拒绝服务攻击下无线网络控制系统的安全事件触发估计与控制研究

With the deep-going development of the national strategy known as INDUSTRIE 4.0, networking has become a mainstream trend for industrial control systems. All things in the future world will be connected intelligently, which indeed requires higher-level open of NCSs (via wireless communication networks). In this case, it will inevitably result in control systems becoming increasingly vulnerable to cyber threats and is potentially dangerous. In order to guarantee the real-time safe of NCSs and save network resource, this project will study secure estimation and resilient control of wireless NCSs subject to DoS attacks by using triggering mechanism, which aims at reducing the frequency of data transmission and achieving robustness against DoS attacks. The frequency and duration of the DoS attacks are characterized while the stability and performance of the systems under consideration are preserved. A novel event-triggering mechanism which decides the transmission instants based on an estimate of the states of the considered systems in the presence of DoS attacks is proposed. Considering the effect of possible limitations on the information, such as delays, quantization, event-triggering, unknown input, and combining the different descriptions on nonlinearities of known structure characterized via incremental multiplier matrices, the observed-based event-triggered estimation and control strategies are designed, and a joint design algorithm on the attack-resilient state estimator/controller and event-triggering mechanism is proposed. Furthermore, the conditions guaranteeing estimation of the unknown inputs to certain/arbitrary degrees of accuracy are explored separately. The achievement of this project would provide theoretical guidance and technical support for improving the system of theories of cyber security and developing security defense frontier technology.

随着工业4.0国家战略深入推进，工业控制系统的网络化已成为主流趋势。未来世界万物智能互联，这势必需要网络化控制系统（NCSs）具有更高的开放性（基于无线通信网），而开放性越高则越易遭到外部恶意的攻击，从而带来安全隐患。为保障网络实时安全，节约网络资源，本项目基于事件触发机制研究拒绝服务（DoS）攻击下无线NCSs的安全估计与控制问题。分析DoS攻击对NCSs性能的影响机制，提出DoS攻击下的事件触发机制，在减少数据发送量的同时实现对DoS攻击的鲁棒性；考虑延时、量化、事件触发、未知外部输入等约束，并结合基于增量乘子矩阵对系统不同非线性特性的描述，构建事件触发观测/控制器模型，提出触发机制与攻击-弹性状态估计器、控制器及未知输入估计器的联合设计方法；探讨影响未知输入估计精度的关键因素。通过研究，为完善NCSs安全理论体系和开发NCSs安全防御前沿技术提供理论指导和技术支撑。

近年来，网络化控制问题受到越来越多不同领域学者的关注，来自系统控制、社会经济、国防安全、能源生态等众多领域的学者对该问题开展了深入的研究，并逐渐成为一个横跨多个学科、具有广泛性和巨大应用前景的热门研究课题。现有的控制理论与方法难以有效地解决网络和信息技术快速发展所带来的一系列新的计算、控制和优化问题，亟需发展网络化控制的新理论和新方法。本项目对资源受限网络化控制系统的安全控制问题进行了深入的研究，取得了如下几个方面的研究成果：.（1）针对一类考虑周期性DoS攻击影响的资源受限线性连续时间NCSs，为了能在减轻网络传输压力的同时抵御DoS攻击的影响，设计了一种新的静态弹性事件触发机制。基于时滞系统方法、切换系统方法及分段Lyapunov-Krasovskii泛函技术，揭示了事件触发参数、收敛率、DoS攻击/休眠周期和系统参数之间的相互关系，提出了事件触发参数和控制器/观测器参数的一体化设计方法，并将所提方法应用到了直流微电网系统的安全控制中。.（2）针对非周期DoS攻击（由攻击频率和攻击持续时间刻画）下网络化线性连续系统的带宽分配主-冗控制设计问题，基于切换系统和分段Lyapunov–Krasovskii泛函技术，提出了主-冗通道切换律、动态弹性事件触发机制和控制参数的一体化设计方法，揭示了攻击特征参数、系统采样周期和系统收敛率之间的显式依赖关系。.（3）针对非周期DoS攻击（由最短休眠时间和最大攻击持续时间刻画）下网络化线性连续系统的H-infinity 滤波器设计问题，基于切换系统和分段Lyapunov–Krasovskii泛函技术，提出了攻击容忍H-infinity滤波器和静态弹性事件触发机制的一体化设计方法，揭示了非周期攻击特征参数、系统采样周期和系统收敛率之间的显式依赖关系。..到目前为止，发表了25篇与本项目相关的学术论文，其中18篇SCI源刊论文，7篇EI国际会议论文。