a κ n
with
κ 1 i , s = N γ ( ϕ ) λ i s T p 1 , s κ m i , s = N γ ( ϕ ) T p m , s , m { 2 , . . . , n }
and
E q s = 1 when t j = 1 q T p j , s 0 otherwise , q { 1 , . . . , n 1 }
where κ m s = m i n { κ m 1 , s , , κ m N , s } and λ m i n ( L i s ) = λ i s . γ ( ϕ ) is defined in Equation (2), E m s represents the observer switches and T p m , s is the settling-time for each dynamic which is an user-defined parameter, considered to be the same for all of the m t h dynamics of the agents for notational convenience.
Proof of Theorem 1.
The proof is done step by step by taking advantage of the switching conditions. Indeed, due to this, at each step, only a one-dimensional, corresponding sub-dynamical system is studied.
Step 1: Initially, E 1 s = E 2 s = . . . = 0 , the error dynamics are expressed as
E ˙ i , 1 = E i , 2 H ( E i , 1 ) E ˙ i , n 1 = E i , n E ˙ i , n = 1 ( f i a + u i )
Consider the following Lyapunov function associated with the concatenated first error dynamics of the agents
V 1 i = 1 N λ i s E i , 1 T L i s E i , 1
Differentiating it results in
D + V 1 i = 1 N λ i s E i , 1 T L i s E i , 1 E i , 1 T L i s ( E i , 2 H ( E i , 1 ) )
By setting S 1 = [ s 1 1 , , s 1 N ] T = L i s E i , 1 , one obtains
D + V 1 i = λ i s N ( 1 E i , 1 T L i s E i , 1 i = 1 N κ 1 i , s | s 1 i | ( α | s 1 i | p + η | s 1 i | q ) r δ 1 s E i , 1 T L i s E i , 1 i = 1 N κ 1 i , s | s 1 i | + E i , 1 T L i s E i , 2 S 1 T E i , 1 )
Then, it follows that
D + V 1 i = λ i s N ( Δ 1 ( S 1 ) + Δ 2 ( S 1 ) )
with
Δ 1 ( S 1 ) = ( E i , 1 T L i s E i , 1 ) 1 2 i = 1 N κ 1 i , s | s 1 i | ( α | s 1 i | p + η | s 1 i | q ) r Δ 2 ( S 1 ) = δ 1 s ( E i , 1 T L i s E i , 1 ) 1 2 i = 1 N κ 1 i , s | s 1 i | + E i , 1 T L i s E i , 2 ( S 1 T E i , 1 ) 1 2
Considering Lemma 3, and taking into account the fact that i = 1 N κ 1 i , s κ 1 s and | | S 1 | | 1 = i = 1 N | s 1 i | , the term Δ 1 ( S 1 ) can be expressed as
Δ 1 ( S 1 ) κ 1 s | | S 1 | | 1 E i , 1 T L i s E i , 1 ( α ( 1 N i = 1 N | | S 1 | | 1 ) p + η ( 1 N i = 1 N | | S 1 | | 1 ) q ) r
Using Lemma 5, it can be shown that
| | S 1 | | 1 | | S 1 | | 2 = ( S 1 ) T ( S 1 ) = ( E i , 1 ) T ( L i s ) 2 ( E i , 1 )
By expressing E i , 1 as a linear combination of the eigenvectors of L i s , the term E i , 1 T ( L i s ) 2 E i , 1 can be bounded as
E i , 1 T ( L i s ) 2 E i , 1 λ i s E i , 1 T L i s E i , 1
Thus, using Lemma 4, one has
Δ 1 ( S 1 ) κ 1 s λ i s α ( V 1 i ) p + η ( V 1 i ) q r
On the other hand, from the second term Δ 2 ( S 1 ) , the following can be deduced
Δ 2 ( S 1 ) λ i s δ 1 s | | S 1 | | i = 1 N κ 1 i , s | s 1 i | + ( S 1 ) T | | S 1 | | ( E i , 2 ) λ i s ( κ 1 s δ 1 s + ξ ¯ i , 2 ) 0
By combining (16) and (17), the following is obtained from (13)
D + V 1 i κ 1 s N λ i s α ( V 1 i ) p + η ( V 1 i ) q r γ ( ϕ ) T p 1 , s α ( V 1 i ) p + η ( V 1 i ) q r
Therefore, in accordance with Lemma 2, E i , 1 converges towards the origin with the settling time T p 1 , s (i.e., E i , 1 = E ˙ i , 1 = 0 ). As a result, at t = T p 1 , s ( E 1 s = 1 ), we have
E i , 2 H ( E i , 1 ) e q = X i , 2 X ^ i , 2 H ( E i , 1 ) e q = 0
Hence, one gets X ˜ i , 2 = X i , 2 . At this point, one can go to the next step.
Step 2: At t = T p 1 , s , the error dynamics become
E ˙ i , 2 = E i , 3 H ( E i , 2 ) E ˙ i , n 1 = E i , n E ˙ i , n = 1 ( f i a + u i )
Selecting the Lyapunov function V 2 i = 1 N E i , 2 T E i , 2 and by following the same reasoning as before, one gets
Δ 1 ( S 2 ) κ 2 s α ( V 2 i ) p + η ( V 2 i ) q r Δ 2 ( S 2 ) δ 2 s | | S 2 | | i = 1 N κ 2 i , s | s 2 i | + ( S 2 ) T ( E i , 3 ) | | S 2 | |   κ 2 s δ 2 s + ξ ¯ i , 3   0
