Passivity-Based Robust Control Against Quantified False Data Injection Attacks in Cyber-Physical Systems Yue Zhao, Ze Chen, Chunjie Zhou, Yu-Chu Tian, Senior Member, IEEE, and Yuanqing Qin L 2 Abstract—Secure control against cyber attacks becomes increasingly significant in cyber-physical systems (CPSs). False data injection attacks are a class of cyber attacks that aim to compromise CPS functions by injecting false data such as sensor measurements and control signals. For quantified false data injection attacks, this paper establishes an effective defense framework from the energy conversion perspective. Then, we design an energy controller to dynamically adjust the system energy changes caused by unknown attacks. The designed energy controller stabilizes the attacked CPSs and ensures the dynamic performance of the system by adjusting the amount of damping injection. Moreover, with the disturbance attenuation technique, the burden of control system design is simplified because there is no need to design an attack observer. In addition, this secure control method is simple to implement because it avoids complicated mathematical operations. The effectiveness of our control method is demonstrated through an industrial CPS that controls a permanent magnet synchronous motor. Index Terms—Cyber-physical systems, energy controller, energy conversion, false data injection attacks, L 2 disturbance attenuation technology.    I. Introduction R ECENTLY, cyber attacks against cyber-physical systems (CPSs) have increasingly occured. Due to the existence of such attacks, CPSs usually exhibit strong nonlinear characteristics. The inherent nonlinear nature of the attacked CPSs has motivated the research of nonlinear control methods in security control. Existing investigations have delved into the nonlinear control of CPSs include adaptive control [1], [2], sliding mode control [3] and model predictive control [4]–[6]. Existing nonlinear control methods against cyber attacks have been studied mostly from the perspective of signal processing. These nonlinear control methods show some disadvantages. For example, the design of adaptive control methods is usually complicated. When the control system has non-parametric uncertainties, its robustness is greatly affected by model errors. As another example, the application of sliding mode control methods not only shows a chattering phenomenon, but also is restricted by the relative order of the system. Furthermore, the backstepping control method is easy to cause the dimensional expansion of the system. The model predictive control method demands a large amount of calculation. As a result, the control time is difficult to guarantee. Because attacks are unpredictable, time-varying, and complex, these high-gain control methods have limited ability to deal with attacks. The design of adaptive secure controller in [7] counteracts denial-of-service (DoS) attacks as well as external disturbances. They offset the impact of unknown attacks on the system in real time. However, the selection of adaptive parameters is a difficult task as attacks are changeable. The study reported in [8] uses an backstepping secure controller to deal with attacks. However, this controller is only designed for second-order systems. Its applications to high-order systems are difficult because it will cause dimensional expansion problems. The work in [9] investigates discrete- time cyber-physical systems under actuator and sensor attacks. As attacks are unknown, it adopts an observer-based control scheme to stabilize attacked systems. But the design of the additional attack observer complicates control system design. The reports in [10]–[13] consider a model predictive control algorithms to handle attacks for discrete-time systems. They solve an optimization problem with some constraints expressed by linear matrix inequalities. However, the optimization process is computationally expensive, increasing the complexity of the control problem. In the fields of science and engineering, it is generally believed that the change in various physical quantities in dynamic systems reflect a change in energy (absorption, conversion, and consumption). For example, the change in current flowing through an inductor reflects the change in magnetic field energy. Therefore, the physical quantity of the system can be controlled through the control of the system energy. The passivity of the system is the energy change property of the system. Passivity-based control [14]–[16] is an inherently nonlinear control method because of its good Manuscript received January 9, 2021; revised February 4, 2021; accepted March 28, 2021. This work was supported in part by the National Science Foundation of China (61873103, 61433006) to author Chunjie Zhou. Recommended by Associate Editor Qinglai Wei. (Corresponding author: Chunjie Zhou.) Citation: Y. Zhao, Z. Chen, C. J. Zhou, Y.-C. Tian, and Y. Q. Qin, “Passivity-based robust control against quantified false data injection attacks in cyber-physical systems,” IEEE/CAA J. Autom. Sinica, vol. 8, no. 8, pp. 1440–1450, Aug. 2021. Y. Zhao, Z. Chen, C. J. Zhou and Y. Q. Qin are with the Key Laboratory of Ministry of Education for Image Processing and Intelligent Control, School of Artificial Intelligence and Automation, Huazhong University of Science and Technology, Wuhan 430074, China (e-mail: yuezhao@hust.edu.cn; m201972757@hust.edu.cn; cjiezhou@hust.edu.cn; qinyuanqing@hust.edu. cn). Y.-C. Tian is with the School of Computer Science, Queensland University of Technology, Brisbane QLD 4001, Australia (e-mail: y.tian@qut.edu.au). Color versions of one or more of the figures in this paper are available online at http://ieeexplore.ieee.org. Digital Object Identifier 10.1109/JAS.2021.1004012 1440 IEEE/CAA JOURNAL OF AUTOMATICA SINICA, VOL. 8, NO. 8, AUGUST 2021