Over-actuated systems, namely systems with more inputs than outputs, can increase control performance, yet are susceptible to model-based undetectable attacks if the actuator channel is compromised. In this paper, we show how implementing a sparse actuator schedule can introduce security by rendering these attacks ineffective. We formulate a novel methodology whereby a periodic sparse schedule, implemented at the actuators, secures the system by ensuring that a malicious adversary cannot exploit actuator redundancy to deploy undetectable attacks. The schedule is designed offline and repeats periodically at the actuators, so that the adversary is constrained to only tamper with the active actuators. We devise a degeneracyaware greedy selection procedure with low computational complexity to design an actuator schedule that renders undetectable attacks ineffective, whilst simultaneously providing relatively small performance degradation. We illustrate the effectiveness of our approach using a reference tracking model predictive controller on the IEEE-39 bus power network employing the designed sparse schedule.

We propose a novel watermarking scheme by modifying a self-triggered control (STC) policy, aimed at detecting replay attacks for linear time-invariant (LTI) systems. We show that by employing non-deterministic early triggering of the STC mechanism, replay attacks can be detected by a modified χ2 detector which takes into account the aperiodic nature of the inter-sample times. Specifically, we consider the case where a periodic reference signal is tracked, which makes these systems vulnerable to replay attacks. The proposed approach is modular and can be retrofitted to legacy systems. An approach for designing an online optimal early triggering mechanism is provided. This is validated through an illustrative numerical example in which we compare our method to scenarios employing both additive and multiplicative watermarking.

We describe a new variant of zero dynamics attack (ZDA), what we call a switched ZDA, targeting linear time-invariant (LTI) sampled-data systems with non-uniform sampling. Specifically, we consider continuous-time systems and construct attacks that exploit the unstable sampling zeros resulting from a zero-order hold (ZOH) mechanism. These attacks can be constructed by strong adversaries who have knowledge of the plant dynamics, with the additional requirement that they can determine the next sampling instant. We provide sufficient conditions when cyber-physical systems are vulnerable to switched ZDAs, and prove that these attacks can be disruptive while remaining stealthy. We also provide two possible countermeasures that make switched ZDAs ineffective. The first countermeasure revolves around creating a mismatch between the next sampling instant as predicted by the adversary and the true one, which makes the switched ZDAs no longer stealthy. The second countermeasure relies on increasing the inter-sample times such that the system no longer contains unstable sampling zeros, making the switched ZDA no longer disruptive. We demonstrate the vulnerability of sampled-data systems with non-uniform sampling to switched ZDAs in several illustrative examples, and exemplify the effectiveness of the proposed countermeasures.