Workshop on CPS security (IEEE CDC '22)

Cyber-security in control of CPS: Recent developments and open challenges


(Conference workshop website)

Recent events of cyber-attacks such as Ukraine power grid hack, Iranian nuclear plants (Stuxnet), German steel mills incident, around the world have demonstrated that cyber-attacks are inevitable. More advanced attacks such as transduction attacks have led to increased risk as more and more devices and systems have become vulnerable to such external threats.

Most common cyber tools used for CPS security focus on attack detection and prevention, utilizing tools such as encryption, privacy-preserving control, redundancy (in communication links, control blocks or sensors). Attack detection is a crucial aspect for security, and there has been a lot of development in development of effective attack-detection schemes, including comparing the expected behavior of the system with its actual behavior to flag an attack. On the other hand, a pure control-theoretic framework focuses on attack recovery for CPS security and takes a fault-tolerant control design approach or a robust control approach. A cyber-control-theory approach focuses on attack detection, mitigation as well as recovery of a CPS after attack and preserving crucial properties such as safety and preventing the system from failures. Some example of such tools include actuator constraining to limit how much an attacker can manipulate the system, using physics-based virtual sensors to assist feedback design under sensor-attacks, conservative, safe controller to be used at all times so that an attack is ineffective or a back-up controllers to be used when an attack is detected.

However, much work still needs to be done in the field of CPS security with provable guarantees. In particular, providing guarantees on attack-mitigation and recovery is largely an open problem. Some recent developments on the matter include privacy preserving control and using machine learning-based techniques to detect and respond to adversarial attacks. Moreover, the paradigm of internet-of-things and internet-of-everything has led to an unprecedented increment in attack-surfaces, and new attack use-cases or scenarios might emerge that are currently unknown. 

The main goal of the workshop is to highlight recent advances and developments in the role of control theory in solving security problems of cyber-physical systems (CPS) and discuss some of the important open problems in CPS security. This workshop aims to bring together experts from cyber-security and control theory to discuss how sensors, actuators, or communications links of CPS can be attacked, and how control-theoretic tools can help prevent, minimize, and enable recovery from such attacks. 

The expected outcome of the workshop is to strengthen the knowledge of the researchers from various backgrounds on the topic of CPS security, on how control-theoretic tools can be used beyond just motion planning, and to discuss some of the pressing issues in the field with the domain experts.

The target audience comprises graduate level control theorists, computer scientists and engineers, as well as researchers with a strong interest in CPS security and control, either from a theoretical or an application perspective. In particular, the main topics being covered are:

  • Characterization of cyber-attacks

  • Techniques for identification of system vulnerabilities

  • Attack-resilience methods and approaches

  • Methods for detecting and classifying attacks

  • Approaches for attack response and autonomous recovery 


Invited speakers

  1. Dr. Andreea Alexandru 

​           Postdoctoral associate, Department of Computer Science 

           University of Maryland, College Park, MD 20742


           Tentative topic: Opportunities and Challenges of using Cryptography for CPS Security

           Abstract: At a high level, ensuring the security of Cyber Physical Systems (CPS) can be achieved by simultaneously ensuring the privacy of the underlying sensitive data and the integrity of performed computations over the true data. Therefore, when devising secure control algorithms, we need to integrate methods for detecting anomalies and obtaining control performance with methods for achieving privacy against malicious agents. In this presentation, I will go over common threats and how to alleviate them using cryptographic tools, such as encryption and authentication, secure computation schemes and zero-knowledge proofs. Finally, I will outline current limitations and opportunities of applying cryptography on CPS along with physics-based tools.

  1. Prof. Yasser Shoukry

            Assistant Professor, Department of Electrical and Computer Engineering

           University of California, Irvine


           Tentative topic: Model Extraction Attacks Against Reinforcement Learning-Based Controllers: Attacks and Countermeasures

           Abstract: In this talk, I will introduce the problem of model-extraction attacks in cyber-physical systems in which an attacker attempts to estimate (or extract) the feedback controller of the system. Extracting (or estimating) the controller provides an unmatched edge to attackers since it allows them to predict the future control actions of the system and plan their attack accordingly. Hence, it is important to understand the ability of the attackers to perform such an attack. In this talk, I will focus on the case when a Deep Neural Network (DNN) controller is trained using Reinforcement Learning (RL) algorithms and is used to control a stochastic system. First, I will play the role of the attacker that aims to estimate such an unknown DNN controller and propose an algorithm with provable guarantees in terms of the error between the unknown DNN and the estimated one. Next, I will describe the use of neurosymbolic training of RL controllers as a countermeasure for such attacks.


