Security of Cyber-Physical Systems

This research investigates resilient cyber-physical systems (CPS) against coordinated cyber and physical attacks (CCPA). When physical damage is coupled with cyber attacks, it raises a unique challenge with respect to CPS safety. Although significant research has been done to counter either cyber or physical attacks, the existing approaches fail to work harmoniously to counter CCPA. In addition, complete verification of CPS against CCPA is still a great challenge, since there is a lack of unified scientific understanding of resilient CPS and supporting technologies against CCPA. We propose an integrated architecture for CPS security and fault-tolerance, which is an implementable and theoretically substantiated framework with reduced complexity for its software architecture.


To illustrate the challenges and validate the theoretical approaches in this integrated CPS framework, we focus on UAV platforms. During flight tests, the output signals of the autonomous UAVs are sampled by sensors. Based on the sensed data, control decisions are made by the flight control system. To ensure safety, the state of the aircraft, such as angle of attack and/or pitch angle, must stay inside an appropriate stability envelope. The fault and attack models under consideration are generic, including mechanical faults due to physical faults/attacks and the resulting stability envelope faults (e.g., the active envelope is not appropriate for the aircraft with the faulty dynamics), complex controller software faults due to software defects or cyber attacks (e.g., malware execution or interference in low-level computing resources during critical points), and sensor faults due to sensor faults/interference/spoofing.


(a) A quadcopter drone controlled by an open-source autopilot when it is killed by a malicious Linux kernel module. (b) The drone is controlled by a virtual controller sandboxed in a virtual machine. Upon the detection of a security violation (such as the process termination, which leads to an open-loop state), the safety controller takes over the control and keeps the drone in a controllable state.


  1. Security and Safety Monitor Design for CCPA Detection: Zero Dynamics Attacks and Sampled-Data Control (Click to read more)
  2. Safety Controller Design: ARSimplex (Click to read more)