State estimation under false data injection attacks: Security analysis and system protection

Abstract The security issue in the state estimation problem is investigated for a networked control system (NCS). The communication channels between the sensors and the remote estimator in the NCS are vulnerable to attacks from malicious adversaries. The false data injection attacks are considered. The aim of this paper to find the so-called insecurity conditions under which the estimation system is insecure in the sense that there exist malicious attacks that can bypass the anomaly detector but still lead to unbounded estimation errors. In particular, a new necessary and sufficient condition for the insecurity is derived in the case that all communication channels are compromised by the adversary. Moreover, a specific algorithm is proposed for generating attacks with which the estimation system is insecure. Furthermore, for the insecure system, a system protection scheme through which only a few (rather than all) communication channels require protection against false data injection attacks is proposed. A simulation example is utilized to demonstrate the effectiveness of the proposed conditions/algorithms in the secure estimation problem for a flight vehicle.

[1]  Emanuele Garone,et al.  False Data Injection Attacks for State Estimation in Cyber-Physical Systems , 2010, CDC 2010.

[2]  Bruno Sinopoli,et al.  Physical Authentication of Control Systems: Designing Watermarked Control Inputs to Detect Counterfeit Sensor Outputs , 2015, IEEE Control Systems.

[3]  Ling Shi,et al.  Detection Against Linear Deception Attacks on Multi-Sensor Remote State Estimation , 2018, IEEE Transactions on Control of Network Systems.

[4]  Sonia Martínez,et al.  On the Performance Analysis of Resilient Networked Control Systems Under Replay Attacks , 2013, IEEE Transactions on Automatic Control.

[5]  T. M. Chen,et al.  Stuxnet, the real start of cyber warfare? [Editor's Note] , 2010, IEEE Netw..

[6]  Paulo Tabuada,et al.  Event-Triggered State Observers for Sparse Sensor Noise/Attacks , 2013, IEEE Transactions on Automatic Control.

[7]  Bruno Sinopoli,et al.  Detecting Integrity Attacks on SCADA Systems , 2011 .

[8]  Ling Shi,et al.  Optimal Linear Cyber-Attack on Remote State Estimation , 2017, IEEE Transactions on Control of Network Systems.

[9]  Karl Henrik Johansson,et al.  A secure control framework for resource-limited adversaries , 2012, Autom..

[10]  Oliver Kosut Malicious data attacks against dynamic state estimation in the presence of random noise , 2013, 2013 IEEE Global Conference on Signal and Information Processing.

[11]  Emanuele Garone,et al.  False data injection attacks against state estimation in wireless sensor networks , 2010, 49th IEEE Conference on Decision and Control (CDC).

[12]  Yilin Mo,et al.  False Data Injection Attacks in Control Systems , 2010 .

[13]  Vijay Gupta,et al.  Security in stochastic control systems: Fundamental limitations and performance bounds , 2015, 2015 American Control Conference (ACC).

[14]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2011, TSEC.

[15]  Guo-Ping Liu,et al.  Design and Implementation of Secure Networked Predictive Control Systems Under Deception Attacks , 2012, IEEE Transactions on Control Systems Technology.

[16]  Karl Henrik Johansson,et al.  Cyber security analysis of state estimators in electric power systems , 2010, 49th IEEE Conference on Decision and Control (CDC).

[17]  Karl Henrik Johansson,et al.  Efficient Computations of a Security Index for False Data Attacks in Power Networks , 2012, IEEE Transactions on Automatic Control.

[18]  Petros G. Voulgaris,et al.  On optimal ℓ∞ to ℓ∞ filtering , 1995, Autom..

[19]  Lang Tong,et al.  Malicious Data Attacks on the Smart Grid , 2011, IEEE Transactions on Smart Grid.

[20]  Paulo Tabuada,et al.  Secure Estimation and Control for Cyber-Physical Systems Under Adversarial Attacks , 2012, IEEE Transactions on Automatic Control.

[21]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[22]  Bruno Sinopoli,et al.  A Graph-Theoretic Characterization of Perfect Attackability for Secure Design of Distributed Control Systems , 2017, IEEE Transactions on Control of Network Systems.

[23]  Weiyi Liu,et al.  Security analysis for Cyber-Physical Systems against stealthy deception attacks , 2013, 2013 American Control Conference.

[24]  João Pedro Hespanha,et al.  Observability of linear systems under adversarial attacks , 2015, 2015 American Control Conference (ACC).

[25]  T. M. Chen,et al.  Smart grids, smart cities need better networks [Editor's Note] , 2010, IEEE Netw..

[26]  Bruno Sinopoli,et al.  On the Performance Degradation of Cyber-Physical Systems Under Stealthy Integrity Attacks , 2016, IEEE Transactions on Automatic Control.

[27]  D. Bernstein Matrix Mathematics: Theory, Facts, and Formulas , 2009 .

[28]  Paulo Tabuada,et al.  Secure State Estimation Against Sensor Attacks in the Presence of Noise , 2015, IEEE Transactions on Control of Network Systems.