In this article, we propose a networked control architecture to ensure the plant's safety in the presence of cyber-attacks on the communication channels. In particular, we consider systems subject to both state and input constraints that must be preserved for safety reasons despite any admissible attack scenario. To this end, first, two different detectors are proposed to detect attacks on the setpoint signal as well as on the control inputs and sensor measurements. Then, an emergency controller (EC), local to the plant, is designed to replace the networked controller whenever an attack is detected. Finally, the concept of robust N-step attack-safe region is introduced to ensure that the EC is activated, regardless of the detector performance, at least one-step before the safety constraints are violated. It is formally proved that the plant trajectory is uniformly ultimately bounded in an admissible region regardless of the attacker's actions and duration. Finally, by considering a continuous-stirred tank reactor system, numerical simulations are presented to show the proposed solution's capabilities.

K Gheitasi, W Lucia, International Journal of Robust and Nonlinear Control, https://doi.org/10.1002/rnc.5432, 2021