Active multiplicative cyberattack detection utilizing controller switching for process systems

Multiplicative cyberattacks manipulating data over the process control system (PCS) communication links are cyberattacks that malicious agents may carry out against PCSs. These attacks are modeled by multiplying the data communicated over the link by a factor, and may be designed to be stealthy without extensive knowledge of process dynamics. The current work characterizes the relationship between the control system parameters, the closed-loop stability, and the detectability of a multiplicative sensor–controller communication link attack with respect to a class of residual-based detection schemes. The analysis reveals that control system parameters may be selected to aid in attack detection. Specifically, control system parameters, called attack-sensitive parameters, may be selected so that the closed-loop process is stable under attack-free operation and is destabilized by a cyberattack, rendering the attack detectable. With the attack-sensitive parameters, however, the attack-free closed-loop process performance may be worse than that with parameters selected based on standard design criteria. To address the potential trade-off between attack-free closed-loop performance and attack detectability, a novel active attack detection methodology utilizing control system parameter switching is developed. The control system switches between the nominal parameters (selected based on standard design criteria) and the attack-sensitive parameters to improve attack detection capabilities while avoiding substantial degradation in the attack-free closed-loop performance. The active detection methodology is applied to an illustrative chemical process example and shown to enhance the attack detection capabilities of two representative residual-based detection schemes.