This paper proposes an actuator security index based on the definition of perfect undetectability. This index can help a control system operator to localize the most vulnerable actuators in a networked control system, which can then be secured. Particularly, the security index of an actuator equals the minimum number of sensors and actuators that needs to be compromised, such that a perfectly undetectable attack against that actuator can be conducted. A method for computing the index for small scale networked control systems is derived, and it is shown that the index can potentially be increased by placing additional sensors. The difficulties that appear once the system is of a large scale are then outlined: the problem of calculating the index is NP-hard, the index is vulnerable to system variations, and it is based on the assumption that the attacker knows the entire model of the system. To overcome these difficulties, a robust security index is introduced. The robust index can be calculated in polynomial time, it is unaffected by the system variations, and it can be related to both limited and full model knowledge attackers. Additionally, we analyze two sensor placement problems with the objective to increase the robust indices. We show that both of these problems have submodular structures, so their suboptimal solutions with performance guarantees can be obtained in polynomial time. Finally, the theoretical developments are illustrated through numerical examples.
Risk assessment is an inevitable step in implementation of a cyber-defense strategy. An important part of this assessment is to reason about the impact of possible attacks. In this paper, we propose a framework for estimating the impact of cyber-attacks in stochastic linear control systems. The framework can be used to estimate the impact of denial of service, rerouting, sign alternation, replay, false data injection, and bias injection attacks. For the stealthiness constraint, we adopt the Kullback-Leibler divergence between residual sequences during the attack. Two impact metrics are considered: (1) The probability that some of the critical states leave a safety region; and (2) The expected value of the infinity norm of the critical states. For the first metric, we prove that the impact estimation problem can be reduced to a set of convex optimization problems. Thus, the exact solution can be found efficiently. For the second metric, we derive an efficient to calculate lower bound. Finally, we demonstrate how the framework can be used for risk assessment on an example.
We consider an attacker-operator game for monitoring a large-scale network that is comprised on components that differ in their criticality levels. In this zero-sum game, the operator seeks to position a limited number of sensors to monitor the network against an attacker who strategically targets a network component. The operator (resp. attacker) seeks to minimize (resp. maximize) the network loss. To study the properties of mixed-strategy Nash Equilibria of this game, we first study two simple instances: (i) When component sets monitored by individual sensor locations are mutually disjoint; (ii) When only a single sensor is positioned, but with possibly overlapping monitoring component sets. Our analysis reveals new insights on how criticality levels impact the players equilibrium strategies. Next, we extend a previously known approach to obtain an approximate Nash equilibrium for the general case of the game. This approach uses solutions to minimum set cover and maximum set packing problems to construct an approximate Nash equilibrium. Finally, we implement a column generation procedure to improve this solution and numerically evaluate the performance of our approach.
Abstract-Optimal state estimation for linear discrete-time systems is considered. Motivated by the literature on differential privacy, the measurements are assumed to be corrupted by Laplace noise. The optimal least mean square error estimate of the state is approximated using a randomized method. The method relies on that the Laplace noise can be rewritten as Gaussian noise scaled by Rayleigh random variable. The probability of the event that the distance between the approximation and the best estimate is smaller than a constant is determined as function of the number of parallel Kalman filters that is used in the randomized method. This estimator is then compared with the optimal linear estimator, the maximum a posteriori (MAP) estimate of the state, and the particle filter.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.