SecSens: Secure State Estimation with Application to Localization and Time Synchronization

Research evidence in Cyber-Physical Systems (CPS) shows that the introduced tight coupling of information technology with physical sensing and actuation leads to more vulnerability and security weaknesses. But, the traditional security protection mechanisms of CPS focus on data encryption while neglecting the sensors which are vulnerable to attacks in the physical domain. Accordingly, researchers attach utmost importance to the problem of state estimation in the presence of sensor attacks. In this work, we present SecSens, a novel approach for secure nonlinear state estimation in the presence of modeling and measurement noise. SecSens consists of two independent algorithms, namely, SecEKF and SecOPT, which are based on Extended Kalman Filter and Maximum Likelihood Estimation, respectively. We adopt a holistic approach to introduce security awareness among state estimation algorithms without requiring specialized hardware, or cryptographic techniques. We apply SecSens to securely localize and time synchronize networked mobile devices. SecSens provides good performance at run-time several order of magnitude faster than the state of art solutions under the presence of powerful attacks. Our algorithms are evaluated on a testbed with static nodes and a mobile quadrotor all equipped with commercial ultra-wide band wireless devices.

[1]  Paulo Tabuada,et al.  Secure Estimation and Control for Cyber-Physical Systems Under Adversarial Attacks , 2012, IEEE Transactions on Automatic Control.

[2]  John R. Lowell,et al.  Military applications of localization, tracking, and targeting , 2011, IEEE Wireless Communications.

[3]  Radha Poovendran,et al.  SeRLoc: Robust localization for wireless sensor networks , 2005, TOSN.

[4]  Gregory J. Pottie,et al.  Wireless integrated network sensors , 2000, Commun. ACM.

[5]  Ping Zhang,et al.  On Using the Relative Configuration to Explore Cooperative Localization , 2014, IEEE Transactions on Signal Processing.

[6]  Peng Ning,et al.  TinySeRSync: secure and resilient time synchronization in wireless sensor networks , 2006, CCS '06.

[7]  George J. Pappas,et al.  Stochastic game approach for replay attack detection , 2013, 52nd IEEE Conference on Decision and Control.

[8]  Todd E. Humphreys,et al.  Unmanned Aircraft Capture and Control Via GPS Spoofing , 2014, J. Field Robotics.

[9]  James Aspnes,et al.  On the Computational Complexity of Sensor Network Localization , 2004, ALGOSENSORS.

[10]  Edward A. Lee,et al.  Gordian SMT : Untangling Ranging Attacks in N o isy Sensor Networks for Secure Localization , 2017 .

[11]  Paulo Tabuada,et al.  Secure State Estimation for Cyber-Physical Systems Under Sensor Attacks: A Satisfiability Modulo Theory Approach , 2014, IEEE Transactions on Automatic Control.

[12]  Manimaran Mohan Cybersecurity in drones , 2016 .

[13]  Panganamala Ramana Kumar,et al.  A clean slate design for secure wireless ad-hoc networks — Part 2: Open unsynchronized networks , 2015, 2015 13th International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks (WiOpt).

[14]  Yih-Chun Hu,et al.  A survey of secure wireless ad hoc routing , 2004, IEEE Security & Privacy Magazine.

[15]  Jie Wu,et al.  A Survey on Secure Localization in Wireless Sensor Networks , 2007 .

[16]  Joachim Hertzberg,et al.  Indoor and outdoor localization for fast mobile robots , 2004, 2004 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS) (IEEE Cat. No.04CH37566).

[17]  Harald Heinecke,et al.  AUTomotive Open System ARchitecture - An Industry-Wide Initiative to Manage the Complexity of Emerging Automotive E/E-Architectures , 2004 .

[18]  Maciej Lipinski,et al.  White rabbit: a PTP application for robust sub-nanosecond synchronization , 2011, 2011 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control and Communication.

[19]  Richard Han,et al.  Node Compromise in Sensor Networks: The Need for Secure Systems ; CU-CS-990-05 , 2005 .

[20]  João Pedro Hespanha,et al.  Observability of linear systems under adversarial attacks , 2015, 2015 American Control Conference (ACC).

[21]  Srdjan Capkun,et al.  The security and privacy of smart vehicles , 2004, IEEE Security & Privacy Magazine.