with S 2 = [ s 2 1 , , s 2 N ] T = E i , 2 . Then, it is straightforward to show that D + V 2 i γ ( ϕ ) T p 2 , s α ( V 2 i ) p + η ( V 2 i ) q r . Consequently, E i , 2 converges towards the origin with the settling time T p 1 , s + T p 2 , s (i.e., E i , 2 = E ˙ i , 2 = 0 ). Therefore, at t = T p 1 , s + T p 2 , s and E 2 s = 1 .
Step n: Now, fast forward to the n t h step, at t = j = 1 n 1 T p j , s , the error dynamics become
E ˙ i , n = 1 ( f i a + u i ) H ( E i , n )
Taking as the Lyapunov function V n i = 1 N ( E i , n ) T ( E i , n ) and by setting S n = [ s n 1 , , s n N ] T = E i , n , and following the same procedure as before, the following inequalities are obtained for the terms Δ 1 ( S n ) and Δ 2 ( S n )
Δ 1 ( S n ) κ n s α ( V n i ) p + η ( V n i ) q r Δ 2 ( S 2 ) δ n s | | S n | | i = 1 N κ n i , s | s n i | + ( S n ) T 1 ( u ¯ + f ¯ a ) | | S n | |   κ n s δ n s + u ¯ + f ¯ a   0
The proof is thus concluded at the n t h step. □
Now, let us consider the presence of a possible cyber-attack in the network. Due to the presence of these attacks, the output estimation errors is expressed as
ε i , 1 k = z i z ^ i k + k i , s f ˇ k i e + j = 1 N a k j s f k j e
In this case, the following theorem can be stated.
Theorem 2.
Given Assumption 1 and in the presence of one or multiple cyber attacks incident to agent k, in the case of fixed communication topology, the observation errors converge towards zero in a predefined time T s = j = 1 n 1 T p j , s independently of initial conditions, and the gains are given as
δ q s = ξ ¯ i , q + 1 + F ¯ k s ( q ) κ q s , q { 1 , . . . , n 1 } δ n s = u ¯ + f ¯ a + F ¯ k s ( n ) κ n s
with
F k s ( l ) = d l d t l ( k i , s f ˇ k i e + j = 1 N a k j s f k j e ) , l { 1 , . . . , n }
where F k s ( l ) corresponds to the l t h time derivative of F k s = k i , s f ˇ k i e + j = 1 N a k j s f k j e and F ¯ k s ( l ) is the corresponding upper bound. The gains κ l i , s and the observer switches E m s remain the same as in Theorem 1.
Proof of Theorem 2.
When cyber-attacks are considered, (6) becomes
I i , 1 k = j = 1 N a k j s ( z ^ i j z ^ i k ) + k i , s ( z i z ^ i k ) + j = 1 N a k j s f k j e + k i , s f ˇ k i e , I i , m k = ξ ˜ i , m k ξ ^ i , m k , m { 2 , . . . , n }
Furthermore, the auxiliary variables (7) become
ξ ˜ i , 2 k = ξ ^ i , 2 k + E 1 s V ( I i , 1 k ) e q = ξ ^ i , 2 k + ε i , 2 k k i , s f ˇ ˙ k i e j = 1 N a k j s f ˙ k j e ξ ˜ i , n k = ξ ^ i , n k + E n 1 s V ( I i , n 1 k ) e q = ξ ^ i , n k + ε i , n k k i , s f ˇ k i e ( n 1 ) j = 1 N a k j s f k j e ( n 1 )
and the concatenated errors are expressed as
E ˙ i , 1 = E i , 2 + 1 F k s ( 1 ) H ( E i , 1 ) E ˙ i , n 1 = E i , n + 1 F k s ( n 1 ) E n 2 s H ( E i , n 1 ) E ˙ i , n = 1 ( u i + f i a + F k s ( n ) ) E n 1 s H ( E i , n )
The rest of the proof straightforwardly follows the same reasoning as Theorem 1 and is thus omitted for brevity. □
Note that the use of the predefined-time concept is very useful when dealing with switching topologies. Indeed, using our proposed scheme, one can immediately derive the following proposition:
Proposition 1.
Consider the switching topologies described in Section 2. Selecting T s such that T s < T w , s M and observer parameters (25), the distributed switched observers guarantee the predefined-time stability of the estimation errors regardless of initial conditions at each switching instant.
Remark 2.
The global fault estimation protocol proposed in this paper, is a distributed one. Each neighbouring agent can only exchange local information during the fault estimation process. Furthermore, provided that all of the possible topologies are known to all agents, constants λ i s and therefore κ 1 s = m i n { κ 1 1 , s , , κ 1 N , s } can be computed a priori. If all T p m , s are the same (i.e., T p 1 , s = = T p n , s = T p ), κ 1 s = N γ ( ϕ ) g T p with g = max { λ 1 s , , λ N s } .

5.2. Residual Definition and Cyber-Attack Identification

The idea is to compute the difference between the actual input of an agent and the estimated input effort. The difference should indeed be null in the case of no attacks or faults. The next step is to identify the source and type of faults, specifically deception attacks and thus trigger the appropriate alarms and further corrective measures. Note that, for Theorems 1 and 2, the upper bounds of the control inputs are used in Assumption 1 to design the predefined-time distributed observers. In this section, we will show through a residual based approach how one can detect process or communication faults/cyber-attacks with a global approach using input estimates if the control structure is known. In the following, let us consider the following typical linear higher-order consensus control algorithm [42,43], used with the available information
u i = j N i a i j s γ 1 s ( z i z i j ) + m = 2 n γ m s ( ξ ˜ i , m i ξ ˜ j , m i ) + μ i s ξ ˜ i , n i
where l { 1 , . . . , n } , i { 1 , . . . , N } , γ l s and μ i s are the consensus gains. It can be noticed that communication faults spread in the MAS through u i , and thus need to be detected as they occur. In the absence of edge faults, consensus is achieved provided a suitable selection of μ i s , γ 1 s and γ m s due to the fixed-time stability property of the proposed distributed observers [44].
Proposition 2.
Define agent k as the monitoring agent, agent i as the monitored agent, agents p N k as agent k’s neighbours and agents j N i as agent i’s neighbours, where agent i may or may not be a direct neighbour of k and j i . Using protocol (29), an agent k can detect a deception attack on a communication link incident to agent k or i and local malfunctions/intrusions f i a anywhere in the fleet, given one type fault happens at a time, using the following residual signal:
r i k ( t ) = V ( I i , n k ) e q u ^ i k
where
u ^ i k = j N i a i j s [ γ 1 s ( z ^ i k z ^ j k ) + m = 2 n γ m s ( ξ ˜ i , m k ξ ˜ j , m k ) ] + μ i s ξ ˜ i , n k
is agent i’s reconstructed input by agent k with u ^ k k = u k .
Proof of Proposition 2.
After the convergence of errors, the actual applied control input for each agent becomes
u i = j N i a i j s γ 1 s ( z i z j ) + m = 2 n γ m s ( ξ i , m ξ j , m ) + μ i s ξ i , n j N i a i j s ( γ 1 s f ˇ i j e + m = 2 n γ m s f ˇ i j e ( m 1 ) )
Furthermore, the reconstructed input generated by the monitoring agent k is expressed as
u ^ i k = j N i a i j s γ 1 s ( z i z j ) + m = 2 n γ m s ( ξ i , m ξ j , m ) + μ i s ξ i , n j N i γ 1 s a i j s [ k i , s f ˇ k i e k j , s f ˇ k j e + p N k a k p s f k p e p N k a k p s f k p e ] + j N i m = 2 n a i j s γ m s [ k i , s f ˇ k i e ( m 1 ) + k j , s f ˇ k j e ( m 1 ) ] + μ i s k i , s f ˇ k i e ( n 1 ) + p N k a k p s f k p e ( n 1 )
Therefore, the residual signals (30) become
r i k ( t ) = ( u i u ^ i k ) + f i a k i , s f ˇ k i e ( n ) p N k a k p s f k p e ( n ) = Θ f e k + f i a
where Θ f e k is
Θ f e k = j N i γ 1 s a i j s k i , s f ˇ k i e k j , s f ˇ k j e + p N k a k p s f k p e p N k a k p s f k p e j N i m = 2 n a i j s γ m s k i , s f ˇ k i e ( m 1 ) + k j , s f ˇ k j e ( m 1 ) μ i s [ k i , s f ˇ k i e ( n 1 ) + p N k a k p s f k p e ( n 1 ) ] j N i a i j s ( γ 1 s f ˇ i j e + m = 2 n γ m s f ˇ i j e ( m 1 ) ) k i , s f ˇ k i e ( n ) p N k a k p s f k p e ( n )
Note that, when the control efforts u i are known to other agents in the network, the term ( u i u ^ i k ) in Equation (31) disappears. In this case, the residual signals become
r i k ( t ) = f i a k i , s f ˇ k i e ( n ) p N k a k p s f k p e ( n ) = Θ f e k + f i a
where Θ f e k = k i , s f ˇ k i e ( n ) p N k a k p s f k p e ( n ) . As a result, the defined residual signals (30) generated by the monitoring agent k are able to detect the presence of a cyber-attack or a local malfunction. □
Residual evaluation: Once the residual signals are generated, it is important to be able to interpret them in order to find the root of the fault and thus make corrective measures accordingly. Indeed, from Equation (30), it can be noticed that, when a cyber-attack incident to agent k or i occurs while there is no local malfunction, agent k’s generated residual signal for itself is r k k = 0 and r i k 0 for all k i regardless of whether or not agent i is a neighbour of k. On the other hand, when there is no cyber-attack, the residuals provide explicit estimations of the local malfunctions/intrusions, with r k k = f k a and r i k = f i a . r k k is thus used to identify a cyber-attack in the system as it is only sensitive to local malfunctions/intrusions. The proposed cyber-attack identification scheme is thus summarized in the following Algorithm 1:
Algorithm 1: Observer Design and Decision Logic
Electronics 09 01912 i001
Remark 3.
Note that our approach does not present limitation with respect to the number of detectable attacks in the system, contrary to some existing works, for instance in [26]. Indeed, Proposition 2 can be used to detect simultaneous local malfunctions/intrusions and cyber-attacks, and discern them from each other thus achieving the cyber-attack identification objective. Moreover, the predefined-time stability principle is useful to design fast converging switched observers to solve the problem of switching communication topologies as pointed out in Proposition 1. This allows for avoiding false alarms and achieving fast convergence of the estimation errors before the next topology switching instant. Furthermore, it is worth mentioning that our proposed approach can also be used when sudden communication breaks occur or when communication attacks on the communication weights and sudden abnormal quality drops of the exchanged information (i.e., attacks on communication parameters a i j s defined in Section 2) are considered. Indeed, these types of attacks manifest themselves in the generated residuals as exponentially decaying signals.

