Emerging Trends in Resilient Control of Networked Systems

Workshop offered at the 22nd IFAC World Congress 

9 - 14 July 2023, Yokohama, Japan

Context and Motivation

Networked control systems are one of the major control paradigms, by virtue of design flexibility, modularity, and scalability. Yet, their modular and interconnected structure that is the source of these benefits can also lead to vulnerability, by allowing local faults to spread to neighboring locations and even to the whole system. This problem is outside the scope of robust and adaptive control, where the controller typically assumes prior knowledge about disturbances affecting the model. This is especially true for adversarial disturbances, which cannot be modeled with confidence and may fatally disrupt a control task at global level.


Nonetheless, propagating failures are a crucial issue in several application domains, from multi-robot systems prone to unexpected changes in perceived environment, to vehicular networks dealing with unpredictable behavior of human drivers, to power grids subject to power outages or cyber-attacks. These cases require proactive, resilient strategies that can restore the system functionalities on-the-fly in the face of unexpected or adversarial conditions that fall outside of the design assumptions.


Attack-proneness of networked systems has been recently gaining attention in literature, with a huge body of work dealing with cascading failures in vehicular networks, cyber-attacks in smart grids, collaborative multi-robot systems, resilient distributed algorithms. Yet, a unifying framework for resilience in network systems is still lacking, and the complexity of large-scale systems may prevent applicability of several proposed approaches. Ultimately, the path towards resilient networked control systems is still long, and further research and technological effort is needed to cope with adversities of any kind and increasing sophistication.


Sunday, 9 July 2023​

9:00 – 9:15


Ruggero Carli &
Luca Ballotta (UniPd)

9:15 – 10:15
(10:00 – 10:15 Q&A)

Adversarially-Resilient Multi-Robot Systems: How to Enable Concurrent Safety and Security?

Dimitra Panagou (UMich)

10:15 – 11:15
(11:00 – 11:15 Q&A)

Physical Layer Security Techniques in Networked Control Systems with Passive and Active Attackers​

Subhrakanti Dey (Uppsala Univ.)

11:15 – 12:15
(12:00 – 12:15 Q&A)

Trade-offs between Security and Privacy in Cyber-Physical Systems

Vaibhav Katewa (Indian Inst. Science)

12:15 – 13:45

Lunch break

13:45 – 14:45
(14:30 – 14:45 Q&A)

Trustworthy Distributed Computations in Cyber-Physical Systems

Angelia Nedić (Arizona State Univ.)

14:45 – 15:45
(15:30 – 15:45 Q&A)

Data-driven Learning and Control for Resilient Cyber-Physical Infrastructure Networks​

Sivaranjani Seetharaman (Purdue)

15:45 – 16:30
(16:30 – 16:45 Q&A)

Targeting Interventions in Network Systems

Giacomo Como (PoliTo)

Invited Talks

Dimitra Panagou

Department of Robotics, University of Michigan

Talk details

Adversarially Resilient Multi-Robot Systems: How to Enable Concurrent Safety and Security?​

The proliferation of cyberattacks in today’s world has sparked significant interest during recent years in the resilience of networked systems against failures and attacks. A plethora of distributed estimation and control approaches have been developed, that often focus on either attacks that target the “cyber” domain (e.g., the information shared via communication or acquired via sensing), or on attacks that target the “physical” domain (e.g., the actuators or the entire plant/network). Despite tremendous progress, there are still open problems, including but not limited to how we can obtain less conservative models of the attacks (beyond worst-case assumptions), and how we can ensure the safe operation of the agents despite the effects of the attacks. In this talk, I will present an overview of our recent work on resilient multi-robot systems against “cyber” adversaries (Byzantine agents) and “physical” adversaries (risk-averse and risk-taking agents), and some highlights of our ongoing work on learning and counteracting adversarial behavior in multi-agent systems.​

Short bio

Dimitra Panagou received the Diploma and PhD degrees in Mechanical Engineering from the National Technical University of Athens, Greece, in 2006 and 2012, respectively. In September 2014 she joined the Department of Aerospace Engineering, University of Michigan as an Assistant Professor. Since July 2022 she is an Associate Professor with the newly established Department of Robotics, with a courtesy appointment with the Department of Aerospace Engineering, University of Michigan. Prior to joining the University of Michigan, she was a postdoctoral research associate with the Coordinated Science Laboratory, University of Illinois, Urbana-Champaign (2012-2014), a visiting research scholar with the GRASP Lab, University of Pennsylvania (June 2013, Fall 2010) and a visiting research scholar with the University of Delaware, Mechanical Engineering Department (Spring 2009).

