Scheduler-Pointed False Data Injection Attack for Event-Based Remote State Estimation

In this paper, an attack problem is investigated for event-based remote state estimation in cyber-physical systems. Our objective is to degrade the effect of the event-based scheduler while bypassing a χ false data detector. A two-channel scheduler-pointed false data injection attack strategy is proposed by modifying the numerical characteristics of innovation signals. The attack strategy is proved to be always existent, and an algorithm is provided to find it. Under the proposed attack strategy, the scheduler becomes almost invalid and the performance of the remote estimator is degraded. Numerical simulations are used to illustrate our theoretical results.

[1]  Albert H. Nuttall,et al.  Some integrals involving the QM function (Corresp.) , 1975, IEEE Trans. Inf. Theory.

[2]  Ling Shi,et al.  Worst-case stealthy innovation-based linear attack on remote state estimation , 2018, Autom..

[3]  Ling Shi,et al.  Optimal Linear Cyber-Attack on Remote State Estimation , 2017, IEEE Transactions on Control of Network Systems.

[4]  Bruno Sinopoli,et al.  Detecting Integrity Attacks on SCADA Systems , 2014, IEEE Transactions on Control Systems Technology.

[5]  Karl Henrik Johansson,et al.  Secure Control Systems: A Quantitative Risk Management Approach , 2015, IEEE Control Systems.

[6]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2009, CCS.

[7]  Yin Sun,et al.  Inequalities for the generalized Marcum Q-function , 2008, Appl. Math. Comput..

[8]  Bruno Sinopoli,et al.  Secure control against replay attacks , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[9]  Ling Shi,et al.  Event-triggered maximum likelihood state estimation , 2014, Autom..

[10]  Ling Shi,et al.  Event-Based Sensor Data Scheduling: Trade-Off Between Communication Rate and Estimation Quality , 2013, IEEE Transactions on Automatic Control.

[11]  Shidong Zhou,et al.  On the Monotonicity, Log-Concavity, and Tight Bounds of the Generalized Marcum and Nuttall $Q$-Functions , 2010, IEEE Transactions on Information Theory.

[12]  Donghua Zhou,et al.  Two-Channel False Data Injection Attacks Against Output Tracking Control of Networked Systems , 2016, IEEE Transactions on Industrial Electronics.

[13]  Rong Li,et al.  Computing and Bounding the Generalized Marcum Q-Function via a Geometric Approach , 2006, 2006 IEEE International Symposium on Information Theory.

[14]  Qing-Long Han,et al.  State estimation under false data injection attacks: Security analysis and system protection , 2018, Autom..

[15]  Yilin Mo,et al.  On the Performance Analysis of Reset Attack in Cyber-Physical Systems , 2020, IEEE Transactions on Automatic Control.

[16]  C. Tellambura,et al.  A New Twist on the Generalized Marcum Q-Function QM(a, b) with Fractional-Order M and Its Applications , 2009, 2009 6th IEEE Consumer Communications and Networking Conference.