LQG control under Denial-of-Service attacks: An experimental study

2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA) Pub Date : 2015-10-26 DOI:10.1109/ETFA.2015.7301498

Haiding Tang, Zhouzheng Lu, Lifu Zhang, Yang Chen, Peng Cheng, Jiming Chen

{"title":"LQG control under Denial-of-Service attacks: An experimental study","authors":"Haiding Tang, Zhouzheng Lu, Lifu Zhang, Yang Chen, Peng Cheng, Jiming Chen","doi":"10.1109/ETFA.2015.7301498","DOIUrl":null,"url":null,"abstract":"Recently, the industrial wireless protocols have been widely used around the world. However, the unreliable communication media between the sensors and the central controller renders the wireless signal channel vulnerable to many attacks. Various efforts have been devoted to study the influence of specific malicious attacks from the aspect of theoretical investigation based on different assumptions. This paper focuses on verifying the optimal Denial-of-Service (DoS) jamming attack strategy on a class of wireless industrial control system from the view of experiments. We first introduce typical control system model and DoS attack model, and an optimal DoS attack schedule against LQG control based on these models. Then, we establish a semi-physical security testbed which consists of virtual plant, physical controller and communication process. We also realize wireless DoS attacks by exploiting the USRP device. Through extensive experiments and analysis, we investigate the performance of different DoS attack strategies on the LQG control system over an inverted pendulum.","PeriodicalId":6862,"journal":{"name":"2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA)","volume":"12 1","pages":"1-7"},"PeriodicalIF":0.0000,"publicationDate":"2015-10-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ETFA.2015.7301498","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

Recently, the industrial wireless protocols have been widely used around the world. However, the unreliable communication media between the sensors and the central controller renders the wireless signal channel vulnerable to many attacks. Various efforts have been devoted to study the influence of specific malicious attacks from the aspect of theoretical investigation based on different assumptions. This paper focuses on verifying the optimal Denial-of-Service (DoS) jamming attack strategy on a class of wireless industrial control system from the view of experiments. We first introduce typical control system model and DoS attack model, and an optimal DoS attack schedule against LQG control based on these models. Then, we establish a semi-physical security testbed which consists of virtual plant, physical controller and communication process. We also realize wireless DoS attacks by exploiting the USRP device. Through extensive experiments and analysis, we investigate the performance of different DoS attack strategies on the LQG control system over an inverted pendulum.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

拒绝服务攻击下LQG控制的实验研究

近年来，工业无线协议在世界范围内得到了广泛的应用。然而，传感器与中央控制器之间的通信介质不可靠，使得无线信号通道容易受到多种攻击。基于不同的假设，从理论研究的角度对特定恶意攻击的影响进行了多方面的研究。本文从实验的角度验证了一类无线工业控制系统的最优拒绝服务(DoS)干扰攻击策略。首先介绍了典型的控制系统模型和DoS攻击模型，并在此基础上提出了针对LQG控制的最优DoS攻击调度方案。然后，我们建立了一个由虚拟设备、物理控制器和通信过程组成的半物理安全试验台。我们还利用USRP设备实现了无线DoS攻击。通过大量的实验和分析，我们研究了不同的DoS攻击策略在倒立摆上的LQG控制系统上的性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA)

自引率

0.00%

发文量