[22]  Christoph Lenzen,et al.  PulseSync: An Efficient and Scalable Clock Synchronization Protocol , 2015, IEEE/ACM Transactions on Networking.

[23]  G. Padmavathi,et al.  A Survey on Various Cyber Attacks and their Classification , 2013, Int. J. Netw. Secur..

[24]  S. Shankar Sastry,et al.  Safe and Secure Networked Control Systems under Denial-of-Service Attacks , 2009, HSCC.

[25]  Bharat K. Bhargava,et al.  A Survey of Computation Offloading for Mobile Systems , 2012, Mobile Networks and Applications.

[26]  Mani B. Srivastava,et al.  Realizing Uncertainty-Aware Timing Stack in Embedded Operating System , 2018, EWiLi.

[27]  D. Kushner,et al.  The real story of stuxnet , 2013, IEEE Spectrum.

[28]  Florian Dörfler,et al.  A divide-and-conquer approach to distributed attack identification , 2015, 2015 54th IEEE Conference on Decision and Control (CDC).

[29]  Francesco Bullo,et al.  Control-Theoretic Methods for Cyberphysical Security: Geometric Principles for Optimal Cross-Layer Resilient Control Systems , 2015, IEEE Control Systems.

[30]  S. Shankar Sastry,et al.  Research Challenges for the Security of Control Systems , 2008, HotSec.

[31]  Srdjan Capkun,et al.  Extended Abstract: SecNav: Secure Broadcast Localization and Time Synchronization in Wireless Networks , 2007 .

[32]  P. V. Estrela,et al.  Challenges deploying PTPv2 in a global financial company , 2012, 2012 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control and Communication Proceedings.

[33]  Paulo Tabuada,et al.  Robustness of attack-resilient state estimators , 2014, 2014 ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS).

[34]  Srdjan Capkun,et al.  Secure Time Synchronization in Sensor Networks , 2008, TSEC.

[35]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[36]  Azzedine Boukerche,et al.  Secure time synchronization protocols for wireless sensor networks , 2007, IEEE Wireless Communications.

[37]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[38]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[39]  Hervé Guyennet,et al.  Wireless Sensor Network Attacks and Security Mechanisms: A Short Survey , 2010, 2010 13th International Conference on Network-Based Information Systems.

[40]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[41]  Bill Jackson,et al.  Egerváry Research Group on Combinatorial Optimization Connected Rigidity Matroids and Unique Realizations of Graphs Connected Rigidity Matroids and Unique Realizations of Graphs , 2022 .

[42]  Vinay M. Igure,et al.  Security issues in SCADA networks , 2006, Comput. Secur..

[43]  Mani B. Srivastava,et al.  D-SLATS: Distributed Simultaneous Localization and Time Synchronization , 2017, MobiHoc.

[44]  B. Lantos,et al.  Formation control of a large group of UAVs with safe path planning and obstacle avoidance , 2014 .

[45]  René Mayrhofer,et al.  Secure communication interface for line current differential protection over Ethernet-based networks , 2017, 2017 IEEE Manchester PowerTech.

[46]  Wenyuan Xu,et al.  Ghost Talk: Mitigating EMI Signal Injection Attacks against Analog Sensors , 2013, 2013 IEEE Symposium on Security and Privacy.

[47]  Mani B. Srivastava,et al.  Node localization based on distributed constrained optimization using Jacobi's method , 2017, 2017 IEEE 56th Annual Conference on Decision and Control (CDC).

[48]  Azzedine Boukerche,et al.  Secure localization algorithms for wireless sensor networks , 2008, IEEE Communications Magazine.

[49]  Bruno Sinopoli,et al.  Secure control against replay attacks , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[50]  Biswanath Mukherjee,et al.  Wireless sensor network survey , 2008, Comput. Networks.

[51]  Andrea J. Goldsmith,et al.  Design challenges for energy-constrained ad hoc wireless networks , 2002, IEEE Wirel. Commun..

[52]  Emanuele Garone,et al.  False data injection attacks against state estimation in wireless sensor networks , 2010, 49th IEEE Conference on Decision and Control (CDC).

[53]  Brian F. Cooper Spanner: Google's globally-distributed database , 2013, SYSTOR '13.

[54]  Morgan Quigley,et al.  ROS: an open-source Robot Operating System , 2009, ICRA 2009.