Completely stealthy attacks on cyber-physical system with parity space based monitoring

The parity space approach is one of the most established model-based fault detection methods. The main purpose of this paper is to analyze the parity space-based fault detection monitoring system from the cyber security viewpoint considering an attack on the actuator channel. It is shown that under certain conditions a cyber attack can bypass the fault detection system based on the parity space approach without being detected. This weakness may be used by an adversary to conduct a cyber attack and remain undetected. Conditions of existence of a completely stealthy cyber attack are provided in the paper. Moreover, suggestions are given for a system developer to avoid completely stealthy attacks. An illustrative example is given to demonstrate the main results.

[1]  Ping Zhang,et al.  Detection of covert attacks and zero dynamics attacks in cyber-physical systems , 2016, 2016 American Control Conference (ACC).

[2]  Jie Chen,et al.  A REVIEW OF PARITY SPACE APPROACHES TO FAULT DIAGNOSIS , 1992 .

[3]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[4]  Dominique Sauter,et al.  Frequency-domain optimization for robust fault detection and isolation in dynamic systems , 1999, IEEE Trans. Autom. Control..

[5]  Weiyi Liu,et al.  Security analysis for Cyber-Physical Systems against stealthy deception attacks , 2013, 2013 American Control Conference.

[6]  Jin Dong,et al.  Finite energy and bounded attacks on control system sensor signals , 2014, 2014 American Control Conference.

[7]  Sonia Martínez,et al.  On event-triggered control of linear systems under periodic denial-of-service jamming attacks , 2012, 2012 IEEE 51st IEEE Conference on Decision and Control (CDC).

[8]  Jian Liu,et al.  An LMI approach to minimum sensitivity analysis with application to fault detection , 2005, Autom..

[9]  S. Shankar Sastry,et al.  Safe and Secure Networked Control Systems under Denial-of-Service Attacks , 2009, HSCC.

[10]  Mark Zeller,et al.  Myth or reality — Does the Aurora vulnerability pose a risk to my generator? , 2011, 2011 64th Annual Conference for Protective Relay Engineers.

[11]  Dominique Sauter,et al.  Active GLR detector for resilient LQG controller in networked control systems , 2015 .

[12]  Karl Henrik Johansson,et al.  A secure control framework for resource-limited adversaries , 2012, Autom..

[13]  Jie Chen,et al.  Robust Model-Based Fault Diagnosis for Dynamic Systems , 1998, The International Series on Asian Studies in Computer and Information Science.

[14]  Paul M. Frank,et al.  Fault diagnosis in dynamic systems: theory and application , 1989 .

[15]  Karl Henrik Johansson,et al.  The quadruple-tank process: a multivariable laboratory process with an adjustable zero , 2000, IEEE Trans. Control. Syst. Technol..

[16]  Torsten Jeinsch,et al.  A characterization of parity space and its application to robust fault detection , 1999, IEEE Trans. Autom. Control..

[17]  Bruno Sinopoli,et al.  Secure control against replay attacks , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[18]  Ping Zhang,et al.  Detection of replay attacks in cyber-physical systems , 2016, 2016 American Control Conference (ACC).

[19]  Torsten Jeinsch,et al.  A unified approach to the optimization of fault detection systems , 2000 .

[20]  Rafal Rohozinski,et al.  Stuxnet and the Future of Cyber War , 2011 .

[21]  Donghua Zhou,et al.  On the relationship between parity space and H2 approaches to fault detection , 2006, Syst. Control. Lett..