Real-Time Attack-Recovery for Cyber-Physical Systems Using Linear Approximations

Lin Zhang, Xin Chen, Fanxin Kong, Alvaro A. Cardenas

Research output: Chapter in Book/Entry/PoemConference contribution

34 Scopus citations


Attack detection and recovery are fundamental elements for the operation of safe and resilient cyber-physical systems. Most of the literature focuses on attack-detection, while leaving attack-recovery as an open problem. In this paper, we propose novel attack-recovery control for securing cyber-physical systems. Our recovery control consists of new concepts required for a safe response to attacks, which includes the removal of poisoned data, the estimation of the current state, a prediction of the reachable states, and the online design of a new controller to recover the system. The synthesis of such recovery controllers for cyber-physical systems has barely investigated so far. To fill this void, we present a formal method-based approach to online compute a recovery control sequence that steers a system under an ongoing sensor attack from the current state to a target state such that no unsafe state is reachable on the way. The method solves a reach-avoid problem on a Linear Time-Invariant (LTI) model with the consideration of an error bound ? = 0. The obtained recovery control is guaranteed to work on the original system if the behavioral difference between the LTI model and the system's plant dynamics is not larger than ?. Since a recovery control should be obtained and applied at the runtime of the system, in order to keep its computational time cost as low as possible, our approach firstly builds a linear programming restriction with the accordingly constrained safety and target specifications for the given reach-avoid problem, and then uses a linear programming solver to find a solution. To demonstrate the effectiveness of our method, we provide (a) the comparison to the previous work over 5 system models under 3 sensor attack scenarios: modification, delay, and reply; (b) a scalability analysis based on a scalable model to evaluate the performance of our method on large-scale systems.

Original languageEnglish (US)
Title of host publicationProceedings - 2020 IEEE 41st Real-Time Systems Symposium, RTSS 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages13
ISBN (Electronic)9781728183244
StatePublished - Dec 2020
Externally publishedYes
Event41st IEEE Real-Time Systems Symposium, RTSS 2020 - Virtual, Houston, United States
Duration: Dec 1 2020Dec 4 2020

Publication series

NameProceedings - Real-Time Systems Symposium
ISSN (Print)1052-8725


Conference41st IEEE Real-Time Systems Symposium, RTSS 2020
Country/TerritoryUnited States
CityVirtual, Houston


  • cyber-physical systems
  • real-time
  • recovery
  • security
  • sensor attacks

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications


Dive into the research topics of 'Real-Time Attack-Recovery for Cyber-Physical Systems Using Linear Approximations'. Together they form a unique fingerprint.

Cite this