(118a) Profit Considerations of an Active Cyberattack Detection Strategy on Process Actuators

Smart factories are equipped with control equipment, such as advanced sensors, embedded software, and robotics that collect and analyze data for improved control and decision-making. The integration of these processes with ERP, supply chain, and other enterprise-level systems helps increase visibility of an entire plant and consequently promotes better manufacturing practices ^[1]. This simultaneously also opens the same industries to cyberattacks affecting all connected processes, such as the attack on the Ukrainian power grid (2015) ^[2], with debilitating impacts. From a process control literature perspective, strategies to detect cyberattacks on control systems have gained traction in recent years ^[3]. In accordance with this trend, prior research from our group has focused on the development of several strategies for detecting cyberattacks on process sensors ^[4], actuators ^[5], or both sensors and actuators ^[6] simultaneously by modifying an advanced optimization-based control strategy known as Lyapunov-based economic model predictive control (LEMPC) ^[7].

This talk focuses on an active detection strategy for cyberattacks on control components. Active attack detection strategies modify process operation to probe for attacks. Though this may aid with detection, it may also disrupt process operation and potentially reduce profits. The detection strategy used in this talk is based on the strategy in ^[5], which was originally formulated to make explicit stability guarantees in the presence of cyberattacks on actuators by perturbing economically optimal process behavior that could for example be implemented using an LEMPC formulation. The active detection strategy continuously probes for cyberattacks using control actions that force the Lyapunov function to decrease by making use of only the contractive constraint of the LEMPC formulation. This formulation changes the state that the controller converges toward at every sampling period and is updated by using a redundant controller that provides optimal states. This formulation allows us to make heuristic strategies geared toward limiting the loss in profits due to active detection. The contribution of this talk is the development of explicit guarantees of profitability in addition to stability ^[8] by using two LEMPC-based auxiliary controllers to guide a third stabilizing Lyapunov controller. The first of the two redundant controllers, an auxiliary LMPC, uses only the contractive constraint of the LEMPC formulation and is used to benchmark the least profit associated with actual controller, i^th LMPC, used to control the process over a sampling period. The second redundant controller, an auxiliary LEMPC (A-LEMPC), is used to determine the states that the i^th LMPC should track over every sampling period, consequently enabling them to have the potential to outperform the auxiliary LMPC. This profitability analysis provides a step toward elucidating the conditions under which active detection policies may not result in severe loss in profits. A general process reactor example is used to demonstrate the implementation of the detection strategy.

REFERENCES
[1] A. A. C ́ardenas, S. Amin, Z.-S. Lin, Y.-L. Huang, C.-Y. Huang, and S. Sastry, “Attacks against process control systems: risk assessment, detection, and response,” in Proceedings of the 6th ACM symposium on information, computer and communications security, 2011, pp. 355-366.
[2] D. U. Case, “Analysis of the cyber attack on the ukrainian power grid,” Electricity Information Sharing and Analysis Center (E-ISAC), vol. 388, no. 1-29, p. 3, 2016.

[3] S. Parker, Z. Wu, and P. D. Christofides, “Cybersecurity in process control, operations, and supply chain,” Computers & Chemical Engineering, vol. 171, p. 108169, 2023.

[4] K. K. Rangan, H. Oyama, and H. Durand, “Integrated cyberattack detection and handling for nonlinear systems with evolving process
dynamics under Lyapunov-based economic model predictive control,” Chemical Engineering Research and Design, vol. 170, pp. 147–179, 2021.

[5] K. K. Rangan, H. Oyama, and H. Durand, “Actuator cyberattack handling using Lyapunov-based economic model predictive control,” IFAC-PapersOnLine, vol. 55, no. 7, pp. 489-494, 2022.

[6] H. Oyama, K. K. Rangan, and H. Durand, “Handling of stealthy sensor and actuator cyberattacks on evolving nonlinear process systems,”
Journal of Advanced Manufacturing and Processing, vol. 3, no. 3, p.e10099, 2021.

[7] M. Heidarinejad, J. Liu, and P. D. Christofides, “Economic model predictive control of nonlinear process systems using lyapunov techniques,” AIChE Journal, vol. 58, no. 3, pp. 855–870, 2012.

[8] K. K. Rangan and H. Durand, “Actuator cyberattack handling using Lyapunov-based economic model predictive control,” Proceedings of the 12th IFAC International Symposium on Advanced Control of Chemical Processes (ADCHEM), 2024.