Synthesis of Optimal Stealthy Attacks Against Diagnosability in Labeled Petri Nets

Ruotian Liu; Agostino Marcello Mangini; Maria Pia Fanti

IEEE/CAA Journal of Automatica Sinica

JCR Impact Factor: 15.3, Top 1 (SCI Q1)

CiteScore: 23.5, Top 2% (Q1)
Google Scholar h5-index: 77， TOP 5

Article Contents

Article Navigation > IEEE/CAA Journal of Automatica Sinica > 2025 > In Press, Accepted Manuscript

R. Liu, A. Mangini, and M. Pia Fanti, “Synthesis of optimal stealthy attacks against diagnosability in labeled petri nets,” IEEE/CAA J. Autom. Sinica, 2025.

Citation:

R. Liu, A. Mangini, and M. Pia Fanti, “Synthesis of optimal stealthy attacks against diagnosability in labeled petri nets,” IEEE/CAA J. Autom. Sinica, 2025.

R. Liu, A. Mangini, and M. Pia Fanti, “Synthesis of optimal stealthy attacks against diagnosability in labeled petri nets,” IEEE/CAA J. Autom. Sinica, 2025.

Citation:

R. Liu, A. Mangini, and M. Pia Fanti, “Synthesis of optimal stealthy attacks against diagnosability in labeled petri nets,” IEEE/CAA J. Autom. Sinica, 2025.

PDF( 1403 KB)

Synthesis of Optimal Stealthy Attacks Against Diagnosability in Labeled Petri Nets

Department of Electrical and Information Engineering, Polytechnic University of Bari, 70125 Bari, Italy

Funds: This work was supported in part by the IN2CCAM Project that has Received Funding from the European Union’s Horizon Europe research and Innovation Programme (101076791). This manuscript reflects only the authors’ views and opinions, neither the European Union nor the European Commission can be considered responsible for them

More Information

Author Bio:
Ruotian Liu (Member, IEEE) received the B.S. degree in automation from Xidian University in 2015, and M.S. and the Ph.D. degrees in automation from Aix-Marseille University, France, in 2018 and 2021, respectively. In 2022, he joined Polytechnic University of Bari, Italy, where he is currently an Assistant Professor with the Department of Electrical and Information Engineering. He is serving as a Guest Associate Editor of the IEEE Transactions on Automation Science and Engineering. His research interests include control theory in discrete event systems and hybrid systems, diagnosability/opacity analysis, and networked security

Agostino Marcello Mangini (Senior Member, IEEE) received the Laurea degree in electronics engineering and the Ph.D. degree in electrical engineering from the Polytechnic University of Bari, Italy, in 2003 and 2008, respectively. He has been a Visiting Scholar with the University of Zaragoza, Spain. He is currently an Associate Professor with the Department of Electrical and Information Engineering, Polytechnic University of Bari Italy. He has authored or coauthored over 140 printed publications. His current research interests include modeling, simulation, control of discrete-event systems, Petri nets, deep reinforcement learning, supply chains and urban traffic networks, distribution, and internal logistics. He was on the program committees of the 2007–2023 IEEE International SMC Conference on Systems, Man, and Cybernetics. He was on the Editorial Board of the 2017–2023 IEEE Conference on Automation Science and Engineering. Moreover, he was the Publication Chair of the 2017 IEEE SOLI and the 2019 IEEE SMC conferences, the Workshop Co-Chair of the 2023 IEEE SMC conference, the Workshop and Tutorial Chair of the 2023 IEEE CASE Conference, and the Special Session Chair of the 3rd IEEE International Conference on Automation in Manufacturing, Transportation and Logistics (iCaMaL2023). He is an Associate Editor of IEEE Transactions on Automation and Science and Engineering and IEEE Systems, Man, and Cybernetics Magazine