6. Practical Example

Cyber-Attack Identification in Cooperative Multi-Robot Systems

In this section, an illustrative numerical example is given for a practical application in order to show the effectiveness of the proposed global cyber-attack identification protocol. For this, let us consider a team of N = 5 omnidirectional wheeled mobile robots (WMR) that are labelled with numbers 1 through 5 and are moving in a two-dimensional plane (see Figure 2). In this example, the robots have to cooperate in order to render the steady state axial jerk null and thus achieve constant linear acceleration synchronization of the network of WMR.
Here, we assume non-slipping and pure rolling conditions and since our aim is to achieve linear acceleration synchronization, only the dynamics along the x-direction are considered. In this case, each robot can be modelled with the following simplified triple integrator dynamics which is a special case of system (3):
x ˙ i ( t ) = ξ ˙ i , 1 ( t ) = ξ i , 2 ( t ) v ˙ i ( t ) = ξ ˙ i , 2 ( t ) = ξ i , 3 ( t ) a ˙ i ( t ) = ξ ˙ i , 3 ( t ) = u i ( t ) + f i a ( t ) z i ( t ) = ξ i , 1 ( t )
where ξ i , 1 ( t ) , ξ i , 2 ( t ) , ξ i , 3 ( t ) and f i a ( t ) are the x-position, the linear velocity on the x-axis, the linear acceleration on the x-axis and an internal fault affecting the local jerk of a robot. The proposed residual observer-based cyber-attack identification algorithm can be implemented on the on-board micro-controllers as depicted in Figure 2. Furthermore, the robots are assumed to be equipped with WiFi modules and broadcast their information through a wireless network described by the graph topologies illustrated in Figure 3 and Figure 4 respectively, which are characterised by the Laplacian matrices:
L 1 = 3 1 1 0 1 1 2 0 1 0 1 0 1 0 0 0 1 0 1 0 1 0 0 0 1 , and L 2 = 3 1 0 1 1 1 2 1 0 0 0 1 1 0 0 1 0 0 1 0 1 0 0 0 1 .
The communication topology is assumed to switch from L 1 to L 2 at t 1 = 12 s. In this example, in order to achieve acceleration consensus, the following cooperative control is used for each robot
u i = a i r ( t ) + μ i s ξ ˜ i , 3 i j = 1 5 a i j s γ 1 s ( z 1 z i j ) γ 2 s ( ξ ˜ i , 2 i ξ ˜ j , 2 i ) γ 3 s ( ξ ˜ i , 3 i ξ ˜ j , 3 i )
where i { 1 , . . . , N } , μ i s , γ 1 s , γ 2 s and γ 3 s are the consensus gains set to 5, 4, 3, and, 2.5, respectively, for both possible communication topology modes s { 1 , 2 } , and a i r ( t ) = μ i s 1 m s 2 is the reference acceleration. Hence, s { 1 , 2 } , the exchanged signals between agents are given as
z k i ( t ) = k i , s ( z i ( t ) + f ˇ k i e ( t ) + Δ z k i ( t ) ) , and z ^ i k j ( t ) = a k j s ( z ^ i j ( t ) + f k j e ( t ) + Δ z ^ i k j ( t ) )
where Δ z k i ( t ) = 0.1 sin ( z k i ( t ) ) , and Δ z ^ i k j ( t ) = 0.01 sin ( z ^ i k j ( t ) ) are noise due to some communication uncertainties.
The initial positions of the five agents on the x-axis are given as ξ 1 , 1 ( 0 ) = 0 m, ξ 2 , 1 ( 0 ) = 1.5 m, ξ 3 , 1 ( 0 ) = 3 m, ξ 4 , 1 ( 0 ) = 4.5 m and ξ 5 , 1 ( 0 ) = 0.5 m respectively, while the initial velocities and acceleration are set to 0. For each of the mobile robots, the distributed observers are designed to estimate the global state in the desired predefined time T 1 = T 2 = 3 s with T p 1 , 1 = T p 2 , 1 = T p 3 , 1 = T p 1 , 2 = T p 2 , 2 = T p 3 , 2 = 1 s which satisfies the conditions of Proposition 1. The observer parameters are chosen as
ϕ = [ α , η , p , q , r ] T = [ 1 , 2 , 1.5 , 3 , 0.5 ] T
used for each corresponding topology. On the other hand, to obtain the equivalent values, first-order low pass filters are used with cut-off frequency of 100 s 1 for the first dynamics and 10 s 1 for the second and third dynamics. In order to verify the performance of the proposed scheme, the following two simulation scenarios are carried out on MATLAB.
First Scenario: In the 1st scenario, an intrusion occurs in robot 3 causing an out of control situation that affects its local jerk simulated by the following function f 3 a ( t ) :
f 3 a ( t ) = 0 t < 4 s 0.5 sin ( 5 t ) + 15 5 s t 8.5 s 0 t > 8.5 s
This fault only represents a local malfunction in the robot 3 and thus needs to be distinguished from a cyber-attack. It can be clearly seen from Figure 5 corresponding to the 1st scenario that the residuals generated by the monitoring agents for the monitored agent 3, i.e., r 3 1 , r 3 2 , r 3 4 and r 3 4 respectively, provide an explicit estimation of f 3 a .
Second Scenario: In the 2nd scenario, a communication fault occurs in exchanges flowing from robots 1 to 2 at t = T e = 10 s, for the first topology such that
f ˇ 12 e ( t ) = f 12 e ( t ) = 0 t < 10 s 100 ( 1 e 1 0.1 t ) t 10 s
Note that the topology switches at t 1 = 13 s and f ˇ 12 e ( t ) = f 12 e ( t ) remains throughout the topology change (see Figure 4). Therefore, the gains are computed from Theorem 2 and Remark 2 as
κ 1 1 = 56.98 κ 2 1 = 24.98 κ 3 1 = 24.98 δ 1 1 = 0.35 δ 2 1 = 1.2 δ 3 1 = 1.5 and κ 1 2 = 58.92 κ 2 2 = 24.98 κ 3 2 = 19.98 δ 1 2 = 0.33 δ 2 2 = 1.2 δ 3 2 = 1.5
It should be recalled that these gains are valid for both scenarios. Figure 6 corresponding to the 2nd scenario shows that a cyber-attack in the form of the simulated functions f ˇ 12 e ( t ) and f 12 e ( t ) , incident to agent 1 in both topologies, can be distinguished even in the presence of some reasonable communication noise. Indeed, the residual signals r 1 1 , r 2 2 , r 3 3 , r 4 4 and r 5 5 stay around 0 after the cyber-attack appears in the system and throughout the topology change.
Consequently, according to Proposition 2, one can distinguish and identify a cyber-attack in the networked system.

7. Conclusions and Future Work

In this paper, a novel distributed cyber-attack identification scheme was proposed for NCS with switching topologies subject to cyber-attacks, where any agent/node can act as a monitor to the whole system behavior and can thus detect and identify intrusion and cyber attacks. This is done by employing a bank of distributed predefined-time observers to estimate the global system state through auxiliary states whereby the settling time is an a priori user defined parameter, independently of the initial conditions. Numerical simulation results have been carried out by implementing the proposed scheme on a synchronization seeking network of mobile robots. Future works will include the design of a control reconfiguration algorithm based on the estimated faults from our FDI scheme.

Author Contributions

Conceptualization, A.T.; methodology, A.T.; validation, M.D. (Michael Defoort), K.B., M.D. (Mohamed Djemai); formal analysis, M.D. (Michael Defoort), K.B.; investigation, M.D. (Michael Defoort), K.B.; resources, M.D. (Michael Defoort), K.B., M.D. (Mohamed Djemai), A.T.; writing—original draft preparation, A.T.; writing—review and editing, A.T., M.D. (Michael Defoort), K.B., M.D. (Mohamed Djemai); supervision, M.D. (Michael Defoort), K.B., M.D. (Mohamed Djemai); Funding Acquisition, L.D.; All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Conflicts of Interest

The authors declare no conflict of interest. The funders had no role in the design of the study; in the collection, analyses, or interpretation of data; in the writing of the manuscript, or in the decision to publish the results.

