Supervisory authorities

CNRS Ecole Centrale de Lyon Université de Lyon Université Lyon 1 INSA de Lyon

Our partners



Home > Thèses et HDR > Thèses en 2021

15/01/2021 - Cédric ESCUDERO

by Laurent Krähenbühl - published on , updated on


  • Friday 15 January 2021 from 09:30 to 11:00 -

    Thèse Cédric ESCUDERO

    Résumé :

    Analysis and prevention of stealthy aging attacks : an approach based on the dynamical systems theory

    En raison des conditions sanitaires, la soutenance sera réalisée en visio uniquement.
    Contact :

Ajouter un événement iCal

Cedric Escudero defends his PhD on Jan. 15, 2021 at 9:30 AM.
Place : visio conference only.

Analysis and prevention of stealthy aging attacks : an approach based on the dynamical systems theory

Jury :
Rapporteurs :
Mireille BAYART MERCHEZ, Université de Lille ; Frédéric KRATZ, INSA Centre Val de Loire

Autres membres :
Jean-Marc THIRIET, Université Grenoble Alpes; Carlos MURGUIA RENDON, Eindhoven University of Technology

Encadrement Ampère :
Paolo MASSIONI, Co-directeur de thèse ; Eric ZAMAI, Directeur de thèse

Invités :
Stéphane DE FLEURIAU, Direction Générale de l’Armement; Franck SICARD, Naval Group

Abstract :
Industrial Control Systems (ICSs) are architectures controlling a physical system to achieve an industrial objective. They are present in various sectors including energy generation and distribution, water treatment, manufacturing production, aerospace and defense. Those architectures are equipped with various digital entities (e.g. HMI, PLC, regulator) organized for the decrease in complexity of the control. Historically, ICSs have been designed to improve the productivity, but the cybersecurity has not been considered. Due to this lack, ICSs are facing cyberattacks. Plenty of them manipulating the architecture have been reported in the literature. They aim to steal sensitive information or to violate the integrity of the physical system. The violation of the physical system integrity refers to an intended alteration or destruction of the physical system through its control. It leads to a partial or complete failure of the services delivered by the physical system. Hence, cyberattacks are a new root-cause of failure, that we call the malicious acts. Those malicious acts aim to create and propagate anomalies in the architecture by exploiting vulnerabilities of the digital entities.

The research works developed in this thesis contribute in the prevention of the malicious acts in the ICS architectures. In particular, the contributions focus on the prevention of attacks targeting the controllers, of type of industrial regulator (e.g. PID controller). The type of attacks we address aim to accelerate the aging of the actuators through the control signal. Thus, this thesis considers this type of attacks by assuming an attacker who can modify the control signal.

About the contributions, they can be gathered in two propositions. Firstly, we propose to analyze those attacks. A first method of analysis aims to demonstrate the feasibility of such attacks by designing the control signal an attacker could inject to accelerate the aging of the actuators. It consists in solving an optimization problem with Sequential Linear Programming (SLP). A second method of analysis, based on a set theoretic approach, is developed to prove the feasibility of such attacks. It consists in quantifying the effect of those attacks on the physical system. Secondly, we propose to prevent the occurrence of those attacks. This method is derived from the previous one based on a set theoretic approach. It consists in restraining the control signal to make those attacks infeasible. The main idea of the set theoretic-based methods is to search for a pseudo Lyapunov function. Two cases are considered: the quantification of the effects on an infinite-time horizon based on the concepts of positive invariance, and the quantification of the effects on a finite time horizon based on techniques from the robust convex simulation. In both cases, the methods consist in solving an optimization problem with semidefinite programming (SDP) under constraints expressed in terms of Linear Matrix Inequalities (LMI). Lastly, the proposed methods are validated on experimentations.

Key Words: