False data injection attacks against state estimation in electric power grids

Review of Cyber-Physical Attacks in Smart Grids: A System-Theoretic Perspective

This paper presents a review of technical works in the field of cyber-physical attacks on the smart grid. The paper starts by discussing two reference mathematical frameworks proposed in the literature to model a smart grid under attack. Then, a review of cyber-physical attacks on the smart grid is presented, starting from works on false data injection attacks against state estimation. The aim is to present a systematic and quantitative discussion of the basic working principles of the attacks, also in terms of the inner smart grid vulnerabilities and dynamical properties exploited by the attack. The main contribution of the paper is the attempt to provide a unifying view, highlighting the fundamental aspects and the common working principles shared by the attack models, even when targeting different subsystems of the smart grid.

Enhancing Cybersecurity in Smart Grids: False Data Injection and Its Mitigation

Integration of information technologies with power systems has unlocked unprecedented opportunities in optimization and control fields. Increased data collection and monitoring enable control systems to have a better understanding of the pseudo-real-time condition of power systems. In this fashion, more accurate and effective decisions can be made. This is the key towards mitigating negative impacts of novel technologies such as renewables and electric vehicles and increasing their share in the overall generation portfolio. However, such extensive information exchange has created cybersecurity vulnerabilities in power systems that were not encountered before. It is imperative that these vulnerabilities are understood well, and proper mitigation techniques are implemented. This paper presents an extensive study of cybersecurity concerns in Smart grids in line with latest developments. Relevant standardization and mitigation efforts are discussed in detail and then the classification of different cyber-attacks in smart grid domain with special focus on false data injection (FDI) attack, due to its high impact on different operations. Different uses of this attack as well as developed detection models and methods are analysed. Finally, impacts on smart grid operation and current challenges are presented for future research directions.

Advanced Network Sampling with Heterogeneous Multiple Chains

Recently, researchers have paid attention to many types of huge networks such as the Internet of Things, sensor networks, social networks, and traffic networks because of their untapped potential for theoretical and practical outcomes. A major obstacle in studying large-scale networks is that their size tends to increase exponentially. In addition, access to large network databases is limited for security or physical connection reasons. In this paper, we propose a novel sampling method that works effectively for large-scale networks. The proposed approach makes multiple heterogeneous Markov chains by adjusting random-walk traits on the given network to explore the target space efficiently. This approach provides better unbiased sampling results with reduced asymptotic variance within reasonable execution time than previous random-walk-based sampling approaches. We perform various experiments on large networks databases obtained from synthesis to real–world applications. The results demonstrate that the proposed method outperforms existing network sampling methods.

Coordinated Control of Virtual Power Plants to Improve Power System Short-Term Dynamics

The paper proposes a coordinated frequency control strategy for Virtual Power Plant (VPPs), with the inclusion of Distributed Energy Resource (DERs), e.g., Solar Photo-Voltaic Generation (SPVG), Wind Generator (WG) as well as Energy Storage System (ESS). The objective is to improve the short-term dynamic response of the overall power system. The robustness of the proposed control is evaluated through a Monte Carlo analysis and a detailed modeling of stochastic disturbances of loads, wind speed, and solar irradiance. The impact of communication delays of a variety of realistic communication networks with different bandwidths is also discussed and evaluated. The case study is based on a modified version of the WSCC 9-bus test system with inclusion of a VPP. This is modeled as a distribution network with inclusion of a variety of DERs.

Cyber Attack Detection Scheme for a Load Frequency Control System Based on Dual-Source Data of Compromised Variables

Cyber attacks bring key challenges to the system reliability of load frequency control (LFC) systems. Attackers can compromise the measured data of critical variables of the LFC system, making the data received by the defender unreliable and resulting in system frequency fluctuation or even collapse. In this paper, to detect potential attacks on measured data, we propose a novel attack detection scheme using the dual-source data (DSD) of compromised variables. First, we study the characteristics of the compromised LFC system considering potentially vulnerable variables and different types of attack templates. Second, by designing a variable observer, the relationship between the known security variables and the variables which are at risk of being compromised in the LFC system is established. The features of the data obtained by the observer can reflect those of the true data. Third, a Siamese network (SN) is designed to quantify the distance between the characteristics of measured data and that of observed data. Finally, an attack detection scheme is designed by analyzing the similarity of the DSD. Simulation results verify the feasibility of the detection scheme studied in this paper.