Dr. Panagou’s research program spans the areas of nonlinear systems and control; multi-agent systems and networks; motion and path planning; humanrobot interaction; navigation, guidance, and control of aerospace vehicles. She is particularly interested in the development of provably-correct methods for the safe and secure (resilient) operation of autonomous systems in complex missions, with applications in robot/sensor networks and multi-vehicle systems (ground, marine, aerial, space). Dr. Panagou is a recipient of the NASA Early Career Faculty Award, the AFOSR Young Investigator Award, the NSF CAREER Award, and a Senior Member of the IEEE and the AIAA.

Subhrakanti Dey

Division of Signals and Systems, Uppsala University

Talk details

Physical Layer Security Techniques in Networked Control Systems with Passive and Active Attackers​

While cryptographic security has been the dominant security mechanism for cybersecurity, physical layer security has become increasingly popular in the wireless communications area. In the context of wireless sensor and actuator networks deployed towards industrial control systems, however, it remains less explored. As several recent attacks on industrial plants and public infrastructure have shown, achieving secure estimation and control in such systems is extremely important. Recent research has investigated various types of active and passive attacks, and design and analysis of relevant defence mechanisms in this context, ranging from physical layer watermarking, detection of data integrity attacks, and various other algorithms for enhancing security and privacy in such networks. <br>In this talk we will consider security aspects of networked state estimation and control in the presence of an eavesdropper (a passive attacker), or an active attacker who introduces fake measurement signals do drive the control performance away from the optimum. I will present recent results on two such problems:

  1. Remote estimation in the presence of an eavesdropper: In the presence of an eavesdropper, the objective will be to keep estimates of sensitive data or information secure but meaningful, where a sensor transmits local state estimates over a packet dropping link to a remote estimator, while an eavesdropper can successfully overhear each sensor transmission with a certain probability. The objective is to determine suitable transmission scheduling schemes or design other artefacts such as addition of artificial noise (for example, if the transmitter is equipped with multiple antennas), in order to minimize the estimation error covariance at the remote estimator, while trying to keep the eavesdropper error covariance above a certain level. We will present some results on the optimal sensor transmission policy, and show that it to exhibits a thresholding behaviour in the estimation error covariances. Furthermore, for unstable systems, it is shown that in the infinite horizon situation there exist transmission policies which can keep the expected estimation error covariance bounded at the legitimate estimator while the expected eavesdropper error covariance becomes unbounded, thus making it useless. A different secrecy measure based on an information theoretic security notion will also be investigated.
  2. Quickest detection of deception attacks in networked control systems: In this part of the talk, we will present some of our recent results on quickest (sequential) detection of fake measurement attacks, with the objective of minimizing average detection delay subject to a constraint on the average run length between two false alarms. We will show how the use of physical watermarking signal in the control input can be used to this end. We will also present some results on how to economize the use of watermarking signal so that the loss of control performance is minimized in case of no attacks. Some discussions will be presented on how to extend these algorithms to the case of unknown attacker signal parameters.

Finally, we will conclude with some future research directions on trade-off between privacy and security in such networked control systems, where both passive and active attackers can be present.

Short bio

Subhrakanti Dey received the Bachelor in Technology and Master in Technology degrees from the Department of Electronics and Electrical Communication Engineering, Indian Institute of Technology, Kharagpur, in 1991 and 1993, respectively, and the Ph.D. degree from the Department of Systems Engineering, Research School of Information Sciences and Engineering, Australian National University, Canberra, in 1996.

He is currently the Head of Division of Signals and Systems and Professor of Signal Processing at Uppsala University. Prior to this, he was with the National University of Ireland, Maynooth, Ireland, during 2018-2022, while being on leave of absence from Uppsala. He was also a Professor with the Department of Electrical and Electronic Engineering, University of Melbourne, Parkville, Australia, from 2000 until early 2013, when he moved to Uppsala University. From September 1995 to September 1997, and September 1998 to February 2000, he was a Postdoctoral Research Fellow with the Department of Systems Engineering, Australian National University. From September 1997 to September 1998, he was a Postdoctoral Research Associate with the Institute for Systems Research, University of Maryland, College Park.

His current research interests include wireless communications and networks, signal processing for sensor networks, networked control systems, and distributed optimization and learning over networks. Professor Dey currently serves on the Editorial Board of IEEE Control Systems Letters (Senior Editor), IEEE Transactions on Control of Network Systems, (Senior Editor) and IEEE Transactions on Wireless Communications (Editor), and Automatica (Assoc. Editor). He was also an Associate Editor for IEEE Transactions on Signal Processing, (2007-2010, 2014-2018), IEEE Transactions on Automatic Control, (2004-2007) and Elsevier Systems and Control Letters (2003-2013).

Vaibhav Katewa

Department of Electrical Communication, Indian Institute of Science

Talk details

Trade-offs between Security and Privacy in Cyber-Physical Systems​

Security and privacy in CPS have received considerable attention in the past decade and there is thrust to develop mechanisms to detect attacks, take remedial actions, build attackresilient systems, and keep information private. While research on security and privacy have produced a large spectrum of results individually, studies that assess the impact of security on privacy, and vice-versa, are fairly limited. Given that the goals, the information availability, and the mechanisms of the attacker and the eavesdropper are different, one may opine that security and privacy of a system are unrelated. Contrary to this, we show that a fundamental connection and trade-off exists between these two notions. We show this in two settings – stochastic setting where noise is used implement privacy, and deterministic setting where we consider the notion of opacity.​

Short bio

Vaibhav Katewa is an Assistant Professor at the Robert Bosch Center for Cyber-Physical Systems and Department of Electrical Communication at the Indian Institute of Science, Bangalore. He was a Postdoctoral Scholar in the department of Mechanical Engineering at the University of California, Riverside from 2017 to 2019. He received his M.S. and Ph.D. degrees from University of Notre Dame in 2012 and 2016, and his Bachelor’s degree from Indian Institute of Technology, Kanpur in 2007, all in Electrical Engineering. His research interests include analysis and design of security and privacy methods for cyber–physical systems and complex networks, decentralized and sparse feedback control, and protocol design for networked control systems.

Angelia Nedić

School of Electrical, Computer and Energy Engineering, Arizona State University

Talk details

Trustworthy Distributed Computations in Cyberphysical Systems


​We discuss the problem of trustworthy consensus and distributed optimization in presence of adversarial agents in a cyberphysical system. The basic premise is that the agents have access to side information about the trustworthiness of their neighbors which is captured via stochastic values of trust. Specifically, we derive a unified mathematical framework to characterize convergence, deviation of the consensus from the true consensus value, and expected convergence rate. We show that under certain conditions on the stochastic trust values and consensus protocol, almost sure convergence to a common limit value is possible even when malicious agents constitute more than half of the network connectivity. We show that the deviation of the achieved limit from the case where there is no attack (i.e., the true consensus value) can be bounded with probability approaching value 1 exponentially fast and that correct classification of malicious and legitimate agents can be attained in finite time almost surely. Further, the expected convergence rate decays exponentially with the quality of the trust observations between agents. We then consider a simple basic gradient method for solving multi-agent optimization problem in the presence of malicious/noncooperative agents are characterize its performance.

Short bio

Angelia Nedić has a Ph.D. from Moscow State University, Moscow, Russia, in Computational Mathematics and Mathematical Physics (1994), and a Ph.D. from Massachusetts Institute of Technology, Cambridge, USA in Electrical and Computer Science Engineering (2002). She has worked as a senior engineer in BAE Systems North America, Advanced Information Technology Division at Burlington, MA. Currently, she is a faculty member of the school of Electrical, Computer and Energy Engineering at Arizona State University at Tempe. Prior to joining Arizona State University, she has been a Willard Scholar faculty member at the University of Illinois at Urbana-Champaign. She is a recipient (jointly with her co-authors) of the Best Paper Award at the Winter Simulation Conference 2013 and the Best Paper Award at the International Symposium on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks (WiOpt) 2015. Her general research interest is in optimization, large scale complex systems dynamics, variational inequalities and games.

Sivaranjani Seetharaman

School of Industrial Engineering, Purdue University

Talk details

Data-driven Learning and Control for Resilient Cyber-Physical Infrastructure Networks​


​Disruptive technological advances in computing, sensing and communication technologies over the last decade have opened up opportunities for smart cities where large-scale cyberphysical infrastructure networks like energy, traffic, gas, and water can be efficiently monitored, controlled and managed in real-time. Traditional control techniques do not scale well to such large-scale networks due to complexities arising from the network size, granularity of real-time measurement data, and multi-layered dynamical interactions between the physical networks, computing, communication, and human participants. On the other hand, purely data-driven and learning-based approaches to operating these networks do not provide guarantees on stability, safety, and robustness that are crucial in such safety-critical systems.

In this talk, I will present frameworks that integrate data-driven models and learning-based control algorithms with control-relevant properties drawn from network physics, to design provably safe, robust, and resilient cyber-physical infrastructure systems. Specifically, I will (i) discuss approaches to learn control-oriented models of large-scale networked cyber-physical systems from data while capturing special controlrelevant properties such as monotonicity, dissipativity, and conservation laws, and (ii) demonstrate how these properties can be leveraged to achieve scalable and compositional learningbased control designs with provable guarantees. Throughout the talk, I will draw upon applications in transportation networks and energy systems to illustrate the power of these frameworks.​

Short bio

Sivaranjani Seetharaman is an Assistant Professor in the School of Industrial Engineering at Purdue University. Previously, she was a postdoctoral researcher in the Department of Electrical Engineering at Texas A&M University, and the Texas A&M Research Institute for Foundations of Interdisciplinary Data Science (FIDS). She received her PhD in Electrical Engineering from the University of Notre Dame, and her Master’s and undergraduate degrees, also in Electrical Engineering, from the Indian Institute of Science, and PES Institute of Technology, respectively. Sivaranjani has been a recipient of the Schlumberger Foundation Faculty for the Future fellowship, the Zonta International Amelia Earhart fellowship, and the Notre Dame Ethical Leaders in STEM fellowship. She was also named among the MIT Rising Stars in EECS in 2018. Her research interests lie at the intersection of control and machine learning in large-scale networked systems, with applications to energy systems, transportation networks, and interdependent infrastructures.

Giacomo Como

Department of Mathematical Sciences, Politecnico di Torino

Talk details

Targeting Interventions in Network Systems

We study adversarial perturbation/ protection problems for a class of linear network equilibrium models. Such problems emerge in a variety of applications including continuous network games, production networks, and opinion dynamic. Specifically, we consider min-max problems whereby a system planner (the defender) aims at designing an optimal network intervention within her given budget constraint in order to minimize a system disturbance that an adversary (the attacker) is instead trying to maximize. We provide analytic solutions for three classes of quadratic aggregate performances. Our main result is a characterization of the structure of the solutions. We show that the defender’s optimal interventions typically exhibit a waterfilling type structure with the optimal protection concentrated in a subset of the nodes, depending significantly on the aggregate performance considered. Our results also show that the optimal interventions have different regimes depending on the available budget. For a large enough budget, the optimal intervention of the external planner acts on all nodes proportionally to new notions of network centrality. For lower budget values, such optimal intervention has a more delicate structure and is rather concentrated on a few target individuals. This talk is based on joint work with Luca Damonte and Fabio Fagnani.

Short bio

Giacomo Como is a Professor at the Department of Mathematical Sciences, Politecnico di Torino, Italy, and a Senior Lecturer at the Automatic Control Department of Lund University, Sweden. He received the B.Sc., M.S., and Ph.D. degrees in Applied Mathematics from Politecnico di Torino, in 2002, 2004, and 2008, respectively. He was a Visiting Assistant in Research at Yale University in 2006–2007 and a Postdoctoral Associate at the Laboratory for Information and Decision Systems, Massachusetts Institute of Technology, from 2008 to 2011. He currently serves as chair of the IEEE-CSS Technical Committee on Networks and Communications, as Senior Editor of the IEEE Transactions on Control of Network Systems and as Associate Editor of Automatica. He served as Associate Editor of the IEEE Transactions on Network Science and Engineering and of the IEEE Transactions on Control of Network Systems. He was the IPC chair of the IFAC Workshop NecSys’15 and a semiplenary speaker at the International Symposium MTNS’16. He is recipient of the 2015 George S. Axelby Outstanding Paper Award. His research interests are in dynamics, information, and control in network systems with applications to cyber-physical systems, infrastructure networks, and social and economic networks.


Department of Information Engineering, University of Padova


The full registration cost for the workshop (not the registration to the congress) is 20,000 yen (150 dollars) till April 15 and 25,000 yen (190 dollars) from April 16. Students can enjoy the discounted cost of 12,000 yen (90 dollars) till April 15 and of 15,000 yen ($ 113) from April 16. On-line attendance is not offered for workshops.
For the most updated information, please refer to the congress website.