The implementation of RESPONSE requires minimal structural modifications, making it particularly suitable for legacy systems. It involves three primary steps:
1. Redundant Offline Control Loop: An offline controller, isolated from internet and equipped with hardwired connections, operates parallel to the online controller. During normal operation, system control action blends outputs from both online and offline controllers.
2. Control Action Detection: Installation of sensors specifically to detect online controller status by detecting the online controller’s action. This enables a fast transition to total offline control during cyberattacks and prevents the offline controller from being cyberattacked.
3. Controller Reconfiguration Scheme: Upon transitioning between online and offline controllers, the controller configuration undergoes adjustments tailored to maintain system stability. For example, if a controller is integral dominated, the integral action parameters are reset to predetermined steady-state values during cyberattacks. Similarly, in a proportional dominant control, the proportional gain is doubled when the online controller is deactivated and subsequently reduced by half upon its reactivation. This method effectively manages transient conditions without relying on integral action.
The RESPONSE framework was validated using various cyberattack scenarios with both simulation and experiment, including Min-Max, Geometric, and Surge attacks:
- Min-Max Attack: Manipulates sensor readings significantly, causing abrupt deviations. RESPONSE effectively compensated by switching seamlessly to offline control, maintaining safety-critical conditions.
- Geometric Attack: Gradually falsifies sensor data, making detection challenging. RESPONSE successfully mitigated the effects, even without timely detection, due to the redundant offline control loop.
- Surge Attack: Combines extreme initial deviation followed by subtle manipulations. RESPONSE framework ensured stability throughout the attack, limiting system disturbances effectively.
Additionally, this research project demonstrates the broader applicability of RESPONSE using a Continuous Stirred Tank Reactor simulation, showcasing its effectiveness against cyber threats in complex, nonlinear systems.
Comparative analysis highlighted RESPONSE's advantages over alternative methods:
- No Protection: Quickly led to unsafe conditions.
- Standard Detection and Restart: Dependent heavily on detection accuracy; significant downtime required.
- Redundant Offline Control (without controller reconfiguration): Experienced transient disturbances.
- RESPONSE Framework: Achieved minimal disturbances, no downtime, smooth transitions, and rapid recovery.
The experimental validation conducted on a Continuous Stirred Tank Heater system further demonstrates the framework's versatility and robustness. The experiment aims to validate the framework’s simulation results. The experimental setup consists of physical components: a jacketed water tank system a water inlet and outlet, a constant power heating rod, a thermocouple to measure tank temperature, and a pump for circulating cooling water.
A PID controller with integral anti-windup modifications is used to control the system. Both the online and offline controllers operate in parallel. The online control system is equipped with its own dedicated thermocouple, pump, data acquisition unit, and control software. Meanwhile, the offline controller monitors the online controller’s action through a flow switch installed on the tubing connected to the online controller’s pump.
During a cyberattack, the online control system becomes the target. Attack scenarios include tampering with thermocouple readings or altering controller parameters. The RESPONSE framework responds by switching to the offline controller and dynamically changing controller configurations to maintain system safety and stability, thereby validating the practical effectiveness of the proposed approach.
In conclusion, RESPONSE significantly enhances cybersecurity resilience of CPS, ensuring system stability, safety, and economic efficiency under various attack scenarios. Its implementation simplicity and adaptability further emphasizes its value for widespread practical adoption.