References

  1. Baheti, R.; Gill, H. Cyber-physical systems. Impact Control Technol. 2011, 12, 161–166. [Google Scholar]
  2. Wu, C.; Hu, Z.; Liu, J.; Wu, L. Secure estimation for cyber-physical systems via sliding mode. IEEE Trans. Cybern. 2018, 48, 3420–3431. [Google Scholar] [CrossRef]
  3. Shamma, J. Cooperative Control of Distributed Multi-Agent Systems; John Wiley & Sons: Hoboken, NJ, USA, 2008. [Google Scholar]
  4. Cao, Y.; Yu, W.; Ren, W.; Chen, G. An overview of recent progress in the study of distributed multi-agent coordination. IEEE Trans. Ind. Inform. 2012, 9, 427–438. [Google Scholar] [CrossRef] [Green Version]
  5. Yang, Z.; Zhang, Q.; Chen, Z. Flocking of multi-agents with nonlinear inner-coupling functions. Nonlinear Dyn. 2010, 60, 255–264. [Google Scholar] [CrossRef]
  6. Olfati-Saber, R. Flocking for multi-agent dynamic systems: Algorithms and theory. IEEE Trans. Autom. Control 2006, 51, 401–420. [Google Scholar] [CrossRef] [Green Version]
  7. Oh, K.K.; Park, M.C.; Ahn, H.S. A survey of multi-agent formation control. Automatica 2015, 53, 424–440. [Google Scholar] [CrossRef]
  8. Su, H.; Chen, M.Z.; Wang, X. Global coordinated tracking of multi-agent systems with disturbance uncertainties via bounded control inputs. Nonlinear Dyn. 2015, 82, 2059–2068. [Google Scholar] [CrossRef]
  9. Ren, W.; Beard, R.W. Distributed Consensus in Multi-Vehicle Cooperative Control; Springer: Berlin/Heidelberg, Germany, 2008; Volume 27. [Google Scholar]
  10. Cárdenas, A.A.; Amin, S.; Sastry, S. Research Challenges for the Security of Control Systems. In Proceedings of the 3rd Conference on Hot Topics in Security, HOTSEC’08, Berkeley, CA, USA, 29 July 2008. [Google Scholar]
  11. Guo, M.; Dimarogonas, D.V.; Johansson, K.H. Distributed real-time fault detection and isolation for cooperative multi-agent systems. In Proceedings of the IEEE 2012 American Control Conference (ACC), Montreal, QC, Canada, 27–29 June 2012; pp. 5270–5275. [Google Scholar]
  12. Shames, I.; Teixeira, A.M.; Sandberg, H.; Johansson, K.H. Distributed fault detection for interconnected second-order systems. Automatica 2011, 47, 2757–2764. [Google Scholar] [CrossRef] [Green Version]
  13. Taoufik, A.; Busawon, K.; Defoort, M.; Djemai, M. An output observer approach to actuator fault detection in multi-agent systems with linear dynamics. In Proceedings of the 2020 28th Mediterranean Conference on Control and Automation (MED), Saint-Raphaël, France, 15–18 September 2020; pp. 562–567. [Google Scholar]
  14. Chadli, M.; Davoodi, M.; Meskin, N. Distributed state estimation, fault detection and isolation filter design for heterogeneous multi-agent linear parameter-varying systems. IET Control Theory Appl. 2016, 11, 254–262. [Google Scholar] [CrossRef]
  15. Meskin, N.; Khorasani, K. Actuator fault detection and isolation for a network of unmanned vehicles. IEEE Trans. Autom. Control 2009, 54, 835–840. [Google Scholar] [CrossRef]
  16. Taoufik, A.; Michael, D.; Djemai, M.; Busawon, K.; Sánchez-Torres, J.D. Distributed global actuator fault-detection scheme for a class of linear multi-agent systems with disturbances. In Proceedings of the IFAC World Congress, Berlin, Germany, 12–17 July 2020. [Google Scholar]
  17. Qin, L.; He, X.; Zhou, D. A survey of fault diagnosis for swarm systems. Syst. Sci. Control Eng. Open Access J. 2014, 2, 13–23. [Google Scholar] [CrossRef]
  18. Liu, Y.; Ning, P.; Reiter, M.K. False data injection attacks against state estimation in electric power grids. ACM Trans. Inf. Syst. Secur. (TISSEC) 2011, 14, 1–33. [Google Scholar] [CrossRef]
  19. Liang, G.; Zhao, J.; Luo, F.; Weller, S.R.; Dong, Z.Y. A review of false data injection attacks against modern power systems. IEEE Trans. Smart Grid 2016, 8, 1630–1638. [Google Scholar] [CrossRef]