Maria Pia Fanti (Fellow, IEEE) received the Laurea degree in electronic engineering from the University of Pisa, Italy, in 1983. She was a visiting researcher at the Rensselaer Polytechnic Institute of Troy, USA, in 1999. Since 1983, she has been with the Department of Electrical and Information Engineering of the Polytechnic of Bari, Italy, where she is currently a Full Professor of system and control engineering and Chair of the Laboratory of Automation and Control. Her research interests include management and modeling of complex systems, such as intelligent transportation, logistics and manufacturing systems; discrete event systems; Petri nets; and fault detection. Prof. Fanti has published more than 370 papers and two textbooks on her research topics.She is Senior Editor of the IEEE Trans. on Automation Science and Engineering, and Associate Editor of the IEEE Trans. on Systems, Man, and Cybernetics: Systems and the IEEE Trans. on Intelligent Vehicles. She was Member of the Board of Governors of the IEEE Systems, Man, and Cybernetics Society, and of the Administrative Committee of the IEEE Robotics and Automaton Society, founder and chair of the Technical Committee on Automation in Logistics of the IEEE Robotics and Automation Society. Prof. Fanti was general chair, program chair and member of the organizing committee of a large number of international conferences in particular she was General Chair of the 2011 IEEE Conference on Automation Science and Engineering, the 2017 IEEE International Conference on Service Operations and Logistics, and Informatics and the 2019 IEEE Systems, Man, and Cybernetics Conference
Corresponding author: Maria Pia Fanti, e-mail: mariapia.fanti@poliba.it
Received Date: 2024-11-22
Accepted Date: 2024-12-27

Available Online: 2025-05-22

Abstract

Abstract

This paper addresses the diagnosability analysis problem under external malicious attacks of a networked discrete event system modeled by labeled Petri net. In particular, we focus on a stealthy replacement attack to alter or corrupt the observation of the system, in which the transition labels are replaced by others or empty string, and its attack stealthiness requires that the corrupted observations should be contained in the behavior of system. The aim of this work is, from an attacker viewpoint, to design a stealthy replacement attack for violating the diagnosability of system. To this end, we first build a new structure, called complete unfolded verifier, with the notion of a predefined elementary unsound path that leads to the violation of diagnosability, which is used to enumerate all the potential attacked paths to be transformed into elementary unsound ones. Then an optimal attack synthesis problem in terms of minimum energy cost is formulated by determining whether an elementary unsound path is generated via solving a set of integer nonlinear programming problems. Finally, we show that the nonlinear programming problems can be transformed into integer linear programming problems by introducing additional linear constraints. Examples are used to illustrate the proposed attack strategy.
- Cyber attack,
- diagnosability,
- discrete event system,
- labeled Petri net,
- optimization

FullText(HTML)

References(49)

References

[1]	W. Duo, M. Zhou, and A. Abusorrah, “A survey of cyber attacks on cyber physical systems: Recent advances and challenges,” IEEE/CAA Journal of Automatica Sinica, vol. 9, no. 5, pp. 784–800, 2022. doi: 10.1109/JAS.2022.105548
[2]	D. Zhang, Q.-G. Wang, G. Feng, Y. Shi, and A. V. Vasilakos, “A survey on attack detection, estimation and control of industrial cyber–physical systems,” ISA transactions, vol. 116, pp. 1–16, 2021. doi: 10.1016/j.isatra.2021.01.036
[3]	J. Zhang, L. Pan, Q.-L. Han, C. Chen, S. Wen, and Y. Xiang, “Deep learning based attack detection for cyber-physical system cybersecurity: A survey,” IEEE/CAA Journal of Automatica Sinica, vol. 9, no. 3, pp. 377–391, 2021.
[4]	L. K. Carvalho, Y.-C. Wu, R. Kwong, and S. Lafortune, “Detection and mitigation of classes of attacks in supervisory control systems,” Automatica, vol. 97, pp. 121–133, 2018. doi: 10.1016/j.automatica.2018.07.017
[5]	R. Fritz and P. Zhang, “Detection and localization of stealthy cyberattacks in cyber-physical discrete event systems,” IEEE Trans. Automatic Control, vol. 68, no. 12, pp. 7895–7902, 2023. doi: 10.1109/TAC.2023.3253462
[6]	C. Gao, C. Seatzu, Z. Li, and A. Giua, “Multiple attacks detection on discrete event systems,” in Proceeding of IEEE Int. Conf. on Systems, Man and Cybernetics, 2019, pp. 2352–2357.
[7]	F. Lin, S. Lafortune, and C. Wang, “Diagnosability and attack detection for discrete event systems under sensor attacks,” Discrete Event Dynamic Systems, vol. 34, no. 3, pp. 465–495, 2024. doi: 10.1007/s10626-024-00401-6
[8]	L. Lin and R. Su, “Synthesis of covert actuator sensor attackers,” Automatica, vol. 130, p. 109714, 2021. doi: 10.1016/j.automatica.2021.109714
[9]	R. Tai, L. Lin, and R. Su, “Synthesis of optimal covert sensor–actuator attackers for discrete-event systems,” Automatica, vol. 151, p. 110910, 2023.
[10]	R. Tai, L. Lin, Y. Zhu, and R. Su, “Synthesis of the supremal covert attacker against unknown supervisors by using observations,” IEEE Trans. Automatic Control, vol. 68, no. 6, pp. 3453–3468, 2022.
[11]	R. Meira-Goes, E. Kang, R. H. Kwong, and S. Lafortune, “Synthesis x of sensor deception attacks at the supervisory layer of cyber–physical systems,” Automatica, vol. 121, p. 109172, 2020. doi: 10.1016/j.automatica.2020.109172
[12]	J. Yao, S. Li, and X. Yin, “Sensor deception attacks against security in supervisory control systems,” Automatica, vol. 159, p. 111330, 2024. doi: 10.1016/j.automatica.2023.111330
[13]	Q. Zhang, C. Seatzu, Z. Li, and A. Giua, “Selection of a stealthy and harmful attack function in discrete event systems,” Scientific Reports, vol. 12, no. 1, pp. 1–14, 2022. doi: 10.1038/s41598-021-99269-x
[14]	Y. Li, C. N. Hadjicostis, N. Wu, and Z. Li, “Error-and tamper-tolerant state estimation for discrete event systems under cost constraints,” IEEE Trans. Automatic Control, vol. 68, no. 11, pp. 6743–6750, 2023. doi: 10.1109/TAC.2023.3239590
[15]	Y. Yao, Y. Tong, and H. Lan, “Initial-state estimation of multi-channel networked discrete event systems,” IEEE Control Systems Letters, vol. 4, no. 4, pp. 1024–1029, 2020. doi: 10.1109/LCSYS.2020.2998610
[16]	F. Lin, W. Wang, L. Han, and B. Shen, “State estimation of multichannel networked discrete event systems,” IEEE Trans. Control of Network Systems, vol. 7, no. 1, pp. 53–63, 2019.
[17]	S. Zheng, S. Shu, and F. Lin, “Modeling and control of discrete-event systems under joint sensor–actuator cyberattacks,” IEEE Trans. Control of Network Systems, vol. 11, no. 2, pp. 782–794, 2024. doi: 10.1109/TCNS.2023.3312249
