A Bernoulli-Gaussian physical watermark for detecting integrity attacks in control systems

We examine the merit of Bernoulli packet drops in actively detecting integrity attacks on control systems. The aim is to detect an adversary who delivers fake sensor measurements to a system operator in order to conceal their effect on the plant. Physical watermarks, or noisy additive Gaussian inputs, have been previously used to detect several classes of integrity attacks in control systems. In this paper, we consider the analysis and design of Gaussian physical watermarks in the presence of packet drops at the control input. On one hand, this enables analysis in a more general network setting. On the other hand, we observe that in certain cases, Bernoulli packet drops can improve detection performance relative to a purely Gaussian watermark. This motivates the joint design of a Bernoulli-Gaussian watermark which incorporates both an additive Gaussian input and a Bernoulli drop process. We characterize the effect of such a watermark on system performance as well as attack detectability in two separate design scenarios. Here, we consider a correlation detector for attack recognition. We then propose efficiently solvable optimization problems to intelligently select parameters of the Gaussian input and the Bernoulli drop process while addressing security and performance trade-offs. Finally, we provide numerical results which illustrate that a watermark with packet drops can indeed outperform a Gaussian watermark.

[1]  Zhao Yang Dong,et al.  The 2015 Ukraine Blackout: Implications for False Data Injection Attacks , 2017, IEEE Transactions on Power Systems.

[2]  Ram Vasudevan,et al.  Dynamic watermarking for general LTI systems , 2017, 2017 IEEE 56th Annual Conference on Decision and Control (CDC).

[3]  Emanuele Garone,et al.  LQG control with Markovian packet loss , 2013, 2013 European Control Conference (ECC).

[4]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[5]  Soummya Kar,et al.  Information flow for security in control systems , 2016, 2016 IEEE 55th Conference on Decision and Control (CDC).

[6]  T. M. Chen,et al.  Stuxnet, the real start of cyber warfare? [Editor's Note] , 2010, IEEE Netw..

[7]  Takashi Tanaka,et al.  Designing optimal watermark signal for a stealthy attacker , 2016, 2016 European Control Conference (ECC).

[8]  S. Shankar Sastry,et al.  Secure Control: Towards Survivable Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[9]  Bruno Sinopoli,et al.  Detecting integrity attacks on control systems using robust physical watermarking , 2014, 53rd IEEE Conference on Decision and Control.

[10]  Bruno Sinopoli,et al.  Secure control against replay attacks , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[11]  Bruno Sinopoli,et al.  Physical watermarking for securing cyber physical systems via packet drop injections , 2017, 2017 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[12]  Bruno Sinopoli,et al.  Foundations of Control and Estimation Over Lossy Networks , 2007, Proceedings of the IEEE.

[13]  Vijay Gupta,et al.  Security in stochastic control systems: Fundamental limitations and performance bounds , 2015, 2015 American Control Conference (ACC).

[14]  Karl Henrik Johansson,et al.  Attack models and scenarios for networked control systems , 2012, HiCoNS '12.

[15]  Bruno Sinopoli,et al.  Integrity Data Attacks in Power Market Operations , 2011, IEEE Transactions on Smart Grid.

[16]  Bruno Sinopoli,et al.  Physical Authentication of Control Systems: Designing Watermarked Control Inputs to Detect Counterfeit Sensor Outputs , 2015, IEEE Control Systems.

[17]  Luca De Cicco,et al.  On the use of watermark-based schemes to detect cyber-physical attacks , 2017, EURASIP J. Inf. Secur..

[18]  T. Chonavel,et al.  Statistical Signal Processing: Modelling and Estimation , 2002 .

[19]  George J. Pappas,et al.  Stochastic game approach for replay attack detection , 2013, 52nd IEEE Conference on Decision and Control.

[20]  Panganamala Ramana Kumar,et al.  Dynamic Watermarking: Active Defense of Networked Cyber–Physical Systems , 2016, Proceedings of the IEEE.

[21]  Y. Kamp,et al.  Orthogonal polynomial matrices on the unit circle , 1978 .

[22]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[23]  Bruno Sinopoli,et al.  Detecting Integrity Attacks on SCADA Systems , 2014, IEEE Transactions on Control Systems Technology.