Social Collective Attack Model and Procedures for Large-Scale Cyber-Physical Systems

A large-scale Cyber-Physical System (CPS) such as a smart grid usually provides service to a vast number of users as a public utility. Security is one of the most vital aspects in such critical infrastructures. The existing CPS security usually considers the attack from the information domain to the physical domain, such as injecting false data to damage sensing. Social Collective Attack on CPS (SCAC) is proposed as a new kind of attack that intrudes into the social domain and manipulates the collective behavior of social users to disrupt the physical subsystem. To provide a systematic description framework for such threats, we extend MITRE ATT&CK, the most used cyber adversary behavior modeling framework, to cover social, cyber, and physical domains. We discuss how the disinformation may be constructed and eventually leads to physical system malfunction through the social-cyber-physical interfaces, and we analyze how the adversaries launch disinformation attacks to better manipulate collective behavior. Finally, simulation analysis of SCAC in a smart grid is provided to demonstrate the possibility of such an attack.

State-Saturated Recursive Filter Design for Stochastic Time-Varying Nonlinear Complex Networks Under Deception Attacks

This article tackles the recursive filtering problem for a class of stochastic nonlinear time-varying complex networks (CNs) suffering from both the state saturations and the deception attacks. The nonlinear inner coupling and the state saturations are taken into account to characterize the nonlinear nature of CNs. From the defender's perspective, the randomly occurring deception attack is governed by a set of Bernoulli binary distributed white sequence with a given probability. The objective of the addressed problem is to design a state-saturated recursive filter such that, in the simultaneous presence of the state saturations and the randomly occurring deception attacks, a certain upper bound is guaranteed on the filtering error covariance, and such an upper bound is then minimized at each time instant. By employing the induction method, an upper bound on the filtering error variance is first constructed in terms of the solutions to a set of matrix difference equations. Subsequently, the filter parameters are appropriately designed to minimize such an upper bound. Finally, a numerical simulation example is provided to demonstrate the feasibility and usefulness of the proposed filtering scheme.

The Effect of SMiShing Attack on Security of Demand Response Programs

Demand response (DR) is a vital element for a reliable and sustainable power grid. Consumer behavior is a key factor in the success of DR programs. In this study, we focus on how consumer reaction to Short Messaging Service (SMS) messages can disturb the demand response. We present a new type of threat to DR programs using SMS phishing attacks. We follow a holistic approach starting from a risk assessment focusing on DR programs’ notification message security following the Smart Grid Information Security (SGIS) risk methodology. We identify threats, conduct impact analysis, and estimate the likelihood of the attacks for various attacker types and motivations. We implemented deterministic and randomized attack scenarios to demonstrate the success of the attack using a state-of-the-art simulator on the IEEE European Low Voltage Feeder Test System. Simulations show that the attack results in local outages, which may lead to large-scale blackouts with the cascading effect on the power system. We conclude that this is a new type of threat that has been overlooked, and it deserves more attention as mobile devices will continually be part of our lives.

A Comprehensive Review of the Cyber-Attacks and Cyber-Security on Load Frequency Control of Power Systems

Power systems are complex systems that have great importance to socio-economic development due to the fact that the entire world relies on the electric network power supply for day-to-day life. Therefore, for the stable operation of power systems, several protection and control techniques are necessary. The power system controllers should have the ability to maintain power system stability. Three important quantities that should be effectively controlled to maintain the stability of power systems are frequency, rotor angle, and voltage. The voltage control in power systems maintains the voltage and reactive power within the required limits and the power factor control enhances the efficiency of power distribution systems by improving load power factors. Among various controls, the frequency control is the most time-consuming control mechanism of power systems due to the involvement of mechanical parts. As the control algorithms of frequency stabilization deliver control signals in the timescale of seconds, load frequency control (LFC) systems cannot handle complicated data validation algorithms, making them more vulnerable to disturbances and cyber-attacks. In addition, the LFC system has extended digital layers with open communication networks and is designed to operate with less human intervention. Moreover, the frequency fluctuation due to load change or cyber-attack in one area affects all other interconnected areas, and thus threatens the stability of the entire network. Due to these circumstances, research activities are still carried out in the field of frequency control and cyber-security. In this paper, a comprehensive review of the cyber-security of the LFC mechanism in the power system is presented. The highlights of the paper include the identification of attack points of different configurations of the LFC system, discussion of the attack strategies, formulation of various attack models, and a brief review of the existing detection and defense mechanisms against cyber-attacks on LFC.

Robustness of Short-Term Wind Power Forecasting against False Data Injection Attacks

The accuracy of wind power forecasting depends a great deal on the data quality, which is so susceptible to cybersecurity attacks. In this paper, we study the cybersecurity issue of short-term wind power forecasting. We present one class of data attacks, called false data injection attacks, against wind power deterministic and probabilistic forecasting. We show that any malicious data can be injected to historical data without being discovered by one of the commonly-used anomaly detection techniques. Moreover, we testify that attackers can launch such data attacks even with limited resources. To study the impact of data attacks on the forecasting accuracy, we establish the framework of simulating false data injection attacks using the Monte Carlo method. Then, the robustness of six representative wind power forecasting models is tested. Numerical results on real-world data demonstrate that the support vector machine and k-nearest neighbors combined with kernel density estimator are the most robust deterministic and probabilistic forecasting ones among six representative models, respectively. Nevertheless, none of them can issue accurate forecasts under very strong false data attacks. This presents a serious challenge to the community of wind power forecasting. The challenge is to study robust wind power forecasting models dealing with false data attacks.

False data injection against state estimation in power systems with multiple cooperative attackers

Given the strong cyber-physical interactions in today's smart grid, false data injection (FDI) attack can readily mislead the state estimation and influence the system operation by manipulating meter measurements. In this paper, a new FDI attack strategy is considered where multiple attackers cooperatively launch an unobservable attack. Firstly, the entire transmission system is partitioned into several subsystems, with each attacker only acquiring and manipulating the measurements in its local area. With limited communications among neighboring attackers, all of them can successfully modify the estimated states without being detected. In addition, by taking practical constraints into account, a least-effort attack problem is formulated and subsequently solved by a distributed alternating direction method of multipliers (ADMM)-based approach. Several case studies implemented on a 4-bus and IEEE 118-bus power systems have finally demonstrated the effectiveness of the proposed approach in the scenario of multiple attackers.

Ship Security Relative Integrated Navigation with Injected Fault Measurement Attack and Unknown Statistical Property Noises

In this work, the ship relative integrated navigation approaches are studied for the navigation scenarios with the measurements disturbed by unknown statistical property noises and with the injected fault measurement attacks. On the basis of the limited energy property of system noises, the navigation states are estimated by the local finite horizon H∞ filter to satisfy the performance index function. Then, the local estimates are fused in the relative integrated navigation system with the weight fusion parameters obtained by using the local estimate error measurements. Further, the injected fault measurement attacks are considered in the relative integrated navigation systems. Due to the system noises and the measurement noises having unknown statistical property, the classical Chi-square test can hardly be utilized to detect the injected fault measurements. Therefore, a secure relative integrated navigation method is proposed with a distance-based clustering detector. The finial simulation results illustrate the effectiveness of the proposed relative integrated navigation approach and the proposed secure relative integrated navigation approach.

Distributed H∞ Estimation in Sensor Networks With Two-Channel Stochastic Attacks

This paper is concerned with the distributed estimation problem in sensor networks subjected to unknown attacks. Network attacks are considered to exist in two classes of channels: 1) communication channels from the plant to sensors and 2) communication channels among sensors. The status of an attack is viewed as a stochastic phenomenon, and the transmitted information will be affected when the attacker successfully carries out an attack on the related data packet. Based on the sensors' own measurements and their neighbors' local information, a novel distributed estimation model against two-channel stochastic attacks is presented. A sufficient condition on the existence of the desired distributed H _∞ estimators is derived and the distributed estimator gains are designed by solving a linear matrix inequality. Two illustrative examples are provided to demonstrate the effectiveness of the new design techniques.

