Cyber-security and safety analysis of interconnected water tank control systems

Abstract

Consulta en la Biblioteca ETSI Industriales (8811)

[EN] Over the last few years, wireless sensor networks have become an interesting tool for controlling processes. Their use in this field has significantly increased based on recent technological advances which permit higher computational power, smaller size and lower cost. This makes them very suitable for integration in large networks of hundreds of interconnected motes that work together being spread in huge areas. However, the wireless nature of these systems make them susceptible to remote attacks, for example by hackers. That is, the wireless devices can be externally manipulated to disturb the correct behavior of the process. In some critical facilities, such as, power plants, hospitals, factories using dangerous materials it is very important to ensure the resiliency and safety of the control system even if a hacker takes full control of some wireless nodes. In this thesis, the security of physically interconnected systems controlled over wireless communication networks is analyzed. In particular, each subsystem is modeled as a water tank process and the interconnection between subsystems corresponds to water exchange between different tanks. A general framework to manage and simulate every water tank process has been developed, including the possibility of having hardware-inthe- loop simulations. For each global system, standard centralized controllers were designed and implemented, namely LQR, LQR with integral action, and MPC controllers. The former tools are then used to analyze the resiliency of the global system to deception attacks on sensors and actuators. For a given observer-based detection scheme, two adversary models were developed so that the attacks are not easily detectable. Using the most damaging adversary model, methods to assess the vulnerability of sets of sensors and actuators are proposed. Some experiments were conducted on systems with different interconnection structures to show the effects these attacks in the process and verify the proposed framework.