Systems and Control Methods for Cyber-Physical Security

Course objectives

General objectives The course aims at providing basic concepts and methodologies of control theory, operations research and game theory, which constitute an analytical framework for the modeling of cyber-physical systems and of the main types of attacks on cyber-physical systems (for example: "denial of service", " replay attack "," covert attack "," false data injection ") and for the solution of security games and decision problems. The course will summarize a number of such methodologies and show how their application is able to deal with cyber-physical security problems in numerous example use cases. Specific objectives Knowledge and understanding: The students will learn methodologies for to model and solve security problems in cyber-physical systems by unsing control theory, game theory and operations research methodologies. Apply knowledge and understanding: At the end of the course, the student will be able to derive abstract mathematical models for a wide class of cyber-physical systems, to analyze, starting from these models, some important properties concerning their security. Critical and judgment skills: The student will be able to to face cybersecurity problems through control theory, game theory and operations research methodologies. Communication skills: The course activities allow the student to be able to communicate / share the main problems concerning cybersecurity problems in cyber-physical systems and the possible design choices for their soultions. Learning ability: The aim of the course is to make students aware on how to deal with control and decision-making problems in the context of cybersecurity problems in cyber-physical systems.

Channel 1
FRANCESCO LIBERATI Lecturers' profile

Program - Frequency - Exams

Course program
- Introduction to cyber-physical systems; - Notions of quantitative risk management for cyber-physical systems; - Recap of the basic notions from automatic control and system theory; - Modelling of cyber-physical systems, accordingo to two of the most popular approaches. Modelling of the attack space. Detectability and identifiability conditions; - Modelling and analysis of main cyber-physical attacks (false data injection attacks (FDIAs), DoS attack, replay attacks, covert attacks, zero dynamics attacks, etc.); - Detection and mitigation techniques (residual-based detection, watermarking, etc.); - Encripted control; - Applications from the context of smart grids (introduction to the smart grid, FDIAs against the state estimation, load redistribution attacks, topology attacks, switching attacks, multi-level attacks, optimal defence problem); Examples of applications and simulations performed on the computer during lessons, using software such as Matlab, Python, and Julia. Applications on electrical, mechanical, hydraulic systems, etc.
Prerequisites
Fundamentals of mathematical analysis (derivatives, integrals, differential equations), geometry (linear systems, matrices, determinant, rank), physics (elementary physical systems: circuits, mechanical systems, etc.). Typical courses where these preparatory topics are covered are: Geometry, Mathematical Analysis, Physics. However, these propaedeutic concepts will be recalled where useful during the course.
Books
For each topic covered, precise study references (scientific articles and book chapters) will be provided. All details will be available on the course website during the course (see, for example, the 2025 course website - https://sites.google.com/diag.uniroma1.it/liberati/home/teaching/2025-systems-and-control-methods-for-cyber-physical-security). All materials will be freely accessible. Additionally, the instructor will provide lecture notes and a book edited by him. Lessons will be recorded, and the recordings will be made available through the website.
Teaching mode
Theoretical and practical lessons in classroom.
Frequency
Attendance is strongly recommended, but not mandatory. Lessons will be recorded, for the benefit of the students who cannot attend due to overlaps.
Exam mode
Written exam (exercises and open-ended questions) plus an optional oral exam. Typically, the written exam lasts 2 or 3 hours and includes one or more exercises and one or more open-ended questions. No consultation of materials (notes, books, etc.) is allowed. After the written exam is graded, the student may choose to take the oral exam. As an alternative to the written exam, the student may carry out (also in small groups) and discuss a project involving the study of one or more scientific articles related to a topic covered in class, and the computer implementation of the simulations contained in the article. Before the project discussion, the student must submit a written report and the simulation code. For students who choose the project instead of the written exam, the oral exam is mandatory and takes place during the project discussion. The project discussion date is agreed upon between the instructor and the students, generally close to the written exam date. In all cases, students must register on Infostud.
Bibliography
A basic book is: Taha, Walid M., Abd-Elhamid M. Taha, and Johan Thunberg. Cyber-Physical Systems: A Model-Based Approach. Springer Nature, 2021. Available online at this link: https://link.springer.com/book/10.1007/978-3-030-36071-9. A more advanced text is: Ferrari, Riccardo MG, and André MH Teixeira, eds. Safety, Security and Privacy for Cyber-Physical Systems. Springer, 2021. https://link.springer.com/book/10.1007/978-3-030-65048-3 The study of these two books is not mandatory for the course, which will primarily rely on scientific articles, book chapters, and the book written by the instructor, which covers all the topics addressed.
Lesson mode
In presence lectures covering both theory and exercises. In some lessons we will use the computer to carry out simple experiments. Attendance is strongly recommended. Lessons will be recorded, for the benefit of the students who cannot attend due to overlaps.
  • Lesson code1054963
  • Academic year2025/2026
  • CourseCybersecurity
  • CurriculumSingle curriculum
  • Year1st year
  • Semester2nd semester
  • SSDING-INF/04
  • CFU6