Enforcing Safety under Actuator Attacks through Input Filtering

Actuator injection attacks pose real threats to all industrial plants controlled through communication networks. In this manuscript, we study the possibility of constraining the controller output (i.e. the input to the actuators) by means of a dynamic filter designed to prevent reachability of dangerous plant states - preventing thus attacks from inducing dangerous states by tampering with the control signals. The filter synthesis is posed as the solution of a convex program (convex cost with Linear Matrix Inequalities constraints) where we aim at shifting the reachable set of control signals to avoid dangerous states while changing the controller dynamics as little as possible. We model the difference between original control signals and filtered ones in terms of the H-infinity norm of their difference, and add this norm as a constraint to the synthesis problem via the bounded-real lemma. Results are illustrated through simulation experiments.