Transactive Energy to Thwart Load Altering Attacks on Power Distribution Systems

The automatic generation control mechanism in power generators comes into operation whenever an over-supply or under-supply of energy occurs in the power grid. It has been shown that the automatic generation control mechanism is highly vulnerable to load altering attacks. In this type of attack, the power consumption of multiple electric loads in power distribution systems is remotely altered by cyber attackers in such a way that the automatic generation control mechanism is disrupted and is hindered from performing its pivotal role. The existing literature on load altering attacks has studied implementation, detection, and location identification of these attacks. However, no prior work has ever studied design of an attack-thwarting system that can counter load altering attacks, once they are detected in the power grid. This paper addresses the above shortcoming by proposing an attack-thwarting system for countering load altering attacks. The proposed system is based on provoking real-time adjustment in power consumption of the flexible loads in response to the frequency disturbances caused by the load altering attacks. To make the adjustments in-proportion to the frequency disturbances, the proposed attack-thwarting system uses a transactive energy framework to establish a coordination between the flexible loads and the power grid operator.

Distributed Control Methods and Impact of Communication Failure in AC Microgrids: A Comparative Review

The objectives of this paper are to review and compare the distributed control methods in AC microgrids and also to identify the impact of communication failure on this type of the controller. The current AC microgrids are distinguished from the traditional power system topologies because of the high penetration of advanced control methods, measurements, sensors, power electronic devices, and communication links. Also, because of the increasing integration of renewable energy sources, control strategy for congestion management, frequency control, and optimal dispatch of microgrids has become more complicated. This paper explains the characteristics and features of distributed control systems and discusses the challenges of these approaches. In addition, a comprehensive review of the advantages and disadvantages of these techniques are explained in detail. On the other hand, the possible challenges, related to communication failure, noise, delay, and packet dropout on the operation of the distributed controller are presented, and several techniques, which reduce the impact of communication failure of the distributed controller, are compared. This comprehensive study on distributed control systems reveals the challenges in and future possible studies on this issue.

Mitigating the Impacts of Covert Cyber Attacks in Smart Grids Via Reconstruction of Measurement Data Utilizing Deep Denoising Autoencoders

As one of the most diversified cyber-physical systems, the smart grid has become more decumbent to cyber vulnerabilities. An intelligently crafted, covert, data-integrity assault can insert biased values into the measurements collected by a sensor network, to elude the bad data detector in the state estimator, resulting in fallacious control decisions. Thus, such an attack can compromise the secure and reliable operations of smart grids, leading to power network disruptions, economic loss, or a combination of both. To this end, in this paper, we propose a novel idea for the reconstruction of sensor-collected measurement data from power networks, by removing the impacts of the covert data-integrity attack. The proposed reconstruction scheme is based on a latterly developed, unsupervised learning algorithm called a denoising autoencoder, which learns about the robust nonlinear representations from the data to root out the bias added into the sensor measurements by a smart attacker. For a robust, multivariate reconstruction of the attacked measurements from multiple sensors, the denoising autoencoder is used. The proposed scheme was evaluated utilizing standard IEEE 14-bus, 39-bus, 57-bus, and 118-bus systems. Simulation results confirm that the proposed scheme can handle labeled and non-labeled historical measurement data and results in a reasonably good reconstruction of the measurements affected by attacks.

Real Time Security Assessment of the Power System Using a Hybrid Support Vector Machine and Multilayer Perceptron Neural Network Algorithms

In today’s grid, the technological based cyber-physical systems have continued to be plagued with cyberattacks and intrusions. Any intrusive action on the power system’s Optimal Power Flow (OPF) modules can cause a series of operational instabilities, failures, and financial losses. Real time intrusion detection has become a major challenge for the power community and energy stakeholders. Current conventional methods have continued to exhibit shortfalls in tackling these security issues. In order to address this security issue, this paper proposes a hybrid Support Vector Machine and Multilayer Perceptron Neural Network (SVMNN) algorithm that involves the combination of Support Vector Machine (SVM) and multilayer perceptron neural network (MPLNN) algorithms for predicting and detecting cyber intrusion attacks into power system networks. In this paper, a modified version of the IEEE Garver 6-bus test system and a 24-bus system were used as case studies. The IEEE Garver 6-bus test system was used to describe the attack scenarios, whereas load flow analysis was conducted on real time data of a modified Nigerian 24-bus system to generate the bus voltage dataset that considered several cyberattack events for the hybrid algorithm. Sising various performance metricion and load/generator injections, en included in the manuscriptmulation results showed the relevant influences of cyberattacks on power systems in terms of voltage, power, and current flows. To demonstrate the performance of the proposed hybrid SVMNN algorithm, the results are compared with other models in related studies. The results demonstrated that the hybrid algorithm achieved a detection accuracy of 99.6%, which is better than recently proposed schemes.

