Reachability Analysis of Cyber-Physical Systems Under Stealthy Attacks

Zhang, Qirui; Liu, Kun; Pang, Zhong-Hua; Xia, Yuanqing; Liu, Tao

doi:10.1109/tcyb.2020.3025307

Cited by 23 publications

(10 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Remark Assumption 3 is common in the existing literature 16,20,23 . It implies that the attacker could carefully design the attacks such that they are stealthy for the considered CPS.…”

Section: System Description and Preliminariesmentioning

confidence: 99%

“…Assumption 3 is common in the existing literature. 16,20,23 It implies that the attacker could carefully design the attacks such that they are stealthy for the considered CPS. Such parameters can be obtained by system identification or directly obtained from internal staffs.…”

Section: Plant Model Under Attacksmentioning

confidence: 99%

“…In summary, although there are some works 18‐26 regarding CPS vulnerabilities based on reachability analysis have been reported in the literature, there is still room for improvement. As shown in the work of Althoff and Rath, 28 among various set representations, zonotope can achieve a good balance between accuracy and complexity.…”

Section: Introductionmentioning

confidence: 99%

“…Some results regarding CPS vulnerabilities based on reachability analysis can be found in the literature. [18][19][20][21][22][23][24][25][26] Note that it is not a trivial work to calculate the exact reachable set due to its computational complexity. 20 To address such problem, an over-approximated reachable set is usually considered, for example, the ellipsoidal set representation.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A zonotopic characterization of cyber‐physical system vulnerabilities

Wang

Shen

et al. 2022

Intl J Robust & Nonlinear

View full text Add to dashboard Cite

This article is concerned with the security of a cyber-physical system (CPS) against stealthy attacks. Stealthy attacks are malicious injections into sensor measurements without triggering detectors. We quantify the potential impact of stealthy attacks on system states using zonotopic reachable set. Then, a zonotopic framework is established to characterize the CPS vulnerabilities. Conditions for the existence of vulnerabilities are provided. Moreover, the level of such vulnerabilities is measured via one-sided Hausdorff distance. Finally, numerical simulations are conducted to demonstrate the effectiveness of the proposed method.

show abstract

“…Remark Assumption 3 is common in the existing literature 16,20,23 . It implies that the attacker could carefully design the attacks such that they are stealthy for the considered CPS.…”

Section: System Description and Preliminariesmentioning

confidence: 99%

Section: Plant Model Under Attacksmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A zonotopic characterization of cyber‐physical system vulnerabilities

Wang

Shen

et al. 2022

Intl J Robust & Nonlinear

View full text Add to dashboard Cite

show abstract

“…In [50], the authors assumed that the system disturbance and measurement noise to be unknownbut-bounded and analyzed the reachability issue based on zonotopic set theory. Related works regarding reachability analysis can be found in [51]- [54].…”

Section: Analysis Of Cyber-attacksmentioning

confidence: 99%

Analysis, detection, and mitigation of attacks in cyber-physical systems

Liu¹

View full text Add to dashboard Cite

Cyber-Physical Systems (CPS) offer close integration among computational elements, communication networks, and physical processes. Such systems play an increasingly important role in a large variety of fields, such as manufacturing, health care, environment, transportation, defence, and so on. Due to the wide applications and critical functions of CPS, increasing importance has been attached to their security. In this thesis, we focus on the security of CPS by investigating vulnerability under cyber-attacks, providing detection mechanisms, and developing feasible countermeasures against cyber-attacks.The first contribution of this thesis is to analyze the performance of remote state estimation under linear attacks. A linear time-invariant system equipped with a smart sensor is studied. The adversary aims to maximize the state estimation error covariance while staying stealthy. The maximal performance degradation that an adversary can achieve with any linear first-order false data injection attack under strict stealthiness for vector systems and ϵ-stealthiness for scalar systems is characterized. We also provide an explicit attack strategy that achieves this bound and compare it with strategies previously proposed in the literature.The second problem of this thesis is about the detection of replay attacks. We aim to design physical watermark signals and corresponding detector to protect a control system against replay attacks. For a scenario where the system parameters are available to the operator, a physical watermarking scheme to detect the replay attack is introduced. The optimal watermark signal design problem is formulated as an optimization problem, and the optimal watermark signal and detector are derived. Subsequently, for systems with unknown parameters, we provide an on-line learning mechanism to asymptotically derive the optimal watermarking signal and corresponding detector.The third problem under investigation is about the detection of false-data injection attacks when the attacker injects malicious data to flip the distribution of the manipulated sensor measurements. The detector decides to continue taking observations or to stop based on the received signals, and the goal is to have the flip attack detected as fast as possible while trying to avoid terminating the measurements when no attack is present. The detection problem is modeled as a partially observable Markov decision process (POMDP) by assuming an attack probability, with the dynamics of the hidden states of the POMDP characterized by a stochastic shortest path (SSP) problem. The optimal policy of the SSP solely depends on the transition costs and is inde-viii via ett stokastisk kortaste-väg-problem (SSP-problem). Den optimala policyn för SSP:n beror enbart på övergångskostnaderna och är oberoende av den antagna attacksannolikheten. Genom att använda ett fixerad-längd-fönster och en lämplig karaktärs-funktion för mätningarna används en Markovbeslutsprocess (MDP) för att approximera POMDP:n. Den optimala lösningen av MDP:n erhålls genom fö...

show abstract

Performance based attack detection and security analysis for cyber‐physical systems

Zhao

2022

Intl J Robust & Nonlinear

View full text Add to dashboard Cite

This paper studies attack detection and security analysis for cyber-physical systems from the viewpoint of control performance. The performance residual generated by Bellman equation has been presented to construct the attack detector. Then, the control-performance-based attack detection schemes are designed for state measurable system and state unmeasurable system, respectively. Furthermore, the data-driven realizations of control-performance-based attack detection are presented via kernel identification. Moreover, the security analysis of the proposed control-performance-based attack detection schemes is studied, in which the undetectable state and output attacks are designed. Finally, simulations on the model of a flight vehicle demonstrate the effectiveness of the proposed methods.

show abstract

Reachability Analysis of Cyber-Physical Systems Under Stealthy Attacks

Cited by 23 publications

References 32 publications

A zonotopic characterization of cyber‐physical system vulnerabilities

A zonotopic characterization of cyber‐physical system vulnerabilities

Analysis, detection, and mitigation of attacks in cyber-physical systems

Performance based attack detection and security analysis for cyber‐physical systems

Contact Info

Product

Resources

About