Blog
About

7
views
0
recommends
+1 Recommend
0 collections
    0
    shares
      • Record: found
      • Abstract: found
      • Article: found
      Is Open Access

      Relaxing Integrity Requirements for Attack-Resilient Cyber-Physical Systems

      Preprint

      ,

      Read this article at

      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          The increase in network connectivity has also resulted in several high-profile attacks on cyber-physical systems. An attacker that manages to access a local network could remotely affect control performance by tampering with sensor measurements delivered to the controller. Recent results have shown that with network-based attacks, such as Man-in-the-Middle attacks, the attacker can introduce an unbounded state estimation error if measurements from a suitable subset of sensors contain false data when delivered to the controller. While these attacks can be addressed with the standard cryptographic tools that ensure data integrity, their continuous use would introduce significant communication and computation overhead. Consequently, we study effects of intermittent data integrity guarantees on system performance under stealthy attacks. We consider linear estimators equipped with a general type of residual-based intrusion detectors (including \(\chi^2\) and SPRT detectors), and show that even when integrity of sensor measurements is enforced only intermittently, the attack impact is significantly limited; specifically, the state estimation error is bounded or the attacker cannot remain stealthy. Furthermore, we present methods to: (1) evaluate the effects of any given integrity enforcement policy in terms of reachable state-estimation errors for any type of stealthy attacks, and (2) design an enforcement policy that provides the desired estimation error guarantees under attack. Finally, on three automotive case studies we show that even with less than 10% of authenticated messages we can ensure satisfiable control performance in the presence of attacks.

          Related collections

          Most cited references 19

          • Record: found
          • Abstract: not found
          • Article: not found

          Attack Detection and Identification in Cyber-Physical Systems

            Bookmark
            • Record: found
            • Abstract: not found
            • Article: not found

            Stuxnet: Dissecting a Cyberwarfare Weapon

             Ralph Langner (2011)
              Bookmark
              • Record: found
              • Abstract: found
              • Article: found
              Is Open Access

              Secure estimation and control for cyber-physical systems under adversarial attacks

              The vast majority of today's critical infrastructure is supported by numerous feedback control loops and an attack on these control loops can have disastrous consequences. This is a major concern since modern control systems are becoming large and decentralized and thus more vulnerable to attacks. This paper is concerned with the estimation and control of linear systems when some of the sensors or actuators are corrupted by an attacker. In the first part we look at the estimation problem where we characterize the resilience of a system to attacks and study the possibility of increasing its resilience by a change of parameters. We then propose an efficient algorithm to estimate the state despite the attacks and we characterize its performance. Our approach is inspired from the areas of error-correction over the reals and compressed sensing. In the second part we consider the problem of designing output-feedback controllers that stabilize the system despite attacks. We show that a principle of separation between estimation and control holds and that the design of resilient output feedback controllers can be reduced to the design of resilient state estimators.
                Bookmark

                Author and article information

                Journal
                2017-07-10
                Article
                1707.02950

                http://arxiv.org/licenses/nonexclusive-distrib/1.0/

                Custom metadata
                math.OC cs.CR cs.SY

                Numerical methods, Performance, Systems & Control, Security & Cryptology

                Comments

                Comment on this article