In this paper, the problem of simultaneous cyber attack and fault detection and isolation (CAFDI) in cyber-physical systems (CPS) is studied. The proposed solution methodology consists of two filters on the plant and the command and control (C\&C) sides of the CPS and an unknown input observer (UIO) based detector on the plant side. Conditions under which the proposed methodology can detect deception attacks, such as covert attacks, zero dynamics attacks, and replay attacks are characterized. An advantage of the proposed methodology is that one does not require a fully secured communication link which implies that the communication link can be compromised by the adversary while it is used to transmit the C\&C side observer estimates. Also, it is assumed that adversaries have access to parameters of the system, filters, and the UIO-based detector, however, they do not have access to all the communication link channels. Conditions under which, using the communication link cyber attacks, the adversary cannot eliminate the impact of actuator and sensor cyber attacks are investigated. To illustrate the capabilities and effectiveness of the proposed CAFDI methodologies, simulation case studies are provided and comparisons with detection methods that are available in the literature are included to demonstrate the advantages and benefits of our proposed solutions.

中文翻译：

---

网络物理系统的网络攻击和机器诱导故障检测和隔离方法

在本文中，研究了网络物理系统（CPS）中的同时网络攻击和故障检测与隔离（CAFDI）问题。建议的解决方案方法包括工厂和 CPS 的命令和控制 (C\&C) 侧的两个滤波器以及工厂侧的基于未知输入观测器 (UIO) 的检测器。所提出的方法可以检测欺骗攻击的条件，例如隐蔽攻击、零动态攻击和重放攻击。所提出的方法的一个优点是不需要完全安全的通信链路，这意味着当通信链路用于传输 C\&C 侧观察者估计时，攻击者可能会破坏该通信链路。此外，假设攻击者可以访问系统参数、过滤器、然而，基于 UIO 的检测器无法访问所有通信链路通道。使用通信链路网络攻击，对手无法消除执行器和传感器网络攻击的影响的条件进行了调查。为了说明所提出的 CAFDI 方法的能力和有效性，提供了模拟案例研究，并与文献中可用的检测方法进行了比较，以证明我们提出的解决方案的优势和好处。