Statistical Watermarking for Networked Control Systems

Watermarking can detect sensor attacks in control systems by injecting a private signal into the control, whereby attacks are identified by checking the statistics of the sensor measurements and private signal. However, past approaches assume full state measurements or a centralized controller, which is not found in networked LTI systems with subcontrollers. Since generally the entire system is neither controllable nor observable by a single subcontroller, communication of sensor measurements is required to ensure closed-loop stability. The possibility of attacking the communication channel has not been explicitly considered by previous watermarking schemes, and requires a new design. In this paper, we derive a statistical watermarking test that can detect both sensor and communication attacks. A unique (compared to the non-networked case) aspect of the implementing this test is the state-feedback controller must be designed so that the closed-loop system is controllable by each sub-controller, and we provide two approaches to design such a controller using Heymann's lemma and a multi-input generalization of Heymann's lemma. The usefulness of our approach is demonstrated with a simulation of detecting attacks in a platoon of autonomous vehicles. Our test allows each vehicle to independently detect attacks on both the communication channel between vehicles and on the sensor measurements.

[1]  Emanuele Garone,et al.  False data injection attacks against state estimation in wireless sensor networks , 2010, 49th IEEE Conference on Decision and Control (CDC).

[2]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[3]  Bruno Sinopoli,et al.  Detecting Integrity Attacks on SCADA Systems , 2014, IEEE Transactions on Control Systems Technology.

[4]  Todd E. Humphreys,et al.  Evaluation of the vulnerability of phasor measurement units to GPS spoofing attacks , 2012, Int. J. Crit. Infrastructure Prot..

[5]  Lori Ross O'Neil,et al.  Attacks on GPS Time Reliability , 2014, IEEE Security & Privacy.

[6]  W. Wonham On pole assignment in multi-input controllable linear systems , 1967 .

[7]  Claire Tomlin,et al.  Game-theoretic routing of GPS-assisted vehicles for energy efficiency , 2011, Proceedings of the 2011 American Control Conference.

[8]  Naima Kaabouch,et al.  Cyber security in the Smart Grid: Survey and challenges , 2013, Comput. Networks.

[9]  Bruno Sinopoli,et al.  Physical Authentication of Control Systems: Designing Watermarked Control Inputs to Detect Counterfeit Sensor Outputs , 2015, IEEE Control Systems.

[10]  Maryam Kamgarpour,et al.  A Hierarchical Flight Planning Framework for Air Traffic Management , 2012, Proceedings of the IEEE.

[11]  Shankar Mohan,et al.  Convex computation of the reachable set for hybrid systems with parametric uncertainty , 2016, 2016 American Control Conference (ACC).

[12]  Ram Vasudevan,et al.  Dynamic watermarking for general LTI systems , 2017, 2017 IEEE 56th Annual Conference on Decision and Control (CDC).

[13]  Zhuo Lu,et al.  Cyber security in the Smart Grid: Survey and challenges , 2013, Comput. Networks.

[14]  Panganamala Ramana Kumar,et al.  Theory and implementation of dynamic watermarking for cybersecurity of advanced transportation systems , 2016, 2016 IEEE Conference on Communications and Network Security (CNS).

[15]  E. Polak,et al.  On the Perpetual Collision-Free RHC of Fleets of Vehicles , 2010 .

[16]  Panganamala Ramana Kumar,et al.  Cyber–Physical Systems: A Perspective at the Centennial , 2012, Proceedings of the IEEE.

[17]  David Brumley,et al.  GPS software attacks , 2012, CCS.

[18]  Panganamala Ramana Kumar,et al.  Dynamic Watermarking: Active Defense of Networked Cyber–Physical Systems , 2016, Proceedings of the IEEE.

[19]  Bruno Sinopoli,et al.  Detecting integrity attacks on control systems using robust physical watermarking , 2014, 53rd IEEE Conference on Decision and Control.

[20]  Jaideep Srivastava,et al.  Managing Cyber Threats: Issues, Approaches, and Challenges (Massive Computing) , 2005 .

[21]  M. Hautus A simple proof of Heymann's lemma , 1977 .

[22]  Stephen P. Boyd,et al.  Linear Matrix Inequalities in Systems and Control Theory , 1994 .

[23]  E. Yaz Linear Matrix Inequalities In System And Control Theory , 1998, Proceedings of the IEEE.

[24]  G. Como,et al.  Convexity and Robustness of Dynamic Network Traffic Assignment for Control of Freeway Networks , 2016 .

[25]  Adrian Perrig,et al.  Secure sensor network routing: a clean-slate approach , 2006, CoNEXT '06.

[26]  Ruzena Bajcsy,et al.  Safe semi-autonomous control with enhanced driver modeling , 2012, 2012 American Control Conference (ACC).

[27]  Bruno Sinopoli,et al.  Secure control against replay attacks , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[28]  A. Galip Ulsoy,et al.  Automotive Control Systems: Vehicle Control Systems , 2012 .

[29]  S. Shankar Sastry,et al.  Research Challenges for the Security of Control Systems , 2008, HotSec.

[30]  J. Geromel,et al.  A new discrete-time robust stability condition , 1999 .