  1. Dr. Kunal Garg

           Postdoctoral Associate, Department of Aeronautics and Astronautics

           Massachussets Institute of Technology, MA, 02139


           Tentative topic: Provable security of CPS using control barrier functions 

           Abstract: In this talk, I will talk about control-theoretic methods of mitigating cyber attacks on CPS using the notion of Control Barrier Functions (CBFs) with provable guarantees. We will focus on the safety property, where by safety, we mean that the system trajectories remain in a user-defined safe set (such as a region that does not overlap with obstactles or restricted zones). We will talk about attacks on system actuators, that can lead to loss of partial or full control of subset of the actuators of a CPS, and derive new CBF conditions that can guarantee safety even under attacks from a set of initial conditions inside the safe set. We will then discuss a computationally efficient and scalable sampling-based method of computing this set of initial conditions. Then, we will show how we can use CBF conditions for detecting attacks on CPS, and switch to a safe controller once an attack is detected. We will demonstrate the efficacy of the proposed method on a 6DOF case study where one of the motors is attacked by an adversary. Finally, we will discuss some interesting directions that are still unexplored and unanswered, in the field of provable guarantees of security for CPS.

  1. Prof. Jairo Giraldo

           Research Assistant Professor, Electrical & Computer Engineering

           University of Utah,Salt Lake City, UT, 84112


           Tentative topic: Moving target defense for attack detection and impact mitigation in cyber-physical systems 

           AbstractCyber-Physical Systems (CPS) have traditionally been considered more static  with  more  regular  communication  patterns  when  compared  to  classical information  technology  networks.  Because  the  structure  of  most  CPS  remains unchanged during long periods of times, they become vulnerable to adversaries with the precise knowledge of the system, and who can tailor their attacks based on their knowledge about the system dynamics, communications, and control. Moving Target Defense (MTD) has emerged as a key strategy to add uncertainty about the state and execution of a system in order to prevent attackers from having predictable effects with their attacks.

In this module, several MTD strategies will be introduced where monitoring and control signals are randomly transmitted in order to make harder for adversaries to gather relevant information while reducing the impact of false-data injection attacks. The random transmission policies are designed  to guarantee almost surely asymptotic stability while limiting the performance degradation induced by the MTD approach during normal operation. Applications in multi-agent vehicle systems, industrial control systems, and the power grid will be illustrated.

  1. Prof. Miroslav Pajic

           Associate Professor, Department of Electrical and Computer Engineering and Department of Computer Science

           Duke University, Durham, NC, 27708


           Tentative topic: Security of Perception-based Control: Modeling and Fundamental Limits

            AbstractWe will present our study of the performance of perception-based control systems in the presence of attacks. We will focus on a wide class of stochastic nonlinear control systems, and provide methods to model and analyze their resiliency to stealthy attacks on both physical and perception-based sensing. We will introduce the notions of attack effectiveness and stealthiness that are independent of the employed anomaly detectors, and consider attacks with different levels of runtime knowledge about the plant and its states. We will present sufficient conditions for existence of stealthy effective attacks that force the plant state into an unsafe region without being detected by any employed detector. Finally, on realistic automotive case studies, we will demonstrate the effectiveness of the presented models, focusing on security analysis of automotive controllers that employ multi-modal (camera, LiDAR) perception.

  1. Prof. Justn Ruths

           Assistant Professor, Mechanical Engineering

           University of Texas, Dallas


           Tentative topic: Distribution- and Set-Based, Model-Based Attack Detection

           Abstract Our group has focused on quantifying the effect that an attacker can have on a system, which is a function of the dynamics of the system, sources of uncertainty, the choice of the controller and state estimator, and the methods used to defend against and detect attacks. This talk will summarize our model-based approach for attack detection and show how this provides a structure to determine attack impact. In particular, we will discuss model-based attack detection when uncertainty is quantified by distributions and by sets and also how data-driven estimators or detectors can be incorporated into this analytic framework.


  1. Prof. Henrik Sandberg

           Professor, School of Electrical Engineering and Computer Science

           KTH Royal Institute of Technology, SE-100 44 Stockholm, Sweden


           Tentative topic: Game-theoretic moving target defense in cyber-physical systems 

           Abstract: Reports of cyber-attacks, such as Stuxnet, have shown their devastating consequences on digitally controlled systems supporting modern societies, and shed light on their modus operandi: First learn sensitive information about the system, then tamper the visible information so the attack is undetected, and meanwhile have significant impact on the physical system. In this talk we shall focus on a specific malicious sensor attack scenario where the attacker tries to remain stealthy. We will present a moving-target defense strategy against such attacks that involves randomly changing the detector threshold. We model the scenario as a Bayesian game between the attacker and defender, and characterize the resulting equilibria and discuss their consequences for cyber defense.

  1. Prof. Bruno Sinopoli

           Professor, Electrical & Systems Engineering Department

           Washington University in St. Louis, St. Louis, MO 63130


           Tentative topicToward the Design of Resilient Cyber-Physical Systems

  1. Prof. Quanyan Zhu

           Associate Professor, Department of Electrical and Computer Engineering

           New York University, Brooklyn, NY 11201


           Tentative topicReinforcement Learning for Cyber Resilience 

           Abstract: The rapid growth in the number of devices and their connectivity has enlarged the attack surface and made cyber systems more vulnerable. As attackers become increasingly sophisticated and resourceful, mere reliance on traditional cyber protection, such as intrusion detection, firewalls, and encryption, is insufficient to secure the cyber systems. Cyber resilience provides a new security paradigm that complements inadequate protection with resilience mechanisms. A Cyber-Resilient Mechanism (CRM) adapts to the known or zero-day threats and uncertainties in real-time and strategically responds to them to maintain the critical functions of the cyber systems in the event of successful attacks. In this talk, we introduce  Reinforcement Learning (RL)  for cyber resilience and discuss the cyber-resilient defenses against three major types of vulnerabilities, i.e., posture-related, information-related, and human-related vulnerabilities. We introduce moving target defense, defensive cyber deception, and assistive human security technologies as three application domains. The RL algorithms also have vulnerabilities themselves. We discuss the future challenges of RL for cyber security and resilience and emerging applications of RL-based CRMs.




  1. Dr. Kunal Garg

          Postdoctoral Associate, Department of Aeronautics and Astronautics

          Massachussets Institute of Technology, MA, 02139



  1. Prof. Ricardo Sanfelice

           Professor, Electrical and Computer Science

           University of California, Santa Cruz, CA 95064


  1. Prof. Alvaro Cardenas 

           Associate Professor, Computer Science and Engineering

           University of California, Santa Cruz, CA 95064



Workshop schedule


Initial Remarks (Prof. Ricardo Sanfelice)

8:50 am to 9:00 am

Dr. Andreea Alexandru

Topic: Opportunities and Challenges of using Cryptography for CPS Security

9:00 am to 9:30 am

Prof. Yasser Shoukry



9:30 am to 10:00 am


10:00 am to 10:30 am

Dr. Kunal Garg


Topic: Provable security of CPS using control barrier functions

10: 30 am to 11:00 am

Prof. Jairo Giraldo


Topic: Moving target defense for attack detection and impact mitigation in cyber-physical systems

11:00 am to 11:30 pm

Prof. Miroslav Pajic


Topic: Security of Perception-based Control: Modeling and Fundamental Limits

11:30 am to 12:00 pm


12:30 pm to 1:30 pm

Prof. Justin Ruths



1:30 pm to 2:00 pm

Prof. Henrik Sandberg


Topic: Game-theoretic moving target defense in cyber-physical systems

2:00 pm to 2:30 pm

Prof. Bruno Sinopoli



2:30 pm to 3:00 pm


3:00 pm to 3:30 pm

Prof. Quanyan Zhu



3:30 pm to 4:30 pm

Closing remarks (Prof. Alvaro Cardenas)

4:30 pm to 4:40 pm