[18]	Z. He, N. Wu, and Z. Li, “Estimation and prevention of actuator enablement attacks in discrete-event systems under supervisory control,” IEEE Trans. Automatic Control, vol. 69, no. 9, pp. 5963–5978, 2024. doi: 10.1109/TAC.2024.3367656
[19]	R. Meira-Góes, H. Marchand, and S. Lafortune, “Dealing with sensor x and actuator deception attacks in supervisory control,” Automatica, vol. 147, p. 110736, 2023. doi: 10.1016/j.automatica.2022.110736
[20]	R. Su, “Supervisor synthesis to thwart cyber attack with bounded sensor reading alterations,” Automatica, vol. 94, pp. 35–44, 2018. doi: 10.1016/j.automatica.2018.04.006
[21]	M. Wakaiki, P. Tabuada, and J. P. Hespanha, “Supervisory control of discrete-event systems under attacks,” Dynamic Games and Applications, vol. 9, pp. 965–983, 2019. doi: 10.1007/s13235-018-0285-3
[22]	R. Meira-Góes, S. Lafortune, and H. Marchand, “Synthesis of super- x visors robust against sensor deception attacks,” IEEE Trans. Automatic Control, vol. 66, no. 10, pp. 4990–4997, 2021. doi: 10.1109/TAC.2021.3051459
[23]	M. Sampath, R. Sengupta, S. Lafortune, K. Sinnamohideen, and D. Teneketzis, “Diagnosability of discrete-event systems,” IEEE Trans. Automatic Control, vol. 40, no. 9, pp. 1555–1575, 1995. doi: 10.1109/9.412626
[24]	——, “Failure diagnosis using discrete-event models,” IEEE Trans. Control System Technology, vol. 4, no. 2, pp. 105–124, 1996.
[25]	S. H. Zad, R. H. Kwong, and W. M. Wonham, “Fault diagnosis in discrete-event systems: Framework and model reduction,” IEEE Trans. Automatic Control, vol. 48, no. 7, pp. 1199–1212, 2003. doi: 10.1109/TAC.2003.814099
[26]	F. Basile, P. Chiacchiot, and G. De Tommasi, “On k-diagnosability of Petri nets via integer linear programming,” Automatica, vol. 48, no. 9, pp. 2047–2058, 2012. doi: 10.1016/j.automatica.2012.06.039
[27]	M. P. Cabasino, A. Giua, and C. Seatzu, “Diagnosability of discrete event systems using labeled Petri nets,” IEEE Trans. Automation Science and Engineering, vol. 11, no. 1, pp. 144–153, 2014. doi: 10.1109/TASE.2013.2289360
[28]	G. H. Zhu, Z. W. Li, N. Q. Wu, and A. Alahamari, “Fault idetification of discrete event systems modeled by Petri nets with unobservable transitions,” IEEE Trans. Systems, Man, and Cybernetics : Systems, vol. 49, no. 2, pp. 333–345, 2019. doi: 10.1109/TSMC.2017.2762823
[29]	N. Ran, A. Giua, and C. Seatzu, “Enforcement of diagnosability in labeled Petri nets via optimal sensor selection,” IEEE Trans. Automatic Control, vol. 64, no. 7, pp. 2997–3004, 2018.
[30]	S. Hu, Z. Li, and R. Wisniewski, “Optimal sensor selection for diagnosability enforcement in labeled Petri nets,” IEEE Trans. Systems, Man, and Cybernetics: Systems, vol. 54, no. 5, pp. 2965–2977, 2024. doi: 10.1109/TSMC.2024.3351740
[31]	M. P. Cabasino, S. Lafortune, and C. Seatzu, “Optimal sensor selection for ensuring diagnosability in labeled Petri nets,” Automatica, vol. 49, no. 8, pp. 2373–2383, 2013. doi: 10.1016/j.automatica.2013.04.041
[32]	Y. C. Wu and S. Lafortune, “Synthesis of insertion functions for enforcement of opacity security properties,” Automatica, vol. 50, no. 5, pp. 1336–1348, 2014. doi: 10.1016/j.automatica.2014.02.038
[33]	Y. Ji, X. Yin, and S. Lafortune, “Opacity enforcement using nondeterministic publicly known edit functions,” IEEE Trans. Automatic Control, vol. 64, no. 10, pp. 4369–4376, 2019. doi: 10.1109/TAC.2019.2897553
[34]	X. Li, C. N. Hadjicostis, and Z. Li, “Opacity enforcement in discrete event systems using extended insertion functions under inserted language constraints,” IEEE Trans. Automatic Control, vol. 68, no. 11, pp. 6797–6803, 2023. doi: 10.1109/TAC.2023.3239433