A Novel Detection Algorithm to Identify False Data Injection Attacks on Power System State Estimation

This paper provides a novel bad data detection processor to identify false data injection attacks (FDIAs) on the power system state estimation. The attackers are able to alter the result of the state estimation virtually intending to change the result of the state estimation without being detected by the bad data processors. However, using a specific configuration of an artificial neural network (ANN), named nonlinear autoregressive exogenous (NARX), can help to identify the injected bad data in state estimation. Considering the high correlation between power system measurements as well as state variables, the proposed neural network-based approach is feasible to detect any potential FDIAs. Two different strategies of FDIAs have been simulated in power system state estimation using IEEE standard 14-bus test system for evaluating the performance of the proposed method. The results indicate that the proposed bad data detection processor is able to detect the false injected data launched into the system accurately.

Supporting Sustainable Maintenance of Substations under Cyber-Threats: An Evaluation Method of Cybersecurity Risk for Power CPS

In the increasingly complex cyber-environment, appropriate sustainable maintenance of substation auto systems (SASs) can lead to many positive effects on power cyber-physical systems (CPSs). Evaluating the cybersecurity risk of power CPSs is the first step in creating sustainable maintenance plans for SASs. In this paper, a mathematical framework for evaluating the cybersecurity risk of a power CPS is proposed considering both the probability of successful cyberattacks on SASs and their consequences for the power system. First, the cyberattacks and their countermeasures are introduced, and the probability of successful cyber-intruding on SASs is modeled from the defender’s perspective. Then, a modified hypergraph model of the SAS’s logical structure is established to quantitatively analyze the impacts of cyberattacks on an SAS. The impacts will ultimately act on the physical systems of the power CPS. The modified hypergraph model can describe more information than a graph or hypergraph model and potentially can analyze complex networks like CPSs. Finally, the feasibility and effectiveness of the proposed evaluation method is verified by the IEEE 14-bus system, and the test results demonstrate that this proposed method is more reasonable to assess the cybersecurity risk of power CPS compared with some other models.

On Reliability Analysis of Smart Grids under Topology Attacks

Building an efficient, smart, and multifunctional power grid while maintaining high reliability and security is an extremely challenging task, particularly in the ever-evolving cyber threat landscape. The challenge is also compounded by the increasing complexity of power grids in both cyber and physical domains. In this article, we develop a stochastic Petri net based analytical model to assess and analyze the system reliability of smart grids, specifically against topology attacks under system countermeasures (i.e., intrusion detection systems and malfunction recovery techniques). Topology attacks, evolving from false data injection attacks, are growing security threats to smart grids. In our analytical model, we define and consider both conservative and aggressive topology attacks, and two types of unreliable consequences (i.e., system disturbances and failures). The IEEE 14-bus power system is employed as a case study to clearly explain the model construction and parameterization process. The benefit of having this analytical model is the capability to measure the system reliability from both transient and steady-state analysis. Finally, intensive simulation experiments are conducted to demonstrate the feasibility and effectiveness of our proposed model.

Trust in control: a trust model for power system network assessment

The question of whether a process variable transmitted from a device in the field to a power system control center is trustworthy is of high importance nowadays. Traditional bad data detection schemes have their limits in cases of elaborated cyberattacks and cascading failures in a system of systems such as a digitalized power system. This paper proposes a trust model designed for power system network assessment (PSNA). Different to other domains, where trust models already exist (e.g., OC-Trust for organic computing systems), the environment for PSNA is more centralized, and the focus lies on other facets than in organic computing due to the nature of the environment. Therefore, OC-Trust is tailored by categorizing its facets regarding their relevance for PSNA on the one hand. On the other hand, the trust model is extended to realize context-sensitive intersections of trust values. Furthermore, an example of an instantiation of the resulting PSNA-Trust model is given. Two security metrics and one credibility metric based on literature are presented as well as an equation for a context-sensitive intersection.

Reliable Control Policy of Cyber-Physical Systems Against a Class of Frequency-Constrained Sensor and Actuator Attacks

This paper is concerned with reliable control problems of cyber-physical systems against a class of frequency-constrained sensor and actuator attacks. We consider a continuous-time linear physical system equipped with an observer-based abnormal detector, and it is assumed that control signals and partial sensor outputs transmitted via network layers are vulnerable to cyber attacks. With the use of detection mechanisms of the abnormal monitor, an upper bound of the worst stealthy attacks is obtained, which is composed of the information of the detector's threshold, the attack's structure, and frequency characteristic. By exploiting the bound information, a novel attack compensator, which can stabilize the system with a nearly desired system performance, is proposed for a situation where an attack may occur without triggering an alarm. Finally, the effectiveness of the proposed control policy is verified by a numerical example.

Model-based approach for cyber-physical attack detection in water distribution systems

Modern Water Distribution Systems (WDSs) are often controlled by Supervisory Control and Data Acquisition (SCADA) systems and Programmable Logic Controllers (PLCs) which manage their operation and maintain a reliable water supply. As such, and with the cyber layer becoming a central component of WDS operations, these systems are at a greater risk of being subjected to cyberattacks. This paper offers a model-based methodology based on a detailed hydraulic understanding of WDSs combined with an anomaly detection algorithm for the identification of complex cyberattacks that cannot be fully identified by hydraulically based rules alone. The results show that the proposed algorithm is capable of achieving the best-known performance when tested on the data published in the BATtle of the Attack Detection ALgorithms (BATADAL) competition (http://www.batadal.net).

Switching and Data Injection Attacks on Stochastic Cyber-Physical Systems

In this article, we consider the problem of attack-resilient state estimation, that is, to reliably estimate the true system states despite two classes of attacks: (i) attacks on the switching mechanisms and (ii) false data injection attacks on actuator and sensor signals, in the presence of stochastic process and measurement noise signals. We model the systems under attack as hidden mode stochastic switched linear systems with unknown inputs and propose the use of a multiple-model inference algorithm to tackle these security issues. Moreover, we characterize fundamental limitations to resilient estimation (e.g., upper bound on the number of tolerable signal attacks) and discuss the topics of attack detection, identification, and mitigation under this framework. Simulation examples of switching and false data injection attacks on a benchmark system and an IEEE 68-bus test system show the efficacy of our approach to recover resilient (i.e., asymptotically unbiased) state estimates as well as to identify and mitigate the attacks.

Towards an Iterated Game Model with Multiple Adversaries in Smart-World Systems

Diverse and varied cyber-attacks challenge the operation of the smart-world system that is supported by Internet-of-Things (IoT) (smart cities, smart grid, smart transportation, etc.) and must be carefully and thoughtfully addressed before widespread adoption of the smart-world system can be fully realized. Although a number of research efforts have been devoted to defending against these threats, a majority of existing schemes focus on the development of a specific defensive strategy to deal with specific, often singular threats. In this paper, we address the issue of coalitional attacks, which can be launched by multiple adversaries cooperatively against the smart-world system such as smart cities. Particularly, we propose a game-theory based model to capture the interaction among multiple adversaries, and quantify the capacity of the defender based on the extended Iterated Public Goods Game (IPGG) model. In the formalized game model, in each round of the attack, a participant can either cooperate by participating in the coalitional attack, or defect by standing aside. In our work, we consider the generic defensive strategy that has a probability to detect the coalitional attack. When the coalitional attack is detected, all participating adversaries are penalized. The expected payoff of each participant is derived through the equalizer strategy that provides participants with competitive benefits. The multiple adversaries with the collusive strategy are also considered. Via a combination of theoretical analysis and experimentation, our results show that no matter which strategies the adversaries choose (random strategy, win-stay-lose-shift strategy, or even the adaptive equalizer strategy), our formalized game model is capable of enabling the defender to greatly reduce the maximum value of the expected average payoff to the adversaries via provisioning sufficient defensive resources, which is reflected by setting a proper penalty factor against the adversaries. In addition, we extend our game model and analyze the extortion strategy, which can enable one participant to obtain more payoff by extorting his/her opponents. The evaluation results show that the defender can combat this strategy by encouraging competition among the adversaries, and significantly suppress the total payoff of the adversaries via setting the proper penalty factor.

A Survey on Industrial Internet of Things: A Cyber-Physical Systems Perspective

The vision of Industry 4.0, otherwise known as the fourth industrial revolution, is the integration of massively deployed smart computing and network technologies in industrial production and manufacturing settings for the purposes of automation, reliability, and control, implicating the development of an Industrial Internet of Things (I-IoT). Specifically, I-IoT is devoted to adopting the Internet of Things (IoT) to enable the interconnection of anything, anywhere, and at anytime in the manufacturing system context to improve the productivity, efficiency, safety and intelligence. As an emerging technology, I-IoT has distinct properties and requirements that distinguish it from consumer IoT, including the unique types of smart devices incorporated, network technologies and quality of service requirements, and strict needs of command and control. To more clearly understand the complexities of I-IoT and its distinct needs, and to present a unified assessment of the technology from a systems perspective, in this paper we comprehensively survey the body of existing research on I-IoT. Particularly, we first present the I-IoT architecture, I-IoT applications (i.e., factory automation (FA) and process automation (PA)) and their characteristics. We then consider existing research efforts from the three key systems aspects of control, networking and computing. Regarding control, we first categorize industrial control systems and then present recent and relevant research efforts. Next, considering networking, we propose a three-dimensional framework to explore the existing research space, and investigate the adoption of some representative networking technologies, including 5G, machine-to-machine (M2M) communication, and software defined networking (SDN). Similarly, concerning computing, we again propose a second three-dimensional framework that explores the problem space of computing in I-IoT, and investigate the cloud, edge, and hybrid cloud and edge computing platforms. Finally, we outline particular challenges and future research needs in control, networking, and computing systems, as well as for the adoption of machine learning, in an I-IoT context.

A Survey of Physics-Based Attack Detection in Cyber-Physical Systems

Monitoring the "physics" of cyber-physical systems to detect attacks is a growing area of research. In its basic form a security monitor creates time-series models of sensor readings for an industrial control system and identifies anomalies in these measurements in order to identify potentially false control commands or false sensor readings. In this paper, we review previous work on physics-based anomaly detection based on a unified taxonomy that allows us to identify limitations and unexplored challenges, and propose new solutions.

Improved Sensor Fault Detection, Isolation, and Mitigation Using Multiple Observers Approach

Traditional Fault Detection and Isolation (FDI) methods analyze a residual signal to detect and isolate sensor faults. The residual signal is the difference between the sensor measurements and the estimated outputs of the system based on an observer. The traditional residual-based FDI methods, however, have some limitations. First, they require that the observer has reached its steady state. In addition, residual-based methods may not detect some sensor faults, such as faults on critical sensors that result in an unobservable system. Furthermore, the system may be in jeopardy if actions required for mitigating the impact of the faulty sensors are not taken before the faulty sensors are identified. The contribution of this paper is to propose three new methods to address these limitations. Faults that occur during the observers' transient state can be detected by analyzing the convergence rate of the estimation error. Open-loop observers, which do not rely on sensor information, are used to detect faults on critical sensors. By switching among different observers, we can potentially mitigate the impact of the faulty sensor during the FDI process. These three methods are systematically integrated with a previously developed residual-based method to provide an improved FDI and mitigation capability framework. The overall approach is validated mathematically, and the effectiveness of the overall approach is demonstrated through simulation on a 5-state suspension system.

An Event-Triggered Approach to State Estimation for a Class of Complex Networks With Mixed Time Delays and Nonlinearities

In this paper, the state estimation problem is investigated for a class of discrete-time complex networks subject to nonlinearities, mixed delays, and stochastic noises. A set of event-based state estimators is constructed so as to reduce unnecessary data transmissions in the communication channel. Compared with the traditional state estimator whose measurement signal is received under a periodic clock-driven rule, the event-based estimator only updates the measurement information from the sensors when the prespecified "event" is violated. Attention is focused on the analysis and design problem of the event-based estimators for the addressed discrete-time complex networks such that the estimation error is exponentially bounded in mean square. A combination of the stochastic analysis approach and Lyapunov theory is employed to obtain sufficient conditions for ensuring the existence of the desired estimators and the upper bound of the estimation error is also derived. By using the convex optimization technique, the gain parameters of the desired estimators are provided in an explicit form. Finally, a simulation example is used to demonstrate the effectiveness of the proposed estimation strategy.