Model Predictive Control Design Incorporating Cyberattack Detectability for Buildings

Abstract

Industrial control systems (ICSs) are increasingly reliant on advanced networked communications. This trend has contributed to more, opportunities for malicious agents to exploit ICSs. Coupled with this, the complexity and sophistication of cyberattacks have risen,, which have rendered ICSs vulnerable to cyberattacks. The traditional approach for dealing with the cybersecurity of ICSs involves, fortifying information technology (IT) systems to prevent a cyber attacker from gaining access to the ICSs network. While improving, IT cybersecurity may prevent some cyberattacks on ICSs, attackers may circumvent the IT cybersecurity measures over extended period,s. Cyberattacks on industrial ICSs pose a present critical threat. IT-based cybersecurity approaches are insufficient, and control-b,ased approaches are needed. The Department of the Navy (DoN) is amongst those at risk, as it has thousands of ICSs used to monitor a,nd control facilities and buildings used to carry out or support its core missions. These ICSs referred to as facility-related contr,ol systems (FRCSs), control building utilities, electronic security systems, fire and life safety systems, and heating, ventilation,, and air conditioning systems. Disruptions in the operations of these control systems caused by a successful cyberattack may disrupt, the daily operations and take away resources from supporting the core missions. --Integrating cybersecurity considerations directly, into the ICS design is a scalable approach to this problem because having multiple procedures to protect these control systems from, cyberattacks is expensive. A direct connection exists between the detectability of cyberattacks and the control system design. Prev,ious work proved the existence of this connection for systems controlled by a linear controller using a state estimate from a linear, Luenberger observer and monitored by standard residual-based anomaly detection schemes. While the regulatory control layer usually, consists of linear controllers, the supervisory control layer typically employs a model predictive control (MPC) scheme. MPC is uni,quely suited for controlling multi-input multi-output systems subject to system constraints. While MPC is adopted in various industr,ies, integrating cyberattack detectability considerations directly into MPC design has not been extensively studied and is not a str,aightforward extension of existing results. -- In this project, we will develop and demonstrate a MPC design approach that incorpora,tes cyberattack detectability considerations. Specifically, an approach for designing the MPC will be developed that ensures that va,rious false data injection cyberattacks are detectable with standard residual-based anomaly detection schemes. The MPC design approa,ch developed in this project will be applied to prototypical simulated buildings using Energy Plus. The project MVP is the MPC desig,n approach implemented in software. Upon successful completion of this project, significant advancements on integrating attack detec,tability into MPC design will be made. The results obtained in this project will help pave the way for future work on the identifica,tion and mitigation of cyberattacks. The immediate potential benefits to the DoN are the identification of the risks posed by potent,ial cyberattacks on FRCSs through extensive Energy Plus simulations, identification of best-practices for tuning strategies for anom,aly detection schemes for cyberattack detection, and a rigorous understanding of the integration of cyberattack detection into the c,ontrol systems.

Document Details

Document Type

DoD Grant Award

Publication Date

May 16, 2022

Source ID

N000142212189

Entities

Tags