Date of Award

12-24-2025

Date Published

January 2026

Degree Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department

Electrical Engineering and Computer Science

Advisor(s)

Qinru Qiu

Second Advisor

Fanxin Kong

Keywords

Attack Diagnosis;Attack Resilience;CPS;Cyber-Physical Systems;Machine Learning;Security

Subject Categories

Computer Sciences | Physical Sciences and Mathematics

Abstract

Cyber-Physical Systems (CPS) have become integral to critical infrastructure, from autonomous vehicles to industrial control systems. However, their increased connectivity and sophistication introduce new vulnerabilities, making security a paramount concern. This dissertation presents a comprehensive pipeline for enhancing CPS security, focusing on accurate diagnosis of trustworthy time frames and subsystems, followed by system resilience measures to restore safe states. The foundation of system resilience lies in an advanced checkpointing protocol for real-time multi-process systems. A novel three-step approach uniquely addresses both logical and timing correctness, which are crucial for modern CPS applications. By partitioning processes into directed acyclic graphs, implementing compulsive checkpoints, and optimizing execution time, the protocol provides a robust fault tolerance mechanism that maintains system integrity under failures and attacks. Traditional resilience approaches typically initiate defensive measures immediately upon anomaly detection, assuming instantaneous identification of security breaches. However, a critical research gap remains unaddressed: detection delays significantly degrade resilience performance because the assumption that states prior to detection time are trustworthy is overly optimistic. Stealthy attacks or attacks with small magnitudes can remain hidden within system noise, accumulating impact and compromising longer time frames while evading detection. To address this challenge, we propose two distinct diagnosis approaches for sensor and actuator attacks. For sensor attack diagnosis, we develop an attention mechanism-based neural network that serves as an add-on to existing attack detection approaches, precisely identifying attack onset. This system operates without prior knowledge of the CPS or detection methodology and demonstrates exceptional efficiency on edge devices, addressing a critical gap in current security measures. The actuator attack diagnosis approach extends these capabilities to the complex domain of actuator attacks. We develop a comprehensive framework that addresses both spatial and temporal aspects of attacks. Building upon the successful experience of diagnosing sensor attacks and exploiting the unique characteristics of actuator attacks, the system enables more precise and timely attack diagnosis. This dissertation presents an integrated strategy for enhancing CPS security through a combination of robust resilience mechanisms and precise attack diagnosis systems. The research significantly advances the state of the art in CPS resilience and security, offering a comprehensive solution for protecting critical infrastructure in a connected world.

Access

Open Access

Download

Share

COinS