Optimal Linear Cyber-Attack on Remote State Estimation - Desklib
Added on 2022-11-13
10 Pages10940 Words397 Views
Higher EducationElectrical EngineeringCalculus and AnalysisStatistics and Probability
|
|
|
2325-5870 (c) 2016 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TCNS.2016.2570003, IEEE
Transactions on Control of Network Systems1
Optimal Linear Cyber-Attack on
Remote State Estimation
Ziyang Guo, Dawei Shi, Karl Henrik Johansson, Ling Shi
Abstract—Recent years have witnessed the surge of interest
of security issues in cyber-physical systems. In this paper, we
consider malicious cyber attacks in a remote state estimation
application where a smart sensor node transmits data to a remote
estimator equipped with a false data detector. It is assumed
that all the sensor data can be observed and modified by the
malicious attacker and a residue-based detection algorithm is
used at the remote side to detect data anomalies. We propose a
linear deception attack strategy and present the corresponding
feasibility constraint which guarantees that the attacker is able
to successfully inject false data without being detected. The
evolution of the estimation error covariance at the remote
estimator is derived and the degradation of system performance
under the proposed linear attack policy is analyzed. Furthermore,
we obtain a closed-form expression of the optimal attack strategy
among all linear attacks. Comparison of attack strategies through
simulated examples are provided to illustrate the theoretical
results.
Index Terms—Cyber-Physical Systems, Deception Attack, Se-
curity, Remote State Estimation.
I. INTRODUCTION
CYBER-Physical Systems (CPS) are systems that smooth-
ly integrate sensing, communication, control, computa-
tion and physical processes [1]. CPS applications range from
large-scale industrial applications to critical infrastructures
including chemical processes, smart grids, mine monitoring,
intelligent transportation, precision agriculture, civil engineer-
ing, aerospace, etc. [2]–[4].
The rapid growth of CPS and its safety-critical applications
have generated a surge of interest in CPS security in recent
years [5]. Since the measurement and control data in CPS are
commonly transmitted through unprotected communication
networks, such systems are vulnerable to cyber threats. Any
successful CPS attack may lead to a variety of severe con-
sequences, including customer information leakage, damages
to national economy, destruction of infrastructure, and even
endangering of human lives [6], [7].
Z. Guo and L. Shi are with Department of Electronic and Computer
Engineering, the Hong Kong University of Science and Technology, Clear
Water Bay, Kowloon, Hong Kong (e-mail: zguoae@ust.hk, eesling@ust.hk).
D. Shi is with State Key Laboratory of Intelligent Control and Decision
of Complex Systems, School of Automation, Beijing Institute of Technology,
Beijing, 100081, China (e-mail: dawei.shi@outlook.com).
K. H. Johansson is with ACCESS Linnaeus Centre and Department of
Automatic Control, School of Electrical Engineering, KTH Royal Institute of
Technology, Stockholm, Sweden (e-mail: kallej@kth.se).
The work by Z. Guo and L. Shi is supported by a Hong Kong RGC
GRF grant 16209114. The work by D. Shi is supported by Natural Science
Foundation of China (61503027). The work by K. H. Johansson is supported
by the Knut and Alice Wallenberg Foundation and the Swedish Research
Council.
The cyber-physical attack space can be divided according
to the adversary’s system knowledge, disclosure resources
and disruption resources. Attack models, such as Denial-of-
Service (DoS), replay, false data injection and zero dynamic
attacks were analyzed in [8]. Cardenas et al. [9] studied cyber
attacks compromising measurement and actuator data integrity
and availability. They considered two types of CPS attacks:
DoS and deception attacks. The DoS attack, which jams
the communication channels and prevents the exchange of
information containing both sensor measurements and control
inputs, was further analyzed for a resource-constrained attack-
er in [10], [11]. Moreover, a game-theoretic approach was
utilized to provide an effective framework to handle security
and privacy issues in communication networks in [12]. With
energy constraints on both the sensor and the attacker, Li
et al. [13] studied the interactive decision-making process of
when to send and when to attack using a zero-sum game. They
proved that the optimal strategies for both sides constitute a
Nash equilibrium. Agah et al. [14] formulated a repeated game
between the intrusion detector and the sensor nodes to study
the prevention of DoS attack in wireless sensor networks. A
framework to enforce cooperation among sensor nodes and
punishment for non-cooperative behavior was proposed.
