Neutralizing zero dynamics attack on sampled-data systems via generalized holds. (English) Zbl 1440.93098

Summary: Zero dynamics attacks can be lethal to cyber-physical systems because they can be harmful to physical plants and impossible to detect. Fortunately, if the given continuous-time physical system is minimum phase, the attack is not so effective even if it cannot be detected. However, the situation can become unfavorable if one uses digital control by sampling the sensor measurement and using a zero-order hold for actuation because of the ‘sampling zeros’. When the continuous-time system has a relative degree greater than two and the sampling period is small, the sampled-data system must have unstable zeros (even if the continuous-time system is minimum phase), so that the cyber-physical system becomes vulnerable to ‘sampling zero dynamics attack’. In this paper, we present an idea to neutralize the zero dynamics attack for single-input and single-output sampled-data systems by shifting the unstable discrete-time zeros into stable ones. This idea is realized by employing the so-called ‘generalized hold’ which replaces a standard zero-order hold. It is shown that, under mild assumptions, a generalized hold exists which places the discrete-time zeros at desired positions. Furthermore, we formulate the design problem as an optimization problem whose performance index is related to the inter-sample behavior of the physical plant, and propose an optimal gain which alleviates the performance degradation caused by generalized hold as much as possible.


93B55 Pole and zero placement problems
93C57 Sampled-data control/observation systems
93C62 Digital control/observation systems
93C83 Control/observation systems involving computers (process control, etc.)
93B70 Networked control
68M25 Computer security


Full Text: DOI


[1] Back, J., Kim, J., Lee, C., Park, G., & Shim, H. (2017). Enhancement of security against zero dynamics attack via generalized hold. In Proc. of IEEE conference on decision and control (pp. 1350-1355).
[2] Conti, J. P., The day the samba stopped, Engineering and Technology, 5, 46-47 (2010)
[3] Dorf, R. C.; Bishop, R. H., Modern control systems (2008), Pearson
[4] Fawzi, H.; Tabuada, P.; Diggavi, S., Secure estimation and control for cyber-physical systems under adversarial attacks, IEEE Transactions on Automatic Control, 59, 1454-1467 (2014) · Zbl 1360.93201
[5] Hoehn, A., & Zhang, P. (2016). Detection of covert attacks and zero dynamics attacks in cyber-physical systems. In Proc. of American control conference (pp. 302-307).
[6] Kabamba, P., Control of linear systems using generalized sampled-data hold functions, IEEE Transactions on Automatic Control, 32, 772-783 (1987) · Zbl 0627.93049
[7] Khalil, H. K., Nonlinear systems (2002), Prentice-Hall: Prentice-Hall Upper Saddle River, NJ
[8] Langner, R., Stuxnet: Dissecting a cyberwarfare weapon, IEEE Security Privacy Magazine, 9, 49-51 (2011)
[9] Langner, R., Analysis of the cyber attack on the Ukrainian power grid (2016)
[10] Lee, C., Shim, H., & Eun, Y. (2015). A secure and robust state estimation under sensor attacks, measurement noise, and process disturbances: observer-based combinatorial approach. In Proceedings of the 14th European control conference (pp. 1866-1871).
[11] Lee, C.; Shim, H.; Eun, Y., On redundant observability: From security index to attack detection and resilient state estimation, IEEE Trans. Automat. Control (2019), (Early Access) · Zbl 1482.93351
[12] Liu, Y.; Ning, P.; Reiter, M. K., False data injection attacks against state estimation in electric power grids, ACM Transactions on Information and System Security, 14, 1-33 (2011)
[13] Mattingley, J.; Boyd, S., CVXGEN: a code generator for embedded convex optimization, Opt. Eng., 13, 1-27 (2012) · Zbl 1293.65095
[14] Mo, Y., & Sinopoli, B. (2009). Secure control against replay attacks. In Proc. of annual allerton conference on communication, control, and computing (pp. 911-918).
[15] Mori, T., Note on the absolute value of the roots of a polynomial, IEEE Trans. Automat. Control, 29, 54-55 (1984) · Zbl 0529.65021
[16] Naghnaeian, M., Hirzallah, N., & Voulgaris, P. G. (2015). Dual rate control for security in cyber-physical systems. In Proc. of IEEE conference on decision and control (pp. 1415-1420).
[17] Park, G., Lee, C., & Shim, H. (2018). On stealthiness of zero-dynamics attacks against uncertain nonlinear systems: a case study with quadruple-tank process. In Proc. of international symposium on mathematical theory of networks and systems (pp. 10-17).
[18] Park, G., Shim, H., Lee, C., Eun, Y., & Johansson, K. H. (2016). When adversary encounters uncertain cyber-physical systems: robust zero-dynamics attack with disclosure resources. In Proc. of IEEE conference on decision and control (pp. 5085-5090).
[19] Teixeira, A., Shames, I., Sandberg, H., & Johansson, K. H. (2012). Revealing stealthy attacks in control systems. In Proc. of annual allerton conference on communication, control, and computing (pp. 1806-1813).
[20] Teixeira, A.; Shames, I.; Sandberg, H.; Johansson, K. H., A secure control framework for resource-limited adversaries, Automatica, 51, 135-148 (2015) · Zbl 1309.93020
[21] Yuz, J. I.; Goodwin, G. C., Sampled-data models for linear and nonlinear systems (2014), Springer-Verlag · Zbl 1353.93004
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. It attempts to reflect the references listed in the original paper as accurately as possible without claiming the completeness or perfect precision of the matching.