Security Metrics of Networked Control Systems under Sensor Attacks (extended preprint)

As more attention is paid to security in the context of control systems and as attacks occur to real control systems throughout the world, it has become clear that some of the most nefarious attacks are those that evade detection. The term stealthy has come to encompass a variety of techniques that attackers can employ to avoid being detected. In this manuscript, for a class of perturbed linear time-invariant systems, we propose two security metrics to quantify the potential impact that stealthy attacks could have on the system dynamics by tampering with sensor measurements. We provide analysis mathematical tools (in terms of linear matrix inequalities) to quantify these metrics for given system dynamics, control structure, system monitor, and set of sensors being attacked. Then, we provide synthesis tools (in terms of semidefinite programs) to redesign controllers and monitors such that the impact of stealthy attacks is minimized and the required attack-free system performance is guaranteed.

[1]  Carlos Murguia,et al.  Characterization of a CUSUM model-based sensor attack detector , 2016, 2016 IEEE 55th Conference on Decision and Control (CDC).

[2]  Martín Ochoa,et al.  Design-time Quantification of Integrity in Cyber-physical Systems , 2017, PLAS@CCS.

[3]  Stephen P. Boyd,et al.  Linear Matrix Inequalities in Systems and Control Theory , 1994 .

[4]  Carlos Murguia,et al.  Model-based Attack Detection Scheme for Smart Water Distribution Networks , 2017, AsiaCCS.

[5]  Jie Chen,et al.  Robust Model-Based Fault Diagnosis for Dynamic Systems , 1998, The International Series on Asian Studies in Computer and Information Science.

[6]  Charles R. Johnson,et al.  Matrix Analysis, 2nd Ed , 2012 .

[7]  Germain Garcia,et al.  Pole assignment for uncertain systems in a specified disk by output feedback , 1996, Math. Control. Signals Syst..

[8]  T. Başar,et al.  Dynamic Noncooperative Game Theory, 2nd Edition , 1998 .

[9]  Charles R. Johnson,et al.  Matrix analysis , 1985, Statistical Inference for Engineers and Data Scientists.

[10]  D. J. H. Garling,et al.  The Cauchy-Schwarz Master Class: An Introduction to the Art of Mathematical Inequalities by J. Michael Steele , 2005, Am. Math. Mon..

[11]  Karl Henrik Johansson,et al.  Estimating the Impact of Cyber-Attack Strategies for Stochastic Control Systems. , 2018 .

[12]  Sheldon M. Ross,et al.  Introduction to Probability Models, Eighth Edition , 1972 .

[13]  Angelika Bayer,et al.  Ellipsoidal Calculus For Estimation And Control , 2016 .

[14]  Quanyan Zhu,et al.  Coding sensor outputs for injection attacks detection , 2014, 53rd IEEE Conference on Decision and Control.

[15]  Carlos Murguia,et al.  On Reachable Sets of Hidden CPS Sensor Attacks , 2017, 2018 Annual American Control Conference (ACC).

[16]  Iven M. Y. Mareels,et al.  Linear system security - Detection and correction of adversarial sensor attacks in the noise-free case , 2019, Autom..

[17]  Jairo Giraldo,et al.  Constraining Attacker Capabilities Through Actuator Saturation , 2017, 2018 Annual American Control Conference (ACC).

[18]  I. Postlethwaite,et al.  Linear Matrix Inequalities in Control , 2007 .

[19]  Emanuele Garone,et al.  False data injection attacks against state estimation in wireless sensor networks , 2010, 49th IEEE Conference on Decision and Control (CDC).

[20]  Henrik Sandberg,et al.  A Risk-Theoretical Approach to $\mathcal{H}_{2}$-Optimal Control Under Covert Attacks , 2018, 2018 IEEE Conference on Decision and Control (CDC).

[21]  Carlos Murguia,et al.  On Privacy of Quantized Sensor Measurements through Additive Noise , 2018, 2018 IEEE Conference on Decision and Control (CDC).

[22]  Vijay Gupta,et al.  Security in stochastic control systems: Fundamental limitations and performance bounds , 2015, 2015 American Control Conference (ACC).

[23]  Marios M. Polycarpou,et al.  Intelligent Monitoring, Control, and Security of Critical Infrastructure Systems , 2015, Intelligent Monitoring, Control, and Security of Critical Infrastructure Systems.

[24]  Bruno Sinopoli,et al.  On the Performance Degradation of Cyber-Physical Systems Under Stealthy Integrity Attacks , 2016, IEEE Transactions on Automatic Control.

[25]  H. Vincent Poor,et al.  Strategic Protection Against Data Injection Attacks on Power Grids , 2011, IEEE Transactions on Smart Grid.

[26]  Fredrik Gustafsson,et al.  Adaptive filtering and change detection , 2000 .

[27]  Navid Hashemi,et al.  A Comparison of Stealthy Sensor Attacks on Control Systems , 2017, 2018 Annual American Control Conference (ACC).

[28]  P. Varaiya,et al.  Ellipsoidal Toolbox (ET) , 2006, Proceedings of the 45th IEEE Conference on Decision and Control.

[29]  Karl Henrik Johansson,et al.  A secure control framework for resource-limited adversaries , 2012, Autom..

[30]  C. Scherer,et al.  Multiobjective output-feedback control via LMI optimization , 1997, IEEE Trans. Autom. Control..

[31]  E. Yaz Linear Matrix Inequalities In System And Control Theory , 1998, Proceedings of the IEEE.

[32]  Nathan van de Wouw,et al.  Reachable Sets of Hidden CPS Sensor Attacks: Analysis and Synthesis Tools , 2017 .

[33]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[34]  Carlos Murguia,et al.  CUSUM and chi-squared attack detection of compromised sensors , 2016, 2016 IEEE Conference on Control Applications (CCA).

[35]  A. Kurzhanski,et al.  Ellipsoidal Calculus for Estimation and Control , 1996 .

[36]  Ling Shi,et al.  Optimal Linear Cyber-Attack on Remote State Estimation , 2017, IEEE Transactions on Control of Network Systems.

[37]  Bruno Sinopoli,et al.  Challenges for Securing Cyber Physical Systems , 2009 .

[38]  Karl Henrik Johansson,et al.  Secure Control Systems: A Quantitative Risk Management Approach , 2015, IEEE Control Systems.

[39]  Henrik Sandberg,et al.  Stealth Attacks and Protection Schemes for State Estimators in Power Systems , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[40]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[41]  Weiyi Liu,et al.  Security analysis for Cyber-Physical Systems against stealthy deception attacks , 2013, 2013 American Control Conference.

[42]  Stephen P. Boyd,et al.  Convex Optimization , 2004, Algorithms and Theory of Computation Handbook.

[43]  Vijay Gupta,et al.  On Kalman filtering in the presence of a compromised sensor: Fundamental performance bounds , 2014, 2014 American Control Conference.