Securing Control Systems: A New Approach to Encryption and Stability

Author: Denis Avetisyan

This review explores a framework for designing both the encryption settings and control parameters in networked systems to maintain performance and resilience against communication delays.

Co-designing cryptographic parameters and feedback gains for encrypted control systems addresses stability and performance challenges in the face of network latency.

While encrypted control systems offer promising security for networked control, existing approaches often overlook the performance degradation caused by communication and computation delays inherent in homomorphic encryption. This paper, ‘Co-Design of Cryptographic Parameters and Delay-Aware Feedback Gain for Encrypted Control Systems’, addresses this limitation by proposing a co-design framework that jointly optimizes cryptographic parameters and feedback gains to ensure closed-loop stability. Specifically, we derive sufficient conditions, expressed as linear matrix inequalities, for stabilizing control despite encryption-induced delays and present a tractable design procedure. Could this approach unlock more robust and secure control of critical infrastructure systems facing evolving cyber threats?

The Expanding Threat Landscape of Networked Control

The escalating integration of digital networks into traditionally isolated control systems – encompassing everything from power grids and water treatment facilities to transportation networks – has created a significantly expanded attack surface for malicious actors. These Networked Control Systems (NCS), while offering enhanced efficiency and automation, are inherently vulnerable to cyberattacks that can disrupt or even disable critical infrastructure. Unlike conventional IT systems where data breaches are the primary concern, successful attacks on NCS can have direct physical consequences – potentially causing widespread power outages, contaminating water supplies, or triggering industrial accidents. The interconnected nature of these systems also means that a single compromised node can serve as a gateway for cascading failures, amplifying the impact of an initial breach and posing a substantial risk to public safety and economic stability. The increasing sophistication of attack vectors, coupled with the growing number of connected devices, necessitates a proactive and adaptive approach to securing these vital systems.

Conventional cybersecurity protocols, while vital, frequently impose significant operational burdens on Networked Control Systems (NCS). The addition of encryption, authentication, and intrusion detection systems can dramatically increase latency – the delay in data transmission – which is particularly detrimental in time-sensitive applications like power grids or automated manufacturing. Furthermore, resource-intensive security measures can introduce instability into these systems, potentially disrupting real-time control loops and causing unintended – and potentially dangerous – consequences. This trade-off between robust security and reliable performance presents a considerable challenge, as simply layering traditional defenses onto existing NCS infrastructure often compromises the very systems it intends to protect. Consequently, researchers are actively exploring novel security architectures designed to minimize performance impacts while maintaining a high level of resilience against increasingly sophisticated cyber threats.

Maintaining robust security within networked control systems presents a significant engineering challenge, particularly as these systems operate under increasingly stringent resource limitations. Traditional cybersecurity protocols, while effective in isolation, often demand substantial computational power and communication bandwidth, introducing unacceptable delays and potential instability in time-sensitive applications like power grids or automated manufacturing. This creates a critical need for innovative security architectures that prioritize efficiency without compromising integrity; approaches must intelligently allocate resources, minimize overhead, and potentially leverage novel cryptographic techniques or decentralized security models to ensure both reliable operation and protection against evolving cyber threats. The focus is shifting towards proactive, adaptive security solutions capable of functioning seamlessly within the constraints of real-world infrastructure.

Securing Control Through Encrypted Computation

Encrypted Control leverages Homomorphic Encryption (HE) to enable computation on ciphertext without requiring prior decryption. This is achieved by utilizing HE schemes where operations performed on encrypted data yield results that, when decrypted, match the results of the same operations performed on the plaintext. Specifically, HE allows a control system to process sensitive data – such as sensor readings or actuator commands – while maintaining confidentiality throughout the entire computation. This eliminates the need to expose plaintext data to potentially untrusted computing environments, mitigating privacy risks and bolstering data security. The ability to compute directly on encrypted data is fundamental to the system’s security architecture, ensuring data remains protected at all times.

Outsourcing control tasks to remote servers via this framework allows edge devices to offload computationally intensive processes, thereby reducing their processing requirements and extending battery life. This is achieved by performing control algorithms directly on encrypted data hosted on the server, eliminating the need for edge devices to decrypt sensitive information. Furthermore, distributing the control loop across multiple servers increases system resilience against single points of failure and denial-of-service attacks, as the system can continue operating even if individual servers become unavailable. The architecture is particularly beneficial in scenarios with limited edge device resources or unreliable network connectivity, enabling continuous operation and improved system stability.

The LWE (Learning With Errors) based cryptosystem forms the cryptographic basis for secure computation within the Encrypted Control framework. LWE’s security relies on the presumed hardness of solving a specific lattice problem, making it resistant to known attacks. Specifically, the system leverages the difficulty of distinguishing between truly random strings and strings generated by adding a small amount of noise to the output of a linear transformation. This allows for the creation of ciphertext that, when operated upon, yields ciphertext representing the result of the operation without revealing the underlying plaintext data. The parameters of the LWE scheme – specifically the lattice dimension, modulus, and error distribution – are critical for balancing security and computational efficiency within the control loop, and are chosen to provide adequate protection against adversarial attempts to reconstruct the control signals.

Mitigating Delay in Encrypted Control Systems

Total delay in encrypted control systems originates from several sequential processes. Communication latency, inherent in any network transmission, contributes to the overall delay. Encryption of the control signal introduces computational delay proportional to the algorithm and data size. Homomorphic evaluation, which performs computations on encrypted data, adds further delay dependent on the complexity of the operations and the chosen homomorphic encryption scheme. Finally, decryption of the result at the receiver introduces a delay related to the decryption algorithm and data size. The cumulative effect of these delays – communication, encryption, homomorphic evaluation, and decryption – constitutes the total delay and must be accounted for in control system design to maintain stability and performance.

The Delay-Aware Feedback Gain is a control strategy implemented to mitigate performance degradation caused by communication and computational latency inherent in encrypted control systems. This gain is not a static value but is dynamically adjusted to compensate for the total system delay, which includes transmission times, encryption/decryption overhead, and processing delays associated with homomorphic evaluation. By explicitly accounting for latency in the feedback loop, the gain aims to maintain closed-loop stability and achieve desired performance metrics, such as settling time and overshoot, despite the presence of delays. The design process focuses on minimizing the negative impact of latency on the system’s ability to accurately track setpoints and reject disturbances.

Optimization of the Delay-Aware Feedback Gain utilizes Linear Matrix Inequalities (LMIs) as a mathematical framework to guarantee closed-loop stability and achieve specified performance criteria. LMIs transform the stability and performance constraints – such as bounds on rise time, settling time, overshoot, and disturbance rejection – into a set of linear matrix inequalities. These inequalities, when satisfied, ensure that the closed-loop system remains stable and meets the desired performance specifications. The LMI approach allows for the systematic design of the gain by converting a complex control problem into a tractable optimization problem solvable with readily available numerical tools. Specifically, the optimization process seeks to minimize a cost function subject to the LMI constraints, resulting in a feedback gain that optimizes system performance while maintaining stability in the presence of communication and processing delays.

The control system design explicitly addresses the discrete-time nature of the implementation, acknowledging that digital control relies on sampled data. To accurately reconstruct the continuous-time control signal from these discrete samples, a Zero-Order Hold (ZOH) is employed. The ZOH introduces a hold function that maintains the most recent sample value until the next sample arrives, effectively creating a piecewise-constant approximation of the desired continuous signal. This method is crucial for preventing aliasing and ensuring the stability and performance of the encrypted control system, as it accurately represents the control input applied to the physical process between sampling instants. The ZOH is integrated into the system model during the optimization process, which utilizes Linear Matrix Inequalities (LMIs) to guarantee closed-loop stability while accounting for the introduced delay.

Demonstrating Robustness and Scalability of Secure Control

A novel approach to secure control systems demonstrates remarkable resilience against communication delays, a common challenge in networked environments. By implementing a Delay-Aware Feedback Gain in conjunction with a lattice-based cryptographic scheme – specifically, one built upon the Learning With Errors (LWE) problem – the system maintains stability even when experiencing delays up to $3\overline{\tau}\theta/4$ . This contrasts sharply with traditional, delay-unaware control gains, which quickly become unstable under similar conditions. The robust performance stems from the gain’s ability to actively compensate for the time lag in feedback signals, ensuring the control loop remains functional despite network imperfections and facilitating reliable operation in real-world applications where predictable communication isn’t guaranteed.

The architecture’s foundation in a State Feedback Controller significantly broadens its potential beyond specialized cryptographic control systems. This established control methodology allows adaptation to diverse dynamic systems – from robotics and aerospace engineering to complex industrial processes – where secure and reliable operation are paramount. By leveraging the well-understood principles of state-space representation and feedback control, the framework isn’t limited to scenarios explicitly designed for cryptographic applications; instead, it offers a versatile platform for integrating security features into existing control loops or developing entirely new, secure control architectures. The inherent flexibility of State Feedback Control facilitates tailoring the system’s response to specific performance requirements, enabling optimization for stability, speed, and accuracy – all while maintaining a robust cryptographic layer.

The security and operational efficiency of the proposed control framework are intrinsically linked to the selected cryptographic parameter set. This set-defining elements like key size and lattice dimension-directly governs the level of protection against adversarial attacks, with the implementation achieving a target security level of 128 bits. However, increasing cryptographic strength invariably introduces computational overhead, impacting both processing time and communication bandwidth. Consequently, a tunable trade-off exists; larger parameter sets enhance security but demand greater resources, while smaller sets improve performance at the cost of reduced protection. This inherent relationship allows for customization, enabling the system to be optimized based on the specific security requirements and resource constraints of the deployed application.

The precision of the secure control system hinges critically on the chosen sampling time; a carefully calibrated interval is essential for maintaining both stability and accuracy in the discrete-time implementation. Insufficiently small sampling times can introduce discretization errors, potentially leading to instability or degraded performance, while excessively small intervals increase computational burden without commensurate gains. Supporting this real-time operation, the system utilizes a communication rate of 250 Mbit/s specifically dedicated to the accurate calculation and transmission of communication delays – a necessary component for the delay-aware feedback gain to effectively counteract network latency and ensure robust control even in challenging communication environments. This balance between computational efficiency and communication bandwidth is key to the system’s practical applicability and performance.

The study addresses inherent trade-offs. It navigates the tension between security – achieved through cryptographic parameters – and system performance, particularly concerning communication delays. This echoes Immanuel Kant’s assertion: “Out of sheer necessity, we must begin with principles.” The framework prioritizes establishing foundational stability-a principle-before layering on complexity. Abstractions age, principles don’t. Every complexity needs an alibi, and this co-design approach provides one: a justified balance between encryption strength and control system responsiveness. The method acknowledges that increased security isn’t beneficial if it compromises fundamental control objectives.

Further Lines of Inquiry

The presented co-design offers a necessary, if not entirely sufficient, step toward practical encrypted control. The pursuit of security cannot indefinitely obscure performance, and this work begins to address that asymmetry. However, the reliance on specific homomorphic encryption schemes-particularly those based on Learning With Errors-introduces a constraint. Future investigations should broaden the scope to encompass alternative cryptographic primitives, assessing their compatibility with robust control design.

A crucial simplification lies in the treatment of communication delays. While delay-aware feedback gains mitigate some effects, the model assumes a known, bounded delay. Real-world networked control systems rarely afford such certainty. Adapting the co-design framework to estimate and compensate for unbounded or time-varying delays represents a significant, and likely arduous, challenge.

Ultimately, the field must confront a fundamental tension. Increased cryptographic complexity invariably introduces computational overhead and communication latency. The goal is not merely to add layers of security, but to reveal the minimal necessary protections-a distillation of both control and cryptographic principles. The path forward lies not in relentless expansion, but in elegant subtraction.

Original article: https://arxiv.org/pdf/2604.14774.pdf

Contact the author: https://www.linkedin.com/in/avetisyan/

The Expanding Threat Landscape of Networked Control

Securing Control Through Encrypted Computation

Mitigating Delay in Encrypted Control Systems

Demonstrating Robustness and Scalability of Secure Control

Further Lines of Inquiry

See also: