A framework for the analysis of supervised discrete event systems under attack

Abstract: This paper focuses on the problem of cyber attacks for discrete event systems under supervisory control. In more detail, the goal of the supervisor, who has a partial observation of the system evolution, is that of preventing the system from reaching a set of unsafe states. An attacker may act in two different ways: he can corrupt the observation of the supervisor editing the sensor readings, and can enable events that are disabled by the supervisor. This is done with the aim of leading the plant to an unsafe state, and keeping the supervisor unaware of that before the unsafe state is reached. A special automaton, called attack structure is constructed as the parallel composition of two special structures. Such an automaton can be used by the attacker to select appropriate actions (if any) to reach the above goal, or equivalently by the supervisor, to validate its robustness with respect to such attacks.