Co-design Of Comprehensive Security Control And Communication For Nonlinear CPS Under Different Triggered Communication Schemes

With the rapid development and deep integration of computer,communication and control technologies,human production and life have undergone tremendous changes.The emergence of Internet of Things,"Internet+" and other technologies has enhanced the interaction and collaboration between human and machines,and the traditional point-to-point control system can no longer meet the application needs,thus giving rise to Cyber-Physical Systems(CPS).The development of CPS has greatly facilitated intelligent sensing,information communication and real-time interaction between information computing and physical processes,promoting the transformation and upgrading and leapfrog development of intelligent manufacturing,industrial automation,power systems and other fields,but also brings new pain points and challenges,such as:under the complex and open communication network and changeable and harsh physical environment,how to build an integrated security control system framework to ensure the safe and stable operation of CPS against cyber attacks and physical faults;how to design a more adaptive communication mechanism to effectively address this growing conflict between limited network bandwidth and the explosive growth of real-time interactive data;and how to make the widely existing nonlinear CPS to achieve the co-design of attack tolerance,fault tolerance and network communication,etc.In view of this,under the Discrete Event-Triggered Communication Scheme(DETCS)and Adaptive Discrete Event-Triggered Communication Scheme(ADETCS),respectively,this study considers nonlinear CPS with Denial of Service(DoS)or False Data Injection(FDI)attacks and actuator time-varying fault,based on the T-S fuzzy model,the co-design problem of CPS comprehensive security control and network communication is studied by combining mechanism analysis with data-driven methods.The main work and contributions are as follows:1)A comprehensive security architecture with defense capability is built by introducing DETCS and ADETCS for nonlinear CPS with cyber attacks and physical faults.Considering the different impacts of FDI attacks on the system in the double-end network,the active-passive and active attack-tolerant strategies for FDI attacks are proposed respectively by combining the optimal allocation of computing resources to respond to the attacks in a robust manner,or compensate and separate the attacks based on the real-time estimated values.Considering the properties of DoS attacks that hinder or delay communication,its impact is described as a special time delay.Combining with the maximum allowable time delay constraint of the system,a DoS attack detection mechanism is established,and based on this,the DoS attack is divided into high and small low levels,and an active-passive hybrid attack-tolerance strategy for DoS attack is proposed by resilient control or based on PID thought or the time series of machine learning algorithm.While defending against cyber attacks,an active fault-tolerance strategy based on the idea of fault regulation is designed for actuator time-varying faults.Thus,a comprehensive security defense system architecture of CPS with coexistence of cyber attacks and physical faults is constructed,which lays the foundation for the subsequent theoretical research.2)Considering FDI attacks and actuator fault,the co-design problem of comprehensive security control and network communication of nonlinear CPS is investigated under DETCS and ADETCS,respectively.Under DETCS,FDI attacks and actuator fault are estimated simultaneously with the help of an observer,and FDI attack on the actuator side is actively responded to in a compensated manner based on its estimated value,while FDI attack on the sensor side is passively responded to in a robust manner by feedback control.Based on T-S fuzzy model,Lyapunov and time delay system theories,and combining with the affine Bessel-Lebendre inequality and reciprocally convex combination lemma,a co-design method for comprehensive security control with active-passive attack-tolerant and active fault-tolerant and network communication is investigated.Further,by establishing a new type of ADETCS,and through the original estimator is moved to the control unit of the intelligent sensor unit,to reorganize and configuration of the CPS,and the double-end FDI attacks is actively responded to in the way of compensation and separation,a more excellent co-design method for comprehensive security control with active attack-tolerant and active fault-tolerant and network communication of nonlinear CPS is obtained.3)Considering DoS attacks and actuator fault,the co-design problem of comprehensive security control and network communication of nonlinear CPS is studied under DETCS and ADETCS,respectively.The properties of packet loss caused by DoS attacks under different communication mechanisms are considered,and their impact on the system is transformed into a special time-varying delay by the amount of packet loss.Firstly,under DETCS,considering multi-objective constraints such as H∞ performance and α-stability,a co-design method for comprehensive security control with passive attack-tolerant and active fault-tolerant and network communication is proposed.Then,based on the PID idea,the nonlinear CPS has both active and passive tolerant ability to DoS attacks by compensating the loss of control quantity caused by high energy DoS attacks in real time.Further,under the new ADETCS,the time series prediction model of control quantity is established with the help of extreme learning machine algorithm to reconstruct the packet loss of control volume caused by high-energy DoS attacks,and a co-design method of comprehensive security control with active-passive attack-tolerant and active fault-tolerant and network communication for nonlinear CPS with stronger response to DoS attacks is obtained.4)The effectiveness and availability of the obtained theoretical results were experimentally investigated in a stand-alone version,or built CPS comprehensive security control semi-entity experimental platform,respectively.Firstly,in the main research work 2)and 3),a simulation study was carried out in a stand-alone version using the classical quadruple-tank system.In terms of defense performance,the active attack-tolerance control is better than passive,and ADETCS is better than DETCS in terms of resource saving,especially when combining with data-driven technology,thus achieving a better compromise balance between comprehensive security control and network communication.On this basis,adopting the campus LAN as the communication medium and OPC communication protocol,the CPS comprehensive security control experiment platform was developed with the help of hardware such as Siemens S7-300 PLC and PC,and software such as Step7,Simatic Net and Matlab,etc.Under DETCS and ADETCS respectively,the semi-entity experiment verification of some theoretical results was carried out,and conclusions consistent with the results of the stand-alone version were obtained.The experimental results fully demonstrate that the theoretical methods in the paper can provide a basis for practical engineering design of CPS,and also confirm the reliability and flexibility of the platform.