On false-data attacks in robust multi-sensor-based estimation

State estimation in critical networked infrastructure such as the transportation and electricity (smart grid) networks is becoming increasingly important. Consequently, the security of state estimation algorithms has been identified as an important design factor in order to safeguard critical infrastructure. In this paper we study false-data attacks on robust state estimation in multi-sensor-based systems. Specifically, we suppose there is a group of attacking entities that want to compromise the integrity of the state estimator by hijacking certain sensors and distorting their outputs. We consider an underlying class of uncertain (discrete-time) systems and we outline a decentralized set-valued state estimation algorithm that recursively produces an ellipsoidal set of all those state estimates consistent with the measurements and modelling assumptions. We then show that in order for the attack to go undetected, the distorted measurements need to be carefully designed. In particular, we compute a set of those measurements which are consistent with the modelling assumptions. This set then forms the basis for a test to detect false-data attacks and provides a quantitative measure of the resilience of the system to false-data attacks. We also briefly discuss how an attacker can design their false-data attack in some optimal fashion while ensuring it goes undetected.

[1]  S. Shankar Sastry,et al.  Safe and Secure Networked Control Systems under Denial-of-Service Attacks , 2009, HSCC.

[2]  Charles R. Johnson,et al.  Matrix analysis , 1985, Statistical Inference for Engineers and Data Scientists.

[3]  A. Matveev,et al.  Estimation and Control over Communication Networks , 2008 .

[4]  I. Petersen,et al.  Robust Control Design Using H-? Methods , 2012 .

[5]  C.N. Hadjicostis,et al.  Distributed function calculation via linear iterations in the presence of malicious agents — Part II: Overcoming malicious behavior , 2008, 2008 American Control Conference.

[6]  João Pedro Hespanha,et al.  A Survey of Recent Results in Networked Control Systems , 2007, Proceedings of the IEEE.

[7]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2009, CCS.

[8]  Karl Henrik Johansson,et al.  Cyber security analysis of state estimators in electric power systems , 2010, 49th IEEE Conference on Decision and Control (CDC).

[9]  Bruno Sinopoli,et al.  Foundations of Control and Estimation Over Lossy Networks , 2007, Proceedings of the IEEE.

[10]  Karl Henrik Johansson,et al.  On Security Indices for State Estimators in Power Networks , 2010 .

[11]  André Teixeira,et al.  Networked control systems under cyber attacks with applications to power networks , 2010, Proceedings of the 2010 American Control Conference.

[12]  Ian R. Petersen,et al.  Robust Kalman Filtering for Signals and Systems with Large Uncertainties , 1999 .

[13]  Shreyas Sundaram,et al.  The wireless control network: Monitoring for malicious behavior , 2010, 49th IEEE Conference on Decision and Control (CDC).

[14]  Robin J. Evans,et al.  Feedback Control Under Data Rate Constraints: An Overview , 2007, Proceedings of the IEEE.

[15]  S. Shankar Sastry,et al.  Secure Control: Towards Survivable Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[16]  Bruno Sinopoli,et al.  False Data Injection Attacks in Electricity Markets , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[17]  Andrey V. Savkin,et al.  Radar Target Tracking via Robust Linear Filtering , 2007, IEEE Signal Processing Letters.

[18]  Antonio Bicchi,et al.  Identifying cyber attacks via local model information , 2010, 49th IEEE Conference on Decision and Control (CDC).

[19]  Ian R. Petersen,et al.  New Approach to Model Validation and Fault Diagnosis , 1997 .

[20]  C.N. Hadjicostis,et al.  Distributed function calculation via linear iterations in the presence of malicious agents — Part I: Attacking the network , 2008, 2008 American Control Conference.

[21]  John S. Baras,et al.  Robust State Estimation under False Data Injection in Distributed Sensor Networks , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[22]  Henrik Sandberg,et al.  Stealth Attacks and Protection Schemes for State Estimators in Power Systems , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[23]  S. Sastry,et al.  SCADA-specific Intrusion Detection / Prevention Systems : A Survey and Taxonomy , 2010 .

[24]  L. Tong,et al.  Malicious Data Attacks on Smart Grid State Estimation: Attack Strategies and Countermeasures , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[25]  I. Petersen,et al.  Recursive state estimation for uncertain systems with an integral quadratic constraint , 1995, IEEE Trans. Autom. Control..

[26]  Andrey V. Savkin,et al.  Decentralized and Robust Target Tracking with Sensor Networks , 2008 .

[27]  Klara Nahrstedt,et al.  Detecting False Data Injection Attacks on DC State Estimation , 2010 .

[28]  Ian R. Petersen,et al.  Robust state estimation and model validation for discrete-time uncertain systems with a deterministic description of noise and uncertainty , 1998, Autom..

[29]  Emanuele Garone,et al.  False data injection attacks against state estimation in wireless sensor networks , 2010, 49th IEEE Conference on Decision and Control (CDC).

[30]  Petros G. Voulgaris,et al.  On optimal ℓ∞ to ℓ∞ filtering , 1995, Autom..

[31]  Yilin Mo,et al.  False Data Injection Attacks in Control Systems , 2010 .