The deception attacks, which affect the integrity of data by
modifying its content, have recently received attention. The
replay attack is a special type of deception attack where the
attacker does not have any system knowledge but is able to
access, record, and replay the sensor data. Mo et al. [15],
[16] studied the feasibility of the replay attack on a control
system equipped with a bad-data detector and proposed a
countermeasure to detect the existence of such an attack. Miao
et al. [17] proposed a zero-sum stochastic game framework
to balance the tradeoff between the control performance and
the system security. Another type of deception attack with
perfect system knowledge, false-data injection attack, was
initially proposed for power networks [18]. Sandberg et al. [19]
analyzed the minimum number of sensors required for a
stealthy attack and proposed the concept of measurement
security metric. A more general framework for security indices
was provided in [20]. Furthermore, the consequence of the
false-data injection attack and the reachable state estimation
error have been analyzed in [21]. Besides the aforementioned
studies where the models used are static, data injection attacks
on dynamic control systems have also been considered. A
covert data attack, which misleads the control center to remove
useful measurements, was proposed and analyzed in [22].
Pasqualetti et al. [23] studied the set of undetectable false-data
injection attacks for omniscient attackers who have full system
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TCNS.2016.2570003, IEEE
Transactions on Control of Network Systems1
Optimal Linear Cyber-Attack on
Remote State Estimation
Ziyang Guo, Dawei Shi, Karl Henrik Johansson, Ling Shi
Abstract—Recent years have witnessed the surge of interest
of security issues in cyber-physical systems. In this paper, we
consider malicious cyber attacks in a remote state estimation
application where a smart sensor node transmits data to a remote
estimator equipped with a false data detector. It is assumed
that all the sensor data can be observed and modified by the
malicious attacker and a residue-based detection algorithm is
used at the remote side to detect data anomalies. We propose a
linear deception attack strategy and present the corresponding
feasibility constraint which guarantees that the attacker is able
to successfully inject false data without being detected. The
evolution of the estimation error covariance at the remote
estimator is derived and the degradation of system performance
under the proposed linear attack policy is analyzed. Furthermore,
we obtain a closed-form expression of the optimal attack strategy
among all linear attacks. Comparison of attack strategies through
simulated examples are provided to illustrate the theoretical
results.
Index Terms—Cyber-Physical Systems, Deception Attack, Se-
curity, Remote State Estimation.
I. INTRODUCTION
CYBER-Physical Systems (CPS) are systems that smooth-
ly integrate sensing, communication, control, computa-
tion and physical processes [1]. CPS applications range from
large-scale industrial applications to critical infrastructures
including chemical processes, smart grids, mine monitoring,
intelligent transportation, precision agriculture, civil engineer-
ing, aerospace, etc. [2]–[4].
The rapid growth of CPS and its safety-critical applications
have generated a surge of interest in CPS security in recent
years [5]. Since the measurement and control data in CPS are
commonly transmitted through unprotected communication
networks, such systems are vulnerable to cyber threats. Any
successful CPS attack may lead to a variety of severe con-
sequences, including customer information leakage, damages
to national economy, destruction of infrastructure, and even
endangering of human lives [6], [7].
Z. Guo and L. Shi are with Department of Electronic and Computer
Engineering, the Hong Kong University of Science and Technology, Clear
Water Bay, Kowloon, Hong Kong (e-mail: zguoae@ust.hk, eesling@ust.hk).
D. Shi is with State Key Laboratory of Intelligent Control and Decision
of Complex Systems, School of Automation, Beijing Institute of Technology,
Beijing, 100081, China (e-mail: dawei.shi@outlook.com).
