-
摘要: 針對七自由度機械臂控制系統提出了一種七自由度機械臂隱蔽攻擊模型。首先基于推導的機械臂逆運動學方程,對基于EtherCAT總線的七自由度機械臂進行運動規劃與建模;其次,根據粒子群算法的研究與分析,提出了基于混沌理論的多種群粒子群優化的七自由度機械臂系統PID參數辨識算法;最后搭建了七自由度機械臂的攻擊實驗平臺并使用辨識的參數結合隱蔽攻擊原理開展了機械臂系統的攻擊實驗,并且將所提出的隱蔽攻擊技術與其他傳統攻擊技術進行了比較。結果表明,所提出的七自由度機械臂隱蔽攻擊方法可以破壞機械臂系統的數據完整性和準確性,并且具有很好的隱蔽性,驗證了所建立的攻擊模型的有效性和可行性。Abstract: While the industrial robotic manipulator is a kind of multi-input and multi-output human-like operation and highly autonomous control system. It is widely used in medical care, home service, industrial manufacturing and other fields. With the integration of cyber-physical system networks and the Internet in recent years, the control commands of the industrial robotic arm control system can be totally exposed to the Internet. Under these circumstances, the chances of successful attacks by attackers to systems are increasing year by year. Compared to the security of traditional cyber physical system, the security of manipulator control system is a very challenging problem. In this paper, a covert attack method of 7 degrees of freedom (7-DOF) manipulator control system was proposed. Firstly, based on the inverse kinematics equation of the manipulator, the motion planning and modeling of 7-DOF manipulator, which communicated by EtherCAT, was carried out. Secondly, according to the research and analysis of particle swarm optimization method, a 7-DOF manipulator system PID parameter identification algorithm based on chaotic theory for multi- swarm particle swarm optimization was proposed. Parameter identification mainly identified the PID parameters of each joint. The principle and derivation process of the algorithm were described in detail. Finally, the experimental platform of manipulator control system was built and the identified parameters were used in combination with the covert attack principle to conduct the experiment. The proposed method was compared with other traditional attack methods, such as state machine attack and traditional sine attack. The results show that the covert attack model of the proposed 7-DOF manipulator can destroy the data integrity and accuracy of the manipulator system, and has a good concealment, which verifies the effectiveness and feasibility of the established attack model. The attack experiment platform constructed in this paper provides the physical basis for the attack and defense experiment of the manipulator, and it has certain reference significance for similar researchers.
-
Key words:
- EtherCAT /
- kinematics /
- covert attack /
- manipulator /
- particle swarm optimization
-
圖 3 七自由度機械臂的多種群粒子算法系統辨識基本流程圖
Figure 3. Basic flow chart of MPSO system identification for 7-DOF manipulator
圖 5 EtherCAT從站多協議網關硬件結構圖
Figure 5. EtherCAT slave multi-protocol gateway hardware structure diagram
圖 9 狀態機攻擊。(a)狀態機攻擊執行圖;(b) ROS-EtherCAT主站狀態檢測
Figure 9. State machine attack: (a) state machine attack execution diagram;(b) ROS-EtherCAT master status detection
圖 10 正弦攻擊。(a)正常工作下的速度位置曲線;(b)正弦攻擊下的速度位置曲線;(c) ROS-EtherCAT主站狀態
Figure 10. Sinusoidal attack: (a) speed position curve under normal working; (b) speed position curve under sinusoidal attack; (c) ROS-EtherCAT master status
圖 11 七自由度機械臂通信數據。(a)通信數據格式;(b)機械臂部分內存表信息
Figure 11. 7-DOF manipulator communication data:(a) communication data format;(b) part of memory table information of the robot arm
圖 12 隱蔽攻擊。(a) ROS-EtherCAT主站狀態;(b) 機械臂真實狀態
Figure 12. Covert attack:(a) ROS-EtherCAT master status;(b) manipulator real state
表 1 機械臂D-H坐標系參數
Table 1. D-H coordinate system parameters of manipulator
Joint, i Twist angle, αi–1/(°) Link length, ai–1 Joint angle, θi Offset of connecting rod, di/mm Range/(°) 1 $0$ $0$ θ1 234 ±180 2 –90 $0$ θ2 0 ±135 3 90 $0$ θ3 292 ±180 4 –90 $0$ θ4 0 ±135 5 90 $0$ θ5 242 ±180 6 –90 $0$ θ6 0 ±135 7 90 $0$ θ7 107 ±180 
下載: 導出CSV
表 2 部分辨識值和真實值
Table 2. Partially recognized value and true value
Joint Parameter name Actual value Identification value 6 Position P 500 498.937 6 Position I 0 0.2045 6 Position D 100 102.382 6 Velocity P 400 401.586 6 Velocity I 300 297.926 6 Velocity D 0 –0.1052 7 Position P 800 799.428 7 Position I 0 –0.3054 7 Position D 150 151.313 7 Velocity P 200 202.479 7 Velocity I 11 10.582 7 Velocity D 0 –0.2043
下載: 導出CSV
表 3 機械臂攻擊對比
Table 3. Manipulator attack comparison
Attack category Difficulty of implementation Destructive Concealment State machine attack Simple Weak Weak Sinusoidal attack Medium Stronger Weaker Covert attack Complexity Strong Strong
下載: 導出CSV
259luxu-164<th id="5nh9l"></th> <strike id="5nh9l"></strike> <th id="5nh9l"><noframes id="5nh9l"><th id="5nh9l"></th> <strike id="5nh9l"></strike> <th id="5nh9l"><noframes id="5nh9l"> <th id="5nh9l"></th> <strike id="5nh9l"><noframes id="5nh9l"><span id="5nh9l"></span> <span id="5nh9l"><noframes id="5nh9l"><span id="5nh9l"></span> <strike id="5nh9l"><noframes id="5nh9l"><strike id="5nh9l"></strike> <span id="5nh9l"><noframes id="5nh9l"> <span id="5nh9l"><noframes id="5nh9l"> <span id="5nh9l"></span> <span id="5nh9l"><video id="5nh9l"></video></span> <th id="5nh9l"><noframes id="5nh9l"><th id="5nh9l"></th> -
參考文獻
[1] Bencsath B, Pek G, Buttyan L, et al. The cousins of stuxnet: Duqu, flame, and gauss. Future Internet, 2012, 4(4): 971 doi: 10.3390/fi4040971 [2] Langner R. Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur Privacy, 2011, 9(3): 49 doi: 10.1109/MSP.2011.67 [3] Wu X P, Xie L H. Performance evaluation of industrial Ethernet protocols for networked control application. Control Eng Pract, 2019, 84: 208 doi: 10.1016/j.conengprac.2018.11.022 [4] Sestito G S, Turcato A C, Dias A L, et al. A method for anomalies detection in real-time Ethernet data traffic applied to PROFINET. IEEE Trans Ind Inform, 2018, 14(5): 2171 doi: 10.1109/TII.2017.2772082 [5] Dias A L, Sestito G S, Brandao D. Performance analysis of Profibus DP and Profinet in a motion control application. J Control Autom Electr Syst, 2017, 28(1): 86 doi: 10.1007/s40313-016-0278-7 [6] Chen C H, Lin M Y, Guo X C. High-performance fieldbus application-specific integrated circuit design for industrial smart sensor networks. J Supercomput, 2018, 74(9): 4451 doi: 10.1007/s11227-017-2010-1 [7] Jiang B, Liu Y C, Sun F J, et al. Design of industrial control network based on Modbus/TCP. Low Volt Apparat, 2007(13): 30姜斌, 劉彥呈, 孫凡金, 等. 基于Modbus/TCP的工業控制網絡設計. 低壓電器, 2007(13):30 [8] Eramo V, Lavacca F G, Listanti M, et al. Definition and performance evaluation of an Advanced Avionic TTEthernet Architecture for the support of Launcher Networks. IEEE Aerospace Electron Syst Mag, 2018, 33(9): 30 doi: 10.1109/MAES.2018.170161 [9] Langlois K, van der Hoeven T, Cianca D R, et al. EtherCAT tutorial: an introduction for real-time hardware communication on windows. IEEE Robot Autom Mag, 2018, 25(1): 22 doi: 10.1109/MRA.2017.2787224 [10] Granat A, Hofken H, Schuba M. Intrusion detection of the ICS protocol EtherCAT//International Conference on Computer, Network Security and Communication Engineering (CNSCE2017). Pennsylvania, 2017: 52 [11] Perry J C, Rosen J. Design of a 7 degree-of-freedom upper-limb powered exoskeleton//The First IEEE/RAS-EMBS International Conference on Biomedical Robotics and Biomechatronics, BioRob 2006. Pisa, 2006: 805 [12] Akpinar K O, Ozcelik I. Development of the ECAT preprocessor with the trust communication approach. Secur Commun Networks, 2018, 2018: 1 [13] Li W Z, Xie L, Wang Z L. Two-loop covert attacks against constant value control of industrial control systems. IEEE Trans Ind Inform, 2019, 15(2): 663 doi: 10.1109/TII.2018.2819677 [14] Xie L, Mo Y L, Sinopoli B. False data injection attacks in electricity markets//2010 First IEEE International Conference on Smart Grid Communications. Gaithersburg, 2010: 226 [15] de Sá A O, Carmo L F R d C, Machado R C S. Covert attacks in cyber-physical control systems. IEEE Transactions on Industrial Informatics, 2017, 13(4): 1641 doi: 10.1109/TII.2017.2676005 [16] Krotofil M, Larsen J. Rocking the pocket book: hacking chemical plants//DefCon Conference. DEFCON, 2015: 1 [17] Quarta D, Pogliani M, Polino M, et al. An experimental security analysis of an industrial robot controller//2017 IEEE Symposium on Security and Privacy (SP). San Jose, 2017: 268 [18] Lagraa S, Cailac M, Rivera S, et al. Real-time attack detection on robot cameras: a self-driving car application//2019 Third IEEE International Conference on Robotic Computing (IRC). Naples, 2019: 102 [19] Vilches V M, Gil-Uriarte E, Ugarte I Z, et al. Towards an open standard for assessing the severity of robot security vulnerabilities, the Robot Vulnerability Scoring System (RVSS). arXiv preprint (2018-05-16)[2019-12-07] arXiv: 1807.10357, 2018. http://arxiv.org/abs/1807.10357 [20] D’Souza A, Vijayakumar S, Schaal S. Learning inverse kinematics//Proceedings 2001 IEEE/RSJ International Conference on Intelligent Robots and Systems. Expanding the Societal Role of Robotics in the the Next Millennium (Cat. No. 01CH37180). IEEE, 2001: 298 [21] Denavit J, Hartenberg R S. A kinematic notation for lower pair mechanisms based on matrices. J Appl Mech, 1955, 22: 215 [22] Sui D L, Xie L, Li L P, et al. Coupling planning control algorithm of redundant manipulator. Comput Integr Manuf Syst, 2019, 25(12): 3226眭東亮, 解侖, 李連鵬, 等. 一種冗余機械臂耦合規劃控制算法. 計算機集成制造系統, 2019, 25(12):3226 [23] CRAIG J J. Introduction to Robotics. Beijing: China Machine Press, 2005 [24] Yue Y G, Cao L, Hu J, et al. A novel hybrid location algorithm based on chaotic particle swarm optimization for mobile position estimation. IEEE Access, 2019, 7: 58541 doi: 10.1109/ACCESS.2019.2914924 [25] Tharwat A, Elhoseny M, Hassanien A E, et al. Intelligent Bézier curve-based path planning model using Chaotic Particle Swarm Optimization algorithm. Cluster Comput, 2019, 22(2): 4745 [26] Nagra A A, Han F, Ling Q H, et al. An improved hybrid method combining gravitational search algorithm with dynamic multi swarm particle swarm optimization. IEEE Access, 2019, 7: 50388 doi: 10.1109/ACCESS.2019.2903137 -
點擊查看大圖
計量
- 文章訪問數: 1705
- HTML全文瀏覽量: 1116
- PDF下載量: 39
- 被引次數: 0
