Yasser Shoukry scite author profile

This paper describes two algorithms for state reconstruction from sensor measurements that are corrupted with sparse, but otherwise arbitrary, "noise". These results are motivated by the need to secure cyber-physical systems against a malicious adversary that can arbitrarily corrupt sensor measurements.The first algorithm reconstructs the state from a batch of sensor measurements while the second algorithm is able to incorporate new measurements as they become available, in the spirit of a Luenberger observer.A distinguishing point of these algorithms is the use of event-triggered techniques to improve the computational performance of the proposed algorithms.

show abstract

Secure State Estimation for Cyber-Physical Systems Under Sensor Attacks: A Satisfiability Modulo Theory Approach

Shoukry

Nuzzo

Puggelli

et al. 2017

IEEE Trans. Automat. Contr.

275

180

View full text Add to dashboard Cite

Secure state estimation is the problem of estimating the state of a dynamical system from a set of noisy and adversarially corrupted measurements. The secure state estimation is a combinatorial problem, which has been addressed either by brute force search, suffering from scalability issues, or via convex relaxations using algorithms that can terminate in polynomial time but are not necessarily sound. In this paper, we present a novel algorithm that uses a Satisfiability-Modulo-Theory approach to lessen the intrinsic combinatorial complexity of the problem. By leveraging results from formal methods over real numbers, we provide guarantees on the soundness and completeness of our algorithm. Moreover, we provide upper bounds on the runtime performance of the proposed algorithm in order to proclaim the scalability of the proposed algorithm. The scalability argument is then supported by numerical simulations showing an order of magnitude decrease in the runtime performance with alternative techniques. Finally, we demonstrate its application to the problem of controlling an unmanned ground vehicle.

show abstract

Secure State Estimation Against Sensor Attacks in the Presence of Noise

Mishra

Shoukry

Karamchandani

et al. 2017

IEEE Trans. Control Netw. Syst.

125

110

View full text Add to dashboard Cite

Abstract-We consider the problem of estimating the state of a noisy linear dynamical system when an unknown subset of sensors is arbitrarily corrupted by an adversary. We propose a secure state estimation algorithm, and derive (optimal) bounds on the achievable state estimation error given an upper bound on the number of attacked sensors. The proposed state estimator involves Kalman filters operating over subsets of sensors to search for a sensor subset which is reliable for state estimation. To further improve the subset search time, we propose Satisfiability Modulo Theory based techniques to exploit the combinatorial nature of searching over sensor subsets. Finally, as a result of independent interest, we give a coding theoretic view of attack detection and state estimation against sensor attacks in a noiseless dynamical system.

show abstract

Non-invasive Spoofing Attacks for Anti-lock Braking Systems

et al. 2013

View full text Add to dashboard Cite

This work exposes a largely unexplored vector of physical-layer attacks with demonstrated consequences in automobiles. By modifying the physical environment around analog sensors such as Antilock Braking Systems (ABS), we exploit weaknesses in wheel speed sensors so that a malicious attacker can inject arbitrary measurements to the ABS computer which in turn can cause lifethreatening situations. In this paper, we describe the development of a prototype ABS spoofer to enable such attacks and the potential consequences of remaining vulnerable to these attacks. The class of sensors sensitive to these attacks depends on the physics of the sensors themselves. ABS relies on magnetic-based wheel speed sensors which are exposed to an external attacker from underneath the body of a vehicle. By placing a thin electromagnetic actuator near the ABS wheel speed sensors, we demonstrate one way in which an attacker can inject magnetic fields to both cancel the true measured signal and inject a malicious signal, thus spoofing the measured wheel speeds. The mounted attack is of a noninvasive nature, requiring no tampering with ABS hardware and making it harder for failure and/or intrusion detection mechanisms to detect the existence of such an attack. This development explores two types of attacks: a disruptive, naive attack aimed to corrupt the measured wheel speed by overwhelming the original signal and a more advanced spoofing attack, designed to inject a counter-signal such that the braking system mistakenly reports a specific velocity. We evaluate the proposed ABS spoofer module using industrial ABS sensors and wheel speed decoders, concluding by outlining the implementation and lifetime considerations of an ABS spoofer with real hardware.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Yasser Shoukry

Event-Triggered State Observers for Sparse Sensor Noise/Attacks

Secure State Estimation for Cyber-Physical Systems Under Sensor Attacks: A Satisfiability Modulo Theory Approach

Secure State Estimation Against Sensor Attacks in the Presence of Noise

Non-invasive Spoofing Attacks for Anti-lock Braking Systems

Contact Info

Product

Resources

About