Supervisor Synthesis to Thwart Cyber Attack with Bounded Sensor Reading Alterations

One of the major challenges about cyber physical systems is how to prevent cyber attacks to ensure system integrity. There has been a large number of different types of attacks discussed in the modern control and computer science communities. In this paper we aim to investigate one special type of attacks in the discrete-event system framework, where an attacker can arbitrarily alter sensor readings after intercepting them from a target system in order to trick a given supervisor to issue control commands improperly, driving the system to an undesirable state. We first consider the cyber attack problem from an attacker point of view, and formulate an attack with bounded sensor reading alterations (ABSRA) problem. We then show that the supremal (or least restrictive) ABSRA exists and can be synthesized, as long as the plant model and the supervisor model are regular, i.e., representable by finite-state automata. Upon the synthesis of the supremal ABSRA, we present a synthesis algorithm, which ensures that a computed supervisor will be ABSRA-robust , i.e., either an ABSRA will be detectable or will not lead the system to an undesirable state.