CYBERSECURITY OF CRITICAL INFORMATION INFRASTRUCTURE AND CONTROL: APPLICATION-AWARE RESILIENCE MECHANISMS

In an era of growing cyber threats, where critical infrastructure such as power
grids, healthcare systems, and transportation networks are increasingly targeted
by sophisticated attacks, the urgency of designing resilient cyber-physical systems (CPS) has never been more pressing. Cyber-physical systems form the very
backbone of our modern society, and their disruption can have catastrophic consequences, ranging from economic losses to threats to human life. Against this
background, this thesis addresses two fundamental challenges in the field of CPS:
firstly, enhancing resilience against a wide range of threats by leveraging application knowledge to improve on the costs of resilience, ranging from accidental
system failures to carefully coordinated cyber-attacks, and secondly, ensuring the
adaptability of these systems in the face of dynamic and unpredictable operational
environments.
The first challenge addressed is the improvement of system resilience. We introduce novel Consensual Resilient Control (CRC) method to systematically convert
stateful control tasks into statelessly recoverable ones, by leveraging consensually
updated shared state introduced in the thesis is central to this challenge. CRC
significantly improves the performance of control task replication by exploiting
the inherent stability of many systems to tolerate occasional missed control task
deadlines. This approach rejuvenates replicas within each control cycle, improving
system resilience and operational efficiency. This not only enables rapid recovery
but also significantly reduces the overheads associated with traditional replication
methods, particularly in environments prone to cold start effects. The effectiveness
of CRC is not just theoretical, but demonstrated through practical applications,
such as our implementation in the custom-built inverted pendulum system, which
demonstrates the robustness of the CRC in unpredictable environments and its
ability to efficiently maintain system resilience with fewer resources.
The second challenge is to ensure system adaptability in the face of changing
operational conditions. To this end, the thesis presents the A GIS architecture, a
solution that seamlessly integrates dual control systems to optimise performance
while maintaining safety. The adaptive nature of A GIS is particularly beneficial
in open environments where CPSs are exposed to a wide range of disturbances.
The architecture’s minimal switching overhead and its utility in complex tasks
such as environmental monitoring illustrate its practical importance in enhancing
system robustness