[35]	W. Duan, R. Liu, M. P. Fanti, C. N. Hadjicostis, and Z. Li, “Edit mechanism synthesis for opacity enforcement under uncertain observations,” IEEE Control Systems Letters, vol. 7, pp. 2041–2046, 2023. doi: 10.1109/LCSYS.2023.3284340
[36]	L. K. Carvalho, M. V. Moreira, J. C. Basilio, and S. Lafortune, “Robust diagnosis of discrete-event systems against permanent loss of observations,” Automatica, vol. 49, no. 1, pp. 223–231, 2013. doi: 10.1016/j.automatica.2012.09.017
[37]	W. Dong, X. Yin, and S. Li, “A uniform framework for diagnosis of discrete-event systems with unreliable sensors using linear temporal logic,” IEEE Trans. Automatic Control, vol. 69, no. 1, pp. 145–160, 2023.
[38]	Y. Li, C. N. Hadjicostis, N. Wu, and Z. Li, “Tamper-tolerant diagnosability analysis and tampering detectability in discrete event systems under cost constraints,” Automatica, vol. 171, p. 111971, 2025. doi: 10.1016/j.automatica.2024.111971
[39]	N. F. Shamloo, E. De Santis, and M. D. Di Benedetto, “Security and diagnosability of finite state machines under cyber-attacks,” IEEE Trans. Automation Science and Engineering, 2024.
[40]	T. Kang, C. Seatzu, Z. Li, and A. Giua, “Fault diagnosis of discrete event systems under attack,” in Proceeding of the 62nd IEEE Conf. on Decision and Control, 2023, pp. 7923–7929.
[41]	V. d. S. L. Oliveira, F. G. Cabral, and M. V. Moreira, “K-loss robust codiagnosability of discrete-event systems,” Automatica, vol. 140, p. 110222, 2022. doi: 10.1016/j.automatica.2022.110222
[42]	R. Liu, A. M. Mangini, and M. P. Fanti, “K-corruption intermittent attacks for violating the diagnosability,” IFAC-PapersOnLine, vol. 56, no. 2, pp. 1847–1852, 2023. doi: 10.1016/j.ifacol.2023.10.1900
[43]	M. P. Cabasino, A. Giua, and C. Seatzu, “Fault detection for discrete event systems using Petri nets with unobservable transitions,” Automatica, vol. 46, no. 9, pp. 1531–1539, 2010. doi: 10.1016/j.automatica.2010.06.013
[44]	Z. Ma, Y. Tong, Z. Li, and A. Giua, “Basis marking representation of Petri net reachability spaces and its application to the reachability problem,” IEEE Trans. Automatic Control, vol. 62, no. 3, pp. 1078–1093, 2016.
[45]	Z. Ma, G. Zhu, and Z. Li, “Marking estimation in Petri nets using hierarchical basis reachability graphs,” IEEE Trans. Automatic Control, vol. 66, no. 2, pp. 810–817, 2020.
[46]	I. Saadaoui, Z. Li, and N. Wu, “Current-state opacity modelling and verification in partially observed Petri nets,” Automatica, vol. 116, p. 108907, 2020. doi: 10.1016/j.automatica.2020.108907
[47]	X. Cong, M. P. Fanti, A. M. Mangini, and Z. Li, “Critical observability verification and enforcement of labeled Petri nets by using basis markings,” IEEE Trans. Automatic Control, vol. 68, no. 12, pp. 8158–8164, 2023. doi: 10.1109/TAC.2023.3292747
[48]	T. Murata, “Petri nets: Properties, analysis and applications,” Proc. the IEEE, vol. 77, no. 4, pp. 541–580, 1989. doi: 10.1109/5.24143
[49]	C. G. Cassandras and S. Lafortune, Introduction to discrete event systems. Springer, 2008.

Supplements(0)

Cited By

Proportional views

Proportional views

通讯作者: 陈斌, bchen63@163.com

1.
沈阳化工大学材料科学与工程学院沈阳 110142

Figures(6) / Tables(1)

Get Citation

PDF

XML

Article Metrics

Article views (20) PDF downloads(8)

Synthesis of Optimal Stealthy Attacks Against Diagnosability in Labeled Petri Nets

Abstract

References

Proportional views

Catalog

通讯作者: 陈斌, bchen63@163.com

Article Metrics

Export File

Citation

Format

Content