A divide-and-conquer approach to distributed attack identification

Identifying attacks is key to ensure security in cyber-physical systems. In this paper we remark upon the computational complexity of the attack identification problem by showing how conventional approximation techniques may fail to identify attacks. Then, we propose decentralized and distributed monitors for attack identification with performance guarantees and low computational complexity. The proposed monitors rely on a geometric control framework, yet they require only local knowledge of the system dynamics and parameters. We exploit a divide-and-conquer approach, where first the system is partitioned into disjoint regions, then corrupted regions are identified via distributed computation, and finally corrupted components are isolated within regions.

[1]  Paulo Tabuada,et al.  Event-Triggered State Observers for Sparse Sensor Noise/Attacks , 2013, IEEE Transactions on Automatic Control.

[2]  Rafal Rohozinski,et al.  Stuxnet and the Future of Cyber War , 2011 .

[3]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[4]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[5]  Hiroaki Nishino,et al.  Distributed Detection of Cyber Attacks and Faults for Power Systems , 2014 .

[6]  Florian Dörfler,et al.  Continuous-Time Distributed Observers With Discrete Communication , 2013, IEEE Journal of Selected Topics in Signal Processing.

[7]  Frank L. Lewis,et al.  Geometric design techniques for observers in singular systems , 1990, Autom..

[8]  Wilfrid Perruquetti,et al.  Observability and detectability analysis of singular linear systems with unknown inputs , 2011, IEEE Conference on Decision and Control and European Control Conference.

[9]  W. Wonham Linear Multivariable Control: A Geometric Approach , 1974 .

[10]  Paulo Tabuada,et al.  Secure state-estimation for dynamical systems under active adversaries , 2011, 2011 49th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[11]  Bruno Sinopoli,et al.  Secure control against replay attacks , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[12]  Ton Geerts Invariant subspaces and invertibility properties for singular systems: The general case , 1993 .

[13]  Roy S. Smith,et al.  A Decoupled Feedback Structure for Covertly Appropriating Networked Control Systems , 2011 .

[14]  G. Basile,et al.  Controlled and conditioned invariants in linear system theory , 1992 .

[15]  Karl Henrik Johansson,et al.  Cyber security analysis of state estimators in electric power systems , 2010, 49th IEEE Conference on Decision and Control (CDC).

[16]  Emmanuel J. Candès,et al.  Decoding by linear programming , 2005, IEEE Transactions on Information Theory.

[17]  Bruno Sinopoli,et al.  False Data Injection Attacks in Electricity Markets , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[18]  Antonio Bicchi,et al.  Consensus Computation in Unreliable Networks: A System Theoretic Approach , 2010, IEEE Transactions on Automatic Control.

[19]  F. Bullo Ucsb,et al.  Attack Detection and Identification in Cyber-Physical Systems , 2012 .

[20]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2011, TSEC.

[21]  Florian Dörfler,et al.  Cyber-physical attacks in power networks: Models, fundamental limitations and monitor design , 2011, IEEE Conference on Decision and Control and European Control Conference.