Resilience to Denial-of-Service and Integrity Attacks: A Structured Systems Approach

The resilience of cyberphysical systems to denial-of-service (DoS) and integrity attacks is studied in this paper. The cyberphysical system is modeled as a linear structured system, and its resilience to an attack is interpreted in a graph theoretical framework. The structural resilience of the system is characterized in terms of unmatched vertices in maximum matchings of the bipartite graph and connected components of directed graph representations of the system under attack. We first present conditions for the system to be resilient to DoS attacks when an adversary may block access or turn off certain inputs to the system. We extend this analysis to characterize resilience of the system when an adversary might additionally have the ability to affect the implementation of state-feedback control strategies. This is termed an integrity attack. We establish conditions under which a system that is structurally resilient to a DoS attack will also be resilient to a certain class of integrity attacks. Finally, we formulate an extension to the case of switched linear systems, and derive conditions for such systems to be structurally resilient to a DoS attack.

[1]  Wayne H. Wolf,et al.  Cyber-physical Systems , 2009, Computer.

[2]  Bruno Sinopoli,et al.  A Graph-Theoretic Characterization of Perfect Attackability for Secure Design of Distributed Control Systems , 2017, IEEE Transactions on Control of Network Systems.

[3]  Soummya Kar,et al.  Minimum cost constrained input-output and control configuration co-design problem: A structural systems approach , 2015, 2015 American Control Conference (ACC).

[4]  Alexander Olshevsky,et al.  Minimal Controllability Problems , 2013, IEEE Transactions on Control of Network Systems.

[5]  Henrik Sandberg,et al.  A Security Index for Actuators Based on Perfect Undetectability: Properties and Approximation , 2018, 2018 56th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[6]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[7]  Shreyas Sundaram,et al.  Topological Conditions for In-Network Stabilization of Dynamical Systems , 2013, IEEE Journal on Selected Areas in Communications.

[8]  Rafal Rohozinski,et al.  Stuxnet and the Future of Cyber War , 2011 .

[9]  George J. Pappas,et al.  Analysis and Design of Actuation–Sensing–Communication Interconnection Structures Toward Secured/Resilient LTI Closed-Loop Systems , 2015, IEEE Transactions on Control of Network Systems.

[10]  Silvio Micali,et al.  An O(v|v| c |E|) algoithm for finding maximum matching in general graphs , 1980, 21st Annual Symposium on Foundations of Computer Science (sfcs 1980).

[11]  Ching-tai Lin Structural controllability , 1974 .

[12]  Nicanor Quijano,et al.  Controllability of Dynamical Systems: Threat Models and Reactive Security , 2013, GameSec.

[13]  Richard M. Karp,et al.  A n^5/2 Algorithm for Maximum Matchings in Bipartite Graphs , 1971, SWAT.

[14]  Cristina Alcaraz,et al.  A Cyber-Physical Systems-Based Checkpoint Model for Structural Controllability , 2018, IEEE Systems Journal.

[15]  Bruno Sinopoli,et al.  Robust structural analysis and design of distributed control systems to prevent zero dynamics attacks , 2017, 2017 IEEE 56th Annual Conference on Decision and Control (CDC).

[16]  Paulo Tabuada,et al.  Non-invasive Spoofing Attacks for Anti-lock Braking Systems , 2013, CHES.

[17]  Bhaskar Ramasubramanian,et al.  Structural resilience of cyberphysical systems under attack , 2016, 2016 American Control Conference (ACC).

[18]  Richard M. Karp,et al.  A n^5/2 Algorithm for Maximum Matchings in Bipartite Graphs , 1971, SWAT.

[19]  Soummya Kar,et al.  A Framework for Structural Input/Output and Control Configuration Selection in Large-Scale Systems , 2013, IEEE Transactions on Automatic Control.

[20]  Hai Lin,et al.  Structural controllability of switched linear systems , 2011, Autom..

[21]  Christian Commault,et al.  Generic properties and control of linear structured systems: a survey , 2003, Autom..

[22]  Frank Harary,et al.  Bigraphs versus digraphs via matrices , 1980, J. Graph Theory.

[23]  Robert E. Tarjan,et al.  Depth-First Search and Linear Graph Algorithms , 1972, SIAM J. Comput..

[24]  George J. Pappas,et al.  Structural minimum controllability problem for switched linear continuous-time systems , 2015, Autom..

[25]  Soummya Kar,et al.  On the complexity of the constrained input selection problem for structural linear systems , 2014, Autom..

[26]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[27]  Antonio Pedro Aguiar,et al.  Structural Systems Theory: an overview of the last 15 years , 2020, ArXiv.

[28]  Soummya Kar,et al.  Minimum cost input/output design for large-scale linear structural systems , 2014, Autom..

[29]  Albert-László Barabási,et al.  Controllability of complex networks , 2011, Nature.

[30]  Dan Ye,et al.  False data injection attacks with complete stealthiness in cyber-physical systems: A self-generated approach , 2020, Autom..

[31]  Christian Commault,et al.  The single-input Minimal Controllability Problem for structured systems , 2015, Syst. Control. Lett..

[32]  S. Shankar Sastry,et al.  Research Challenges for the Security of Control Systems , 2008, HotSec.

[33]  Francesco Bullo,et al.  Control-Theoretic Methods for Cyberphysical Security: Geometric Principles for Optimal Cross-Layer Resilient Control Systems , 2015, IEEE Control Systems.

[34]  Stephen D. Wolthusen,et al.  Driver-Node based Security Analysis for Network Controllability , 2019, 2019 18th European Control Conference (ECC).

[35]  Roy M. Howard,et al.  Linear System Theory , 1992 .