Aiming at the industry cyber-physical system(ICPS)where Denial-of-Service(DoS)attacks and actuator failure coexist,the integrated security control problem of ICPS under multi-objective constraints was studied.First,fr...Aiming at the industry cyber-physical system(ICPS)where Denial-of-Service(DoS)attacks and actuator failure coexist,the integrated security control problem of ICPS under multi-objective constraints was studied.First,from the perspective of the defender,according to the differential impact of the system under DoS attacks of different energies,the DoS attacks energy grading detection standard was formulated,and the ICPS comprehensive security control framework was constructed.Secondly,a security transmission strategy based on event triggering was designed.Under the DoS attack energy classification detection mechanism,for large-energy attacks,the method based on time series analysis was considered to predict and compensate for lost data.Therefore,on the basis of passive and elastic response to small energy attacks,the active defense capability against DoS attacks was increased.Then by introducing the conecomplement linearization algorithm,the calculation methods of the state and fault estimation observer and the integrated safety controller were deduced,the goal of DoS attack active and passive hybrid intrusion tolerance and actuator failure active fault tolerance were realized.Finally,a simulation example of a four-capacity water tank system was given to verify the validity of the obtained conclusions.展开更多
针对一类有限能量拒绝服务(denial of service,DoS)攻击与执行器故障共存的工业信息物理系统(industry cyber-physical system,ICPS),研究了综合安全控制与通信协同设计问题。首先,考虑单侧网络遭受DoS攻击的情形,构建了ICPS综合安全控...针对一类有限能量拒绝服务(denial of service,DoS)攻击与执行器故障共存的工业信息物理系统(industry cyber-physical system,ICPS),研究了综合安全控制与通信协同设计问题。首先,考虑单侧网络遭受DoS攻击的情形,构建了ICPS综合安全控制架构,并从防御者的视角通过分析不同能量级DoS攻击对系统的影响差异,制定了相应的能量分级标准;其次,设计了DoS攻击的能量分级检测机制,并对小能量攻击以弹性控制鲁棒应对,对大能量攻击提出了一种PD(proportional-differential)数据重构补偿策略,提升了ICPS对DoS攻击的主动防御能力,而安全系数的引入又使主被动容侵得以交融协同;接着,在同一非均匀数据传输机制下,通过给出的观测器与综合安全控制器的设计方法,实现了对不同能量等级DoS攻击的主被动混合容侵、执行器故障主动容错,并与通信协同设计的目标;最后,通过四容水箱系统仿真验证了所得理论结果的有效性。展开更多
基金supported by Gansu Higher Education Innovation Fund Project(No.2023B-439)。
文摘Aiming at the industry cyber-physical system(ICPS)where Denial-of-Service(DoS)attacks and actuator failure coexist,the integrated security control problem of ICPS under multi-objective constraints was studied.First,from the perspective of the defender,according to the differential impact of the system under DoS attacks of different energies,the DoS attacks energy grading detection standard was formulated,and the ICPS comprehensive security control framework was constructed.Secondly,a security transmission strategy based on event triggering was designed.Under the DoS attack energy classification detection mechanism,for large-energy attacks,the method based on time series analysis was considered to predict and compensate for lost data.Therefore,on the basis of passive and elastic response to small energy attacks,the active defense capability against DoS attacks was increased.Then by introducing the conecomplement linearization algorithm,the calculation methods of the state and fault estimation observer and the integrated safety controller were deduced,the goal of DoS attack active and passive hybrid intrusion tolerance and actuator failure active fault tolerance were realized.Finally,a simulation example of a four-capacity water tank system was given to verify the validity of the obtained conclusions.
文摘针对一类有限能量拒绝服务(denial of service,DoS)攻击与执行器故障共存的工业信息物理系统(industry cyber-physical system,ICPS),研究了综合安全控制与通信协同设计问题。首先,考虑单侧网络遭受DoS攻击的情形,构建了ICPS综合安全控制架构,并从防御者的视角通过分析不同能量级DoS攻击对系统的影响差异,制定了相应的能量分级标准;其次,设计了DoS攻击的能量分级检测机制,并对小能量攻击以弹性控制鲁棒应对,对大能量攻击提出了一种PD(proportional-differential)数据重构补偿策略,提升了ICPS对DoS攻击的主动防御能力,而安全系数的引入又使主被动容侵得以交融协同;接着,在同一非均匀数据传输机制下,通过给出的观测器与综合安全控制器的设计方法,实现了对不同能量等级DoS攻击的主被动混合容侵、执行器故障主动容错,并与通信协同设计的目标;最后,通过四容水箱系统仿真验证了所得理论结果的有效性。