K. H. Johansson is with ACCESS Linnaeus Centre and Department of
Automatic Control, School of Electrical Engineering, KTH Royal Institute of
Technology, Stockholm, Sweden (e-mail: kallej@kth.se).
The work by Z. Guo and L. Shi is supported by a Hong Kong RGC
GRF grant 16209114. The work by D. Shi is supported by Natural Science
Foundation of China (61503027). The work by K. H. Johansson is supported
by the Knut and Alice Wallenberg Foundation and the Swedish Research
Council.
The cyber-physical attack space can be divided according
to the adversary’s system knowledge, disclosure resources
and disruption resources. Attack models, such as Denial-of-
Service (DoS), replay, false data injection and zero dynamic
attacks were analyzed in [8]. Cardenas et al. [9] studied cyber
attacks compromising measurement and actuator data integrity
and availability. They considered two types of CPS attacks:
DoS and deception attacks. The DoS attack, which jams
the communication channels and prevents the exchange of
information containing both sensor measurements and control
inputs, was further analyzed for a resource-constrained attack-
er in [10], [11]. Moreover, a game-theoretic approach was
utilized to provide an effective framework to handle security
and privacy issues in communication networks in [12]. With
energy constraints on both the sensor and the attacker, Li
et al. [13] studied the interactive decision-making process of
when to send and when to attack using a zero-sum game. They
proved that the optimal strategies for both sides constitute a
Nash equilibrium. Agah et al. [14] formulated a repeated game
between the intrusion detector and the sensor nodes to study
the prevention of DoS attack in wireless sensor networks. A
framework to enforce cooperation among sensor nodes and
punishment for non-cooperative behavior was proposed.
The deception attacks, which affect the integrity of data by
modifying its content, have recently received attention. The
replay attack is a special type of deception attack where the
attacker does not have any system knowledge but is able to
access, record, and replay the sensor data. Mo et al. [15],
[16] studied the feasibility of the replay attack on a control
system equipped with a bad-data detector and proposed a
countermeasure to detect the existence of such an attack. Miao
et al. [17] proposed a zero-sum stochastic game framework
to balance the tradeoff between the control performance and
the system security. Another type of deception attack with
perfect system knowledge, false-data injection attack, was
initially proposed for power networks [18]. Sandberg et al. [19]
analyzed the minimum number of sensors required for a
stealthy attack and proposed the concept of measurement
security metric. A more general framework for security indices
was provided in [20]. Furthermore, the consequence of the
false-data injection attack and the reachable state estimation
error have been analyzed in [21]. Besides the aforementioned
studies where the models used are static, data injection attacks
on dynamic control systems have also been considered. A
covert data attack, which misleads the control center to remove
useful measurements, was proposed and analyzed in [22].
Pasqualetti et al. [23] studied the set of undetectable false-data
injection attacks for omniscient attackers who have full system
2325-5870 (c) 2016 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TCNS.2016.2570003, IEEE
Transactions on Control of Network Systems2
information but only compromise a part of existing sensors
and actuators. A unified framework and advanced monitoring
procedures to detect components malfunction or measurements
corruption were also proposed. Further results on different for-
mulations of integrity attack and secure estimation problems
were investigated in [24], [25].
In this paper, we consider deception attacks in a remote state
estimation scenario. We study the optimal linear deception
attack on the sensor data without being detected by a false
data detector at the remote state estimator. The motivation of
the current work is three-fold:
1) A deception attack is subtler and may cause more severe
consequences compared with many other attacks.
2) Existing models of deception attack are quite simple,
many focusing on static parameter estimation [18]–[21].
The need for analyzing potential consequences of attacks
on a dynamic system is important.
3) To propose effective countermeasures, one needs to un-
derstand what the worst attack might be.
The main contributions of this paper are summarized as
follows:
1) We propose a novel type of linear attack strategy and
present the corresponding feasibility constraint, which
guarantees the attacker to successfully inject false data
and remain undetected by the false data detector at the
same time.