  20. Pasqualetti, F.; Dörfler, F.; Bullo, F. Attack detection and identification in cyber-physical systems. IEEE Trans. Autom. Control 2013, 58, 2715–2729. [Google Scholar] [CrossRef] [Green Version]
  21. Yan, Y.; Qian, Y.; Sharif, H.; Tipper, D. A survey on cyber security for smart grid communications. IEEE Commun. Surv. Tutorials 2012, 14, 998–1010. [Google Scholar] [CrossRef] [Green Version]
  22. Pasqualetti, F.; Bicchi, A.; Bullo, F. Distributed intrusion detection for secure consensus computations. In Proceedings of the 2007 46th IEEE Conference on Decision and Control, New Orleans, LA, USA, 12–14 December 2007; pp. 5594–5599. [Google Scholar]
  23. Pasqualetti, F.; Bicchi, A.; Bullo, F. Consensus computation in unreliable networks: A system theoretic approach. IEEE Trans. Autom. Control 2011, 57, 90–104. [Google Scholar] [CrossRef] [Green Version]
  24. Teixeira, A.; Shames, I.; Sandberg, H.; Johansson, K.H. Distributed fault detection and isolation resilient to network model uncertainties. IEEE Trans. Cybern. 2014, 44, 2024–2037. [Google Scholar] [CrossRef] [Green Version]
  25. Ding, S.X. Model-Based Fault Diagnosis Techniques: Design Schemes, Algorithms, and Tools; Springer Science & Business Media: Berlin/Heidelberg, Germany, 2008. [Google Scholar]
  26. Teixeira, A.; Sandberg, H.; Johansson, K.H. Networked control systems under cyber attacks with applications to power networks. In Proceedings of the 2010 American Control Conference, Baltimore, MD, USA, 30 June–2 July 2010; pp. 3690–3696. [Google Scholar]
  27. Pasqualetti, F. Secure Control Systems: A Control-Theoretic Approach to Cyber-Physical Security. 2012. Available online: http://www.fabiopas.it/PhD_Dissertation.pdf (accessed on 21 September 2020).
  28. Smith, R.S. Covert misappropriation of networked control systems: Presenting a feedback structure. IEEE Control Syst. Mag. 2015, 35, 82–92. [Google Scholar]
  29. Boem, F.; Gallo, A.J.; Ferrari-Trecate, G.; Parisini, T. A distributed attack detection method for multi-agent systems governed by consensus-based control. In Proceedings of the 2017 IEEE 56th Annual Conference on Decision and Control (CDC), Melbourne, Australia, 12–15 December 2017; pp. 5961–5966. [Google Scholar]
  30. Khan, A.S.; Khan, A.Q.; Iqbal, N.; Sarwar, M.; Mahmood, A.; Shoaib, M.A. Distributed fault detection and isolation in second order networked systems in a cyber-physical environment. ISA Trans. 2020, 103, 131–142. [Google Scholar] [CrossRef]
  31. Luo, X.; Yao, Q.; Wang, X.; Guan, X. Observer-based cyber attack detection and isolation in smart grids. Int. J. Electr. Power Energy Syst. 2018, 101, 127–138. [Google Scholar] [CrossRef]
  32. Jahanshahi, N.; Ferrari, R.M. Attack detection and estimation in cooperative vehicles platoons: A sliding mode observer approach. IFAC-PapersOnLine 2018, 51, 212–217. [Google Scholar] [CrossRef]
  33. Lemma, L.N.; Kim, S.H.; Choi, H.L. An unknown-input-observer based approach for cyber attack detection in formation flying UAVs. In Proceedings of the AIAA Infotech@ Aerospace, San Diego, CA, USA, 4–8 January 2016; p. 0916. [Google Scholar]
  34. Lv, M.; Yu, W.; Lv, Y.; Cao, J.; Huang, W. An integral sliding mode observer for CPS cyber security attack detection. Chaos Interdiscip. J. Nonlinear Sci. 2019, 29, 043120. [Google Scholar] [CrossRef]
  35. Sahoo, S.; Mishra, S.; Peng, J.C.H.; Dragičević, T. A Stealth Cyber-Attack Detection Strategy for DC Microgrids. IEEE Trans. Power Electron. 2018, 34, 8162–8174. [Google Scholar] [CrossRef] [Green Version]
  36. Sánchez-Torres, J.D.; Gómez-Gutiérrez, D.; López, E.; Loukianov, A.G. A class of predefined-time stable dynamical systems. IMA J. Math. Control Inf. 2018, 35, i1–i29. [Google Scholar] [CrossRef] [Green Version]
