Unknown Sensor Attacks in Supervisory Control of DES

  • Michel R. C. Alves Graduate Program in Electrical Engineering - Universidade Federal de Minas Gerais, Belo Horizonte, MG
  • Patrícia N. Pena Department of Electronics Engineering - Universidade Federal de Minas Gerais, Belo Horizonte, MG
  • Karen Rudie Department of Electrical and Computer Engineering, and Ingenuity Labs Research Institute, Queen’s University, Kingston, Ontario
Keywords: Discrete-event system, Supervisory control, Attacks on output symbols, P-observability


The background for this work is the supervisory control of discrete-event systems under partial observation. Attackers that are able to insert or erase occurrences of particular output symbols can modify the supervisor's observation and, by doing so, can lead the controlled system to undesirable states. A scenario with multiple attackers is considered, each one being an element of a set, called an \textit{attack set}. We also assume that only one of the attackers within an attack set is acting, although we don't know which one. According to previous results in the literature, a supervisor that enforces a given legal language, regardless of which attacker is acting, can be designed if the legal language is controllable and satisfies a property called P-observability for an attack set. The latter is an extended notion of observability and is related with the supervisor's ability to always distinguish between outputs that require different control actions, even if the outputs were attacked. We present a new approach for checking if a given language is P-observable for an attack set when it is represented as an automaton.