Description du sujet de thèse

Project DAC - Analysis and synthesis of Anomaly Detectors under Critical-time constraints

Keywords: System and Control Theory - Signal Processing - Cyber-physical systems - Safety - Security -
Anomaly detector (attack, fault) - Critical-time - Convex Optimization

The challenge of system safety and security is to ensure that the specifications are met even in the face of malicious behavior or unforeseen events. Historically divided into the fight against physical attacks and the protection of information technologies, the significant increase in cyber-attacks against controlled systems (industrial infrastructures, power grids, drones, ...) over the last two decades and the limitations of conventional approaches have made it necessary to develop a systemic approach to system security, taking into account in particular the interaction between the cyber and physical worlds. On the one hand, traditional IT security methods focus primarily on protecting information and do not directly consider the possible physical consequences of cyber-attacks. On the other hand, classical Control and Signal Processing approaches address tolerance to independent disturbances, but do not consider possible attacks by malicious rational actors. Thus, over the last decade, approaches have been developed to prevent, detect, and mitigate attacks on controlled systems [CST19,DPF+19].

An important issue is to find an appropriate trade-off between the desired level of security and the satisfaction of a functional specification. This is due in particular to the difficulty of assessing the risk, and especially the likelihood, of an attack due to the heterogeneity of attackers, both in terms of objectives and resources [TSSJ15].

In this context, the ambition of this thesis is to tackle the problem of efficient analysis and synthesis of anomaly detectors (attacks, faults) under critical-time constraint. The critical-time is the maximum time horizon for which a system is considered to be safe after the occurrence of an anomaly, i.e. the system is not in a critical state and is still able to return to a normal mode. This security metric, introduced in [PCZ21], seems to be relevant at every stage of the risk management process (analysis, prevention, detection, mitigation). The underlying motivation is that an increase in critical-time gives defense mechanisms, including human operators, more time to detect and mitigate anomalies.

The performance of anomaly detectors is traditionally evaluated according to three criteria: detection rate, false alarm rate and detection delay. When synthesizing a detector, only the first two criteria are considered. The estimation of the detection delay and the verification that the system does not enter a critical state before detection (i.e. that the detection delay is less than the critical time) are then estimated in a post-synthesis phase using simulations.

The first objective of this thesis is to develop an algorithmically efficient analysis method that allows to formally guarantee whether the worst-case detection delay of a given filter is less than the critical time. To achieve this, the research could build on previous work [PCZ24,EMSZ20,BTMS17] on critical time computation and robust simulation techniques, and extend them to systems of practical interest (such as uncertain linear time-varying systems). The second objective is to propose a method able to take into account the critical-time constraint directly in the synthesis of the detection filter. An important challenge will be to obtain of an algorithmically efficient method, which may require to simplify the problem (constraints relaxation, reformulation or relevant approximation of the problem, etc.). These first two objectives take place in the context of sharp anomalies, i.e. with a severe impact on the system in a reduced amount of time. The third objective will be to synthesize an anomaly detector in order to guarantee a minimum critical-time for the so-called stealthy attacks, i.e. attacks designed not to be detected by the filter.

For more details, see p.6 of www.ampere-lab.fr/IMG/pdf/2_sujet_dac.pdf

[BTMS17] H. Ben-Talha, P. Massioni, and G. Scorletti. Robust Simulation of Continuous-Time Systems with Rational Dynamics. International Journal of Robust and Nonlinear Control, 2017.
[CST19] M. S. Chong, H. Sandberg, and A. M. H. Teixeira. A Tutorial Introduction to Security and Privacy for Cyber-Physical Systems. In 18th European Control Conference (ECC), 2019.
[DPF+19] S. M. Dibaji, M. Pirani, D. B. Flamholz, A. M. Annaswamy, K. H. Johansson, and A. Chakrabortty. A Systems and Control Perspective of CPS security. Annual Reviews in Control, 2019.
[EMSZ20] C. Escudero, P. Massioni, G. Scorletti, and E. Zamaï. Security of Control Systems : Prevention of Aging Attacks by means of Convex Robust Simulation Forecasts. IFAC-PapersOnLine, 53(2) :4452–4459, 2020.
[PCZ21] A. Perodou, C. Combastel, and A. Zolghadri. Critical-Time Analysis of Cyber- Physical Systems subject to Actuator Attacks and Faults. In 60th IEEE Conference on Decision and Control (CDC), 2021.
[PCZ24] A. Perodou, C. Combastel, and A. Zolghadri. Critical-time metric for risk analysis against sharp input anomalies: Computation and application case study. Journal of the Franklin Institute, 2024.
[TSSJ15] A. Teixeira, K. C. Sou, H. Sandberg, and K. H. Johansson. Secure Control Systems : A Quantitative Risk Management Approach. IEEE Control Systems Magazine, 2015.

Contexte de travail

The École Centrale de Lyon (ECL) is a public scientific, cultural and professional institution. ECL's research activities are directed to and for the business world through numerous industrial contracts.

The Ampère-lab is a joint research unit (CNRS, Ecole Centrale de Lyon, INSA Lyon, Université Lyon 1) of more than 150 researchers based in Lyon, France, working on the rational use of energy in systems in relation to their environment. The research carried out by the System Engineering department includes the development of methods and tools for optimizing and controlling the dynamic behavior of systems in a wide range of application domains, in collaboration with other departments of the laboratory and other engineering laboratories. The combination of theoretical and applied dimensions of this research constitutes its great originality.

Over the last few years, the advisors have been working on the possibilities offered by Systems, Control and Signal approaches for the development of methods for the design and understanding of systems from different disciplines (electronics, electrical engineering, mechanics, biology, etc.). In particular, an expertise has been developed in the design of systems obtained by interconnecting subsystems, for which the combination of the input-output approach with convex optimization tools seems to be particularly effective. Convincing results have already been obtained, ranging from upstream methodological contributions to their application to problems of strong practical interest and even to patent deposit. More recently, certain team members have started to explore the topic of the safety and security of cyber-physical systems.



La personne recrutée le souhaitant aura aussi l'opportunité d'intervenir dans les enseignements de l'équipe Automatique et Traitement du Signal de l'Ecole Centrale de Lyon, s'assurant ainsi un complément de salaire tout en profitant d'une expérience valorisable par la suite.

Le poste se situe dans un secteur relevant de la protection du potentiel scientifique et technique (PPST), et nécessite donc, conformément à la réglementation, que votre arrivée soit autorisée par l'autorité compétente du MESR.

Contraintes et risques

Risks : nothing.
Constraint : Laboratory in ZRR, FSD notification required. The position is located in an area covered by the protection of scientific and technical potential (PPST), and therefore requires, in accordance with regulations, that your arrival be authorized by the competent MESR authority.
See pdf subject for more information.

Do not hesitate to contact the advisors team directly for further details (contact in pdf subjects).

Informations complémentaires

PHD paid by the Ecole Centrale de Lyon