  37. Jadbabaie, A.; Lin, J.; Morse, A.S. Coordination of groups of mobile autonomous agents using nearest neighbor rules. IEEE Trans. Autom. Control 2003, 48, 988–1001. [Google Scholar] [CrossRef] [Green Version]
  38. Bhat, S.P.; Bernstein, D.S. Finite-time stability of continuous autonomous systems. SIAM J. Control Optim. 2000, 38, 751–766. [Google Scholar] [CrossRef]
  39. Polyakov, A. Nonlinear feedback design for fixed-time stabilization of linear control systems. IEEE Trans. Autom. Control 2011, 57, 2106–2110. [Google Scholar] [CrossRef] [Green Version]
  40. Aldana-López, R.; Gómez-Gutiérrez, D.; Jiménez-Rodríguez, E.; Sánchez-Torres, J.D.; Defoort, M. Enhancing the settling time estimation of a class of fixed-time stable systems. Int. J. Robust Nonlinear Control 2019, 29, 4135–4148. [Google Scholar] [CrossRef]
  41. Basile, G.; Marro, G. Controlled and Conditioned Invariants in Linear System Theory; Prentice Hall: Englewood Cliffs, NJ, USA, 1992. [Google Scholar]
  42. Ren, W.; Moore, K.L.; Chen, Y. High-order and model reference consensus algorithms in cooperative control of multivehicle systems. J. Dyn. Syst. Meas. Control 2007, 129, 678–688. [Google Scholar] [CrossRef]
  43. Ren, W.; Atkins, E. Distributed multi-vehicle coordinated control via local information exchange. Int. J. Robust Nonlinear Control 2007, 17, 1002–1033. [Google Scholar] [CrossRef] [Green Version]
  44. Jiang, F.; Wang, L. Consensus seeking of high-order dynamic multi-agent systems with fixed and switching topologies. Int. J. Control 2010, 83, 404–420. [Google Scholar] [CrossRef]
Figure 1. An illustration of a networked control system, basic components, cyber-physical layers and possible attack types.
Figure 1. An illustration of a networked control system, basic components, cyber-physical layers and possible attack types.
Electronics 09 01912 g001
Figure 2. The setup of the studied problem where: (a) represents the upper perspective view of a WMR on the x-y 2D plane and (b) represents an illustration of the setup of the five mobile robots.
Figure 2. The setup of the studied problem where: (a) represents the upper perspective view of a WMR on the x-y 2D plane and (b) represents an illustration of the setup of the five mobile robots.
Electronics 09 01912 g002
Figure 3. An illustration of the interaction between the robots: (a) in the first 12 s and (b) after 12 s, where an arrow indicates the direction of information flow amongst two designated robots.
Figure 3. An illustration of the interaction between the robots: (a) in the first 12 s and (b) after 12 s, where an arrow indicates the direction of information flow amongst two designated robots.
Electronics 09 01912 g003
Figure 4. The corresponding graph topology models, where: (a) corresponds to L 1 and (b) to L 2 .
Figure 4. The corresponding graph topology models, where: (a) corresponds to L 1 and (b) to L 2 .
Electronics 09 01912 g004
Figure 5. Residuals in scenario 1 by agents 1, 2, 4, and 5, shown in sub-figures (ad) respectively. The vertical dashed blue line represents the convergence time.
Figure 5. Residuals in scenario 1 by agents 1, 2, 4, and 5, shown in sub-figures (ad) respectively. The vertical dashed blue line represents the convergence time.
Electronics 09 01912 g005
Figure 6. Residuals generated by all agents in scenario 2.
Figure 6. Residuals generated by all agents in scenario 2.
Electronics 09 01912 g006aElectronics 09 01912 g006b
Table 1. List of acronyms.
Table 1. List of acronyms.
NCSNetworked Control Systems
CPSCyber-Physical Systems
MASMulti-Agent Systems
FDIFault Detection and Isolation
SMOSliding Mode Observers
FDIAFalse Data Injection Attacks
DoSDenial of Service
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Share and Cite

