This paper addresses the diagnosability analysis problem under malicious attacks of a networked discrete event system modeled by a labeled Petri net. A stealthy replacement attack is considered to alter or corrupt the observation of the system, in which the transition labels are replaced by others or the empty string, and its attack stealthiness requires that the corrupted observations should be contained in the behavior of system. The objective of this work is, from an attacker's viewpoint, to design such an attack for compromising the attack-induced diagnosability of a system. Specifically, a new structure, called an attack verifier, is constructed by integrating the attack behavior to enumerate all the attack paths to be transformed into fundamental ones that violate the attack-induced diagnosability. Then an optimal attack synthesis problem in terms of minimum energy cost is formulated by integer linear programming problems. An example of an automated manufacturing system is provided to show the efficiency of the proposed attack strategy compared with the existing approaches. Note to Practitioners - This study highlights critical cybersecurity risks in automated manufacturing, particularly in networked discrete event systems. With increased reliance on multi-agent coordination, cyber threats such as stealthy attacks can compromise system diagnosability by corrupting event observations. Practitioners in industrial automation and cybersecurity must prioritize robust detection mechanisms to detect inconsistencies in sensor data and event labels. Securing communication channels and integrating resilient event-based monitoring frameworks can provide early warnings against cyber intrusions. In practical applications, the proposed attack verifier architecture and the integer linear programming based cost model offer a systematic method to identify system vulnerabilities, allowing practitioners to assess security gaps and determine which components require prioritized protection. At the deployment level, the verification process can be executed offline, while low overhead runtime monitoring of event label consistency can take place online to support anomaly detection. As manufacturing systems increasingly integrate automation and networked control, ensuring that robust diagnosability remains essential for safeguarding operational integrity and resilience.
Securing Networked Discrete Event Systems for Diagnosability Under Attacks / Liu, Ruotian; Li, Tengbo; Hu, Shaopeng; Mangini, Agostino Marcello; Fanti, Maria Pia. - In: IEEE TRANSACTIONS ON AUTOMATION SCIENCE AND ENGINEERING. - ISSN 1545-5955. - 23:(2026), pp. 7409-7423. [10.1109/tase.2026.3679186]
Securing Networked Discrete Event Systems for Diagnosability Under Attacks
Liu, Ruotian;Mangini, Agostino Marcello;Fanti, Maria Pia
2026
Abstract
This paper addresses the diagnosability analysis problem under malicious attacks of a networked discrete event system modeled by a labeled Petri net. A stealthy replacement attack is considered to alter or corrupt the observation of the system, in which the transition labels are replaced by others or the empty string, and its attack stealthiness requires that the corrupted observations should be contained in the behavior of system. The objective of this work is, from an attacker's viewpoint, to design such an attack for compromising the attack-induced diagnosability of a system. Specifically, a new structure, called an attack verifier, is constructed by integrating the attack behavior to enumerate all the attack paths to be transformed into fundamental ones that violate the attack-induced diagnosability. Then an optimal attack synthesis problem in terms of minimum energy cost is formulated by integer linear programming problems. An example of an automated manufacturing system is provided to show the efficiency of the proposed attack strategy compared with the existing approaches. Note to Practitioners - This study highlights critical cybersecurity risks in automated manufacturing, particularly in networked discrete event systems. With increased reliance on multi-agent coordination, cyber threats such as stealthy attacks can compromise system diagnosability by corrupting event observations. Practitioners in industrial automation and cybersecurity must prioritize robust detection mechanisms to detect inconsistencies in sensor data and event labels. Securing communication channels and integrating resilient event-based monitoring frameworks can provide early warnings against cyber intrusions. In practical applications, the proposed attack verifier architecture and the integer linear programming based cost model offer a systematic method to identify system vulnerabilities, allowing practitioners to assess security gaps and determine which components require prioritized protection. At the deployment level, the verification process can be executed offline, while low overhead runtime monitoring of event label consistency can take place online to support anomaly detection. As manufacturing systems increasingly integrate automation and networked control, ensuring that robust diagnosability remains essential for safeguarding operational integrity and resilience.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
