Detecting integrity attacks on control systems using a moving target approach

Weerakkody, Sean; Sinopoli, Bruno

doi:10.1109/cdc.2015.7403134

Cited by 107 publications

(54 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Theorem 19: Consider the estimator of x k defined by (20), (21), (23), (24). Then lim sup k→∞ ∆e * k = ∞ =⇒ lim sup k→∞ ∆z i k = ∞ for some i ∈ {1, · · · , m}.…”

Section: Robust Estimation and Identificationmentioning

confidence: 99%

“…To meet this objective, we propose changing the dynamics of the system model in a time varying fashion, unknown to the adversary. A similar scheme is considered for the detection of integrity attacks in [23]. The time varying dynamics act like a moving target, preventing an information constrained adversary from developing stealthy unidentifiable attacks.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A moving target approach for identifying malicious sensors in control systems

Weerakkody

Sinopoli

2016

2016 54th Annual Allerton Conference on Communication, Control, and Computing (Allerton)

Self Cite

View full text Add to dashboard Cite

In this paper, we consider the problem of attack identification in cyber-physical systems (CPS). Attack identification is often critical for the recovery and performance of a CPS that is targeted by malicious entities, allowing defenders to construct algorithms which bypass harmful nodes. Previous work has characterized limitations in the perfect identification of adversarial attacks on deterministic LTI systems. For instance, a system must remain observable after removing any 2q sensors to only identify q attacks. However, the ability for an attacker to create an unidentifiable attack requires knowledge of the system model. In this paper, we aim to limit the adversary's knowledge of the system model with the goal of accurately identifying all sensor attacks. Such a scheme will allow systems to withstand larger attacks or system operators to allocate fewer sensing devices to a control system while maintaining security. We explore how changing the dynamics of the system as a function of time allows us to actively identify malicious/faulty sensors in a control system. We discuss the design of time varying system matrices to meet this goal and evaluate performance in deterministic and stochastic systems.

show abstract

“…Theorem 19: Consider the estimator of x k defined by (20), (21), (23), (24). Then lim sup k→∞ ∆e * k = ∞ =⇒ lim sup k→∞ ∆z i k = ∞ for some i ∈ {1, · · · , m}.…”

Section: Robust Estimation and Identificationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

A moving target approach for identifying malicious sensors in control systems

Weerakkody

Sinopoli

2016

2016 54th Annual Allerton Conference on Communication, Control, and Computing (Allerton)

Self Cite

View full text Add to dashboard Cite

show abstract

“…Secure strategies have been studied for replay attacks [3], [4] where the adversary first records and then replays the observed data, as well as for denial-of-service (DoS) attacks [5], [6] disrupting the flow of data. Moreover, active detection methods have been designed in order to detect stealthy attacks via manipulation of, e.g., control inputs [7] or dynamics [8]. Over the last few years, the problem of secure state estimation, i.e.…”

Section: Introductionmentioning

confidence: 99%

Joint attack detection and secure state estimation of cyber‐physical systems

Forti

Battistelli

Chisci

et al. 2019

Intl J Robust & Nonlinear

Self Cite

View full text Add to dashboard Cite

This paper deals with secure state estimation of cyber-physical systems subject to switching (on/off) attack signals and injection of fake packets (via either packet substitution or insertion of extra packets). The random set paradigm is adopted in order to model, via Random Finite Sets (RFSs), the switching nature of both system attacks and the injection of fake measurements. The problem of detecting an attack on the system and jointly estimating its state, possibly in the presence of fake measurements, is then formulated and solved in the Bayesian framework for systems with and without direct feedthrough of the attack input to the output. This leads to the analytical derivation of a hybrid Bernoulli filter (HBF) that updates in real-time the joint posterior density of a Bernoulli attack RFS and of the state vector. A closed-form Gaussian-mixture implementation of the proposed hybrid Bernoulli filter is fully derived in the case of invertible direct feedthrough. Finally, the effectiveness of the developed tools for joint attack detection and secure state estimation is tested on two case-studies concerning a benchmark system for unknown input estimation and a standard IEEE power network application. Index TermsCyber-physical systems; secure state estimation; Bayesian state estimation; Bernoulli filter; extra packet injection; random finite sets.

show abstract

“…Several authors have proposed MTD approaches for state estimation in the smart grid [3]- [5], where the main idea consists on changing the physical topology of the power grid in order to reveal false data injection attacks. Watermarking uses the addition of an external system with linear time-varying dynamics that depend on the system states and that is unknown to the attacker [6]. The detection strategy measures those external states, making it harder for an adversary to design stealthy attacks.…”

Section: Introductionmentioning

confidence: 99%

A Moving Target Defense to Detect Stealthy Attacks in Cyber-Physical Systems

Giraldo¹,

Cárdenas

Sanfelice

2019

2019 American Control Conference (ACC)

View full text Add to dashboard Cite

Cyber-Physical Systems (CPS) have traditionally been considered more static, with regular communication patterns when compared to classical information technology networks. Because the structure of most CPS remains unchanged during long periods of time, they become vulnerable to adversaries who can tailor their attacks based on their precise knowledge of the system dynamics, communications, and control. Moving Target Defense (MTD) has emerged as a strategy to add uncertainty about the state and execution of a system in order to prevent adversaries from having predictable effects with their attacks. In this work we propose a novel type of MTD strategy that randomly changes the availability of the sensor data, so that it is harder for adversaries to tailor stealthy attacks and at the same time it can minimize the impact of false-data injection attacks. Using tools from switched control systems we formulate an optimization problem to find the probability of the switching signals that increase the visibility of stealthy attacks while decreasing the deviation caused by false data injection attacks.

show abstract

Detecting integrity attacks on control systems using a moving target approach

Cited by 107 publications

References 17 publications

A moving target approach for identifying malicious sensors in control systems

A moving target approach for identifying malicious sensors in control systems

Joint attack detection and secure state estimation of cyber‐physical systems

A Moving Target Defense to Detect Stealthy Attacks in Cyber-Physical Systems

Contact Info

Product

Resources

About