MDPI and ACS Style

Taoufik, A.; Defoort, M.; Busawon, K.; Dala, L.; Djemai, M. A Distributed Observer-Based Cyber-Attack Identification Scheme in Cooperative Networked Systems under Switching Communication Topologies. Electronics 2020, 9, 1912. https://doi.org/10.3390/electronics9111912

AMA Style

Taoufik A, Defoort M, Busawon K, Dala L, Djemai M. A Distributed Observer-Based Cyber-Attack Identification Scheme in Cooperative Networked Systems under Switching Communication Topologies. Electronics. 2020; 9(11):1912. https://doi.org/10.3390/electronics9111912

Chicago/Turabian Style

Taoufik, Anass, Michael Defoort, Krishna Busawon, Laurent Dala, and Mohamed Djemai. 2020. "A Distributed Observer-Based Cyber-Attack Identification Scheme in Cooperative Networked Systems under Switching Communication Topologies" Electronics 9, no. 11: 1912. https://doi.org/10.3390/electronics9111912

APA Style

Taoufik, A., Defoort, M., Busawon, K., Dala, L., & Djemai, M. (2020). A Distributed Observer-Based Cyber-Attack Identification Scheme in Cooperative Networked Systems under Switching Communication Topologies. Electronics, 9(11), 1912. https://doi.org/10.3390/electronics9111912

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop