Worst-case stealthy innovation-based linear attack on remote state estimation

Guo, Ziyang; Shi, Dawei; Johansson, Karl Henrik; Shi, Ling

doi:10.1016/j.automatica.2017.11.018

Cited by 207 publications

(80 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another example of attack analysis for introducing undetectable attack is discussed in [172]. In [225], [226], Kullback-Leibler divergence is employed to develop a stealthiness and obtain worst-case attack policies as a trade-off between system performance degradation and attack stealthiness. In [227], [228], worst case deception attacks are analyzed in stochastic systems and the number of sensors to secure the system using a Kalman filter approach is proposed.…”

Section: A Threat Assessmentmentioning

confidence: 99%

“…In these works, a zero-dynamic output can be injected to the system so that while to the system operators it may appear that the output remains at zero, the actual system response is becoming unbounded. In [225], [237], the degradation of system performance under a linear attack policy on A 2 is analyzed. The timing of DoS attacks (A 1 ) is discussed in [238].…”

Section: A Threat Assessmentmentioning

confidence: 99%

See 1 more Smart Citation

A systems and control perspective of CPS security

Dibaji

Pirani

Flamholz

et al. 2019

Annual Reviews in Control

Self Cite

382

191

View full text Add to dashboard Cite

The comprehensive integration of instrumentation, communication, and control into physical systems has led to the study of Cyber-Physical Systems (CPS), a field that has recently garnered increased attention. A key concern that is ubiquitous in CPS is a need to ensure security in the face of cyber attacks. In this paper, we carry out a survey of systems and control methods that have been proposed for the security of CPS. We classify these methods into three categories based on the type of defense proposed against the cyberattacks: prevention, resilience, and detection & isolation. A unified threat assessment metric is proposed in order to evaluate how CPS security is achieved in each of these three cases. Also surveyed are risk assessment tools and the effect of network topology on CPS security. An emphasis has been placed on power and transportation applications in the overall survey. Index Terms-cyber-physical systems, resilient control I. INTRODUCTION Motivated by concerns about sustainability, efficiency, and resiliency, several sectors including energy, transportation, water, and healthcare systems have witnessed significant advances in instrumentation, monitoring, and automation over the past decade. The resulting integration of information, communication, and computation with physically engineered systems demands a detailed investigation into the analysis and synthesis of Cyber-Physical Systems (CPS) so as to realize the desired performance metrics of efficiency, sustainability, and safety. The extensive and intricate presence of cyber components also introduces a vulnerability of unwanted access to these systems. The available communication technologies, referred to as SCADA (Supervisory Control and Data Acquisition), are witnessing significant advances, triggering a shift from protected, closed, and wired networks to open and wireless networks which, as a side effect, are more vulnerable to outside interference.

show abstract

Section: A Threat Assessmentmentioning

confidence: 99%

Section: A Threat Assessmentmentioning

confidence: 99%

A systems and control perspective of CPS security

Dibaji

Pirani

Flamholz

et al. 2019

Annual Reviews in Control

Self Cite

382

191

View full text Add to dashboard Cite

show abstract

“…Hence from [21, Theorem 1], we conclude that the proposed algorithm converges to a stationary point. The steps in (16) and (17) reduce the problem in (15) to that of solving a sequence of SDPs, which can be efficiently solved by interior-point methods.…”

Section: A Block-coordinate Descent (Bcd) Based Approachmentioning

confidence: 99%

“…In [14] the mean square error (MSE) performance of single sensor Kalman filter with data-falsification attacks was analyzed considering the Kullback-Leibler (KL) divergence as a measure of attack stealthiness. Similarly, in [15] it was shown that with KL divergence as the stealth metric, the worst-case linear attack strategy that maximizes the estimation error covariance is a zero-mean Gaussian distributed attack sequence. In [16], the authors propose algorithms to design attack sequence to move the state of a CPS to a target state while satisfying the probability of detection constraints.…”

Section: Introductionmentioning

confidence: 98%

Coordinated Data-Falsification Attacks in Consensus-based Distributed Kalman Filtering

Moradi

Venkategowda

Werner

2019

2019 IEEE 8th International Workshop on Computational Advances in Multi-Sensor Adaptive Processing (CAMSAP)

View full text Add to dashboard Cite

This paper considers consensus-based distributed Kalman filtering subject to data-falsification attack, where Byzantine agents share manipulated data with their neighboring agents. The attack is assumed to be coordinated among the Byzantine agents and follows a linear model. The goal of the Byzantine agents is to maximize the network-wide estimation error while evading false-data detectors at honest agents. To that end, we propose a joint selection of Byzantine agents and covariance matrices of attack sequences to maximize the network-wide estimation error subject to constraints on stealthiness and the number of Byzantine agents. The attack strategy is then obtained by employing block-coordinate descent method via Boolean relaxation and backward stepwise based subset selection method. Numerical results show the efficiency of the proposed attack strategy in comparison with other naive and uncoordinated attacks.

show abstract

“…Additionally, Kullback-Leibler (KL) divergence [27] is used to define a stealthiness constraint, which makes the framework independent of the choice of anomaly detector. Stealthiness constraints based on KL-divergence have been used in several works so far [28]- [31].…”

Section: Introductionmentioning

confidence: 99%

Estimating the Impact of Cyber-Attack Strategies for Stochastic Networked Control Systems

Milošević

Johansson

2020

IEEE Trans. Control Netw. Syst.

Self Cite

View full text Add to dashboard Cite

Risk assessment is an inevitable step in implementation of a cyber-defense strategy. An important part of this assessment is to reason about the impact of possible attacks. In this paper, we propose a framework for estimating the impact of cyber-attacks in stochastic linear control systems. The framework can be used to estimate the impact of denial of service, rerouting, sign alternation, replay, false data injection, and bias injection attacks. For the stealthiness constraint, we adopt the Kullback-Leibler divergence between residual sequences during the attack. Two impact metrics are considered: (1) The probability that some of the critical states leave a safety region; and (2) The expected value of the infinity norm of the critical states. For the first metric, we prove that the impact estimation problem can be reduced to a set of convex optimization problems. Thus, the exact solution can be found efficiently. For the second metric, we derive an efficient to calculate lower bound. Finally, we demonstrate how the framework can be used for risk assessment on an example.

show abstract

Worst-case stealthy innovation-based linear attack on remote state estimation

Cited by 207 publications

References 19 publications

A systems and control perspective of CPS security

A systems and control perspective of CPS security

Coordinated Data-Falsification Attacks in Consensus-based Distributed Kalman Filtering

Estimating the Impact of Cyber-Attack Strategies for Stochastic Networked Control Systems

Contact Info

Product

Resources

About