2) We compute the evolution of the estimation error covari-
ance at the remote estimator and analyze the degradation
of system performance under various linear attack strate-
gies (Theorem 1).
3) We derive a closed-form expression of the optimal linear
attack strategy which yields the largest error covariance
(Theorem 2).
The remainder of the paper is organized as follows. Sec-
tion II presents the problem formulation and revisits some
preliminaries of the Kalman filter and the false data detector.
Section III proposes a new type of deception attack strategy
and states the feasibility constraint. Section IV illustrates the
degradation of system performance and derives the optimal
strategy among all linear attacks. Simulation results are pro-
vided in Section V. Some concluding remarks are given in the
end.
Notations: N and R denote the sets of natural numbers and
real numbers, respectively. Rn is the n-dimensional Euclidean
space. Sn
+ and Sn
++ are the sets of n × n positive semi-
definite and positive definite matrices. When X ∈ Sn
+, we
simply write X ≥ 0 (or X > 0 if X ∈ Sn
++). X ≥ Y
if X − Y ∈ Sn
+. N (μ, Σ) denotes Gaussian distribution
with mean μ and covariance matrix Σ. The superscript T
stands for transposition. tr(·) refers to the trace of a matrix.
E[·] denotes the expectation of a random variable. Pr{·}
denotes the probability of an event. For functions f, f1, f2
with appropriate domain, f1 ◦ f2(x) stands for the function
composition f1(f2(x)), and f n(x) , f (f n−1(x)).
II. PROBLEM SETUP
The system architecture of cyber attacks in a remote state
estimation application considered in this paper is shown in
Fig. 1. System architecture. The attacker is able to intercept and modify sensor
data, which affects the remote estimation performance despite the false data
detector.
Fig. 1. It consists of six main components, namely the process,
smart sensor, attacker, remote estimator, false data detector,
and wireless network. The smart sensor performs local esti-
mation based on the process measurements and transmits data
packet to the remote estimator through a wireless network
where a malicious attacker may intercept and modify the
transmitted data. A false data detector at remote side monitors
the system behavior and identifies the existence of the attacker.
The detailed models are described in the following.
A. Process Model
Consider a discrete-time linear time-invariant process:
xk+1 = Axk + wk, (1)
yk = Cxk + vk, (2)
where k ∈ N is the time index, xk ∈ Rn the vector of system
states, yk ∈ Rm the vector of sensor measurements, wk ∈
Rn and vk ∈ Rm are zero-mean i.i.d. Gaussian noises with
covariances Q ≥ 0 and R > 0, respectively. The initial state
x0 is zero-mean Gaussian with covariance matrix Π0 ≥ 0, and
is independent of wk and vk for all k ≥ 0. The pair (A, C) is
detectable and (A, √Q) is stabilizable.
B. Smart Sensor and Remote Estimator
The concept of smart sensors refers to sensors that provide
extra functions beyond those necessary for generating the
measured quantity. The functions included might be signal
processing, decision-making and alarm functions, which can
be used to improve system performance [26], [27]. Thus,
we assume that the smart sensor first locally processes the
raw measurement data and transmits its innovation to the
remote estimator in this work. To estimate the system state,
the following standard Kalman filter is adopted by the remote
estimator:
ˆx−
k = Aˆxk−1, (3)
P −
k = APk−1AT + Q, (4)
Kk = P −
k CT (CP −
k CT + R)−1, (5)
ˆxk = ˆx−
k + Kkzk, (6)
Pk = (I − KkC)P −
k , (7)
where zk is the local innovation transmitted to the remote
estimator with
zk = yk − C ˆx−
k , (8)
ˆx−
k and ˆxk are the a priori and the a posteriori Minimum
Mean Squared Error (MMSE) estimates of the state xk at the
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TCNS.2016.2570003, IEEE
Transactions on Control of Network Systems2
information but only compromise a part of existing sensors
and actuators. A unified framework and advanced monitoring
procedures to detect components malfunction or measurements
corruption were also proposed. Further results on different for-
mulations of integrity attack and secure estimation problems
were investigated in [24], [25].
In this paper, we consider deception attacks in a remote state
estimation scenario. We study the optimal linear deception
attack on the sensor data without being detected by a false
data detector at the remote state estimator. The motivation of
the current work is three-fold:
1) A deception attack is subtler and may cause more severe
consequences compared with many other attacks.
2) Existing models of deception attack are quite simple,
many focusing on static parameter estimation [18]–[21].
The need for analyzing potential consequences of attacks
on a dynamic system is important.
3) To propose effective countermeasures, one needs to un-
derstand what the worst attack might be.
The main contributions of this paper are summarized as
follows:
1) We propose a novel type of linear attack strategy and
present the corresponding feasibility constraint, which
guarantees the attacker to successfully inject false data
and remain undetected by the false data detector at the
same time.
2) We compute the evolution of the estimation error covari-
ance at the remote estimator and analyze the degradation
of system performance under various linear attack strate-
gies (Theorem 1).
3) We derive a closed-form expression of the optimal linear
attack strategy which yields the largest error covariance
(Theorem 2).
The remainder of the paper is organized as follows. Sec-
tion II presents the problem formulation and revisits some
preliminaries of the Kalman filter and the false data detector.
Section III proposes a new type of deception attack strategy
and states the feasibility constraint. Section IV illustrates the
degradation of system performance and derives the optimal
strategy among all linear attacks. Simulation results are pro-
vided in Section V. Some concluding remarks are given in the
end.
Notations: N and R denote the sets of natural numbers and
real numbers, respectively. Rn is the n-dimensional Euclidean
space. Sn
+ and Sn
++ are the sets of n × n positive semi-
definite and positive definite matrices. When X ∈ Sn
+, we
simply write X ≥ 0 (or X > 0 if X ∈ Sn
++). X ≥ Y
if X − Y ∈ Sn
+. N (μ, Σ) denotes Gaussian distribution
with mean μ and covariance matrix Σ. The superscript T
stands for transposition. tr(·) refers to the trace of a matrix.
E[·] denotes the expectation of a random variable. Pr{·}
denotes the probability of an event. For functions f, f1, f2
with appropriate domain, f1 ◦ f2(x) stands for the function
composition f1(f2(x)), and f n(x) , f (f n−1(x)).
II. PROBLEM SETUP
The system architecture of cyber attacks in a remote state
estimation application considered in this paper is shown in
Fig. 1. System architecture. The attacker is able to intercept and modify sensor
data, which affects the remote estimation performance despite the false data
detector.
Fig. 1. It consists of six main components, namely the process,
smart sensor, attacker, remote estimator, false data detector,
and wireless network. The smart sensor performs local esti-
mation based on the process measurements and transmits data
packet to the remote estimator through a wireless network
where a malicious attacker may intercept and modify the
transmitted data. A false data detector at remote side monitors
the system behavior and identifies the existence of the attacker.
The detailed models are described in the following.
A. Process Model
Consider a discrete-time linear time-invariant process:
xk+1 = Axk + wk, (1)
yk = Cxk + vk, (2)
where k ∈ N is the time index, xk ∈ Rn the vector of system
states, yk ∈ Rm the vector of sensor measurements, wk ∈
Rn and vk ∈ Rm are zero-mean i.i.d. Gaussian noises with
covariances Q ≥ 0 and R > 0, respectively. The initial state
x0 is zero-mean Gaussian with covariance matrix Π0 ≥ 0, and
is independent of wk and vk for all k ≥ 0. The pair (A, C) is
detectable and (A, √Q) is stabilizable.
B. Smart Sensor and Remote Estimator
The concept of smart sensors refers to sensors that provide
extra functions beyond those necessary for generating the
measured quantity. The functions included might be signal
processing, decision-making and alarm functions, which can
be used to improve system performance [26], [27]. Thus,
we assume that the smart sensor first locally processes the
raw measurement data and transmits its innovation to the
remote estimator in this work. To estimate the system state,
the following standard Kalman filter is adopted by the remote
estimator:
ˆx−
k = Aˆxk−1, (3)
P −
k = APk−1AT + Q, (4)
Kk = P −
k CT (CP −
k CT + R)−1, (5)
ˆxk = ˆx−
k + Kkzk, (6)
Pk = (I − KkC)P −
k , (7)
where zk is the local innovation transmitted to the remote
estimator with
zk = yk − C ˆx−
k , (8)
ˆx−
k and ˆxk are the a priori and the a posteriori Minimum
Mean Squared Error (MMSE) estimates of the state xk at the
2325-5870 (c) 2016 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TCNS.2016.2570003, IEEE
Transactions on Control of Network Systems3
remote estimator, and P −
k and Pk are the corresponding error
covariances. The recursion starts from ˆx−
0 = 0 and P −
0 =
Π0 ≥ 0.
For notational brevity, we also define the Lyapunov and
Riccati operators h, ̃g : Sn
+ → Sn
+ as:
h(X) , AXAT + Q, (9)
̃g(X) , X − XCT (CXCT + R)−1CX. (10)
It is well known that the gain and the error covariance of the
Kalman filter converge from any initial condition [28]. Hence,
we denote the steady-state value of the a priori estimation
error covariance as
P = lim
k→∞ P −
k ,
where P is the unique positive semi-definite solution of h ◦
̃g(X) = X.
To simplify our subsequent discussions, we assume that the
Kalman filter at the remote estimator starts from the steady
state, i.e., Π0 = P , which results in a steady-state Kalman
filter with fixed gain
K = P CT (CP CT + R)−1. (11)
Remark 1 Using the smart sensor instead of the conventional
sensor not only improves measurement accuracy, but also
reduces the computations at the remote estimator and improve
communication efficiency [29]. Another reason why sending
the innovation zk rather than the measurement yk or the
local estimate ˆxk is that the innovation zk will approach a
steady-state distribution that can be easily checked by a false
data detector. If yk or ˆxk is sent instead, it is difficult to find
an appropriate detector which can detect potential malicious
attacks.
C. False Data Detector
The innovation sequence zk sent by the smart sensor is a
white Gaussian process with zero mean and covariance P,
where P = CP CT + R [28]. The false data detector at
the remote estimator side monitors the system behavior and
detects cyber attacks by checking the statistical characteristic
of the arriving innovation sequence. The mean and covariance
of the innovations are used to diagnose the existence of
potential cyber attacks.
The χ2 detector is a residue-based detector widely used
to reveal system anomalies [30], [31]. The detector makes a
decision based on the sum of squared residues zk which is
normalized by the steady-state innovation covariance matrix
P. At time slot k, we suppose the detection criterion is given
in the following form:
gk =
k∑
i=k−J+1
zT
i P−1zi
H0
≶
H1
δ, (12)
where J is the window size of detection, δ is the threshold,
the null hypotheses H0 means that the system is operating
normally, while the alternative hypotheses H1 means that the
system is under attack. The left hand side of (12) satisfies the
χ2 distribution with mJ degrees of freedom. Thus, it is easy
to calculate the false alarm rate from the χ2 distribution. If gk
is greater than the threshold, the detector triggers an alarm.
D. Problems of Interest
Based on the model of the process, the smart sensor, and
the false data detector, the main problems we are interested in
consist of the following:
1) What are the possible attack strategies under which the
attacker remains undetectable to the false data detector?
2) What is the corresponding estimation error at the remote
estimator under such an attack?
3) Does there exist an optimal attack strategy that renders
maximum estimation error?
The detailed mathematical formulations and solutions to
these problems will be introduced in the following two sec-
tions.
III. LINEAR ATTACK STRATEGY
In this section, we consider the existence of a malicious
agent who intentionally launches cyber attacks to degrade the
system performance. We will first define the attack policy and
then analyze the feasibility constraint needed for such attack
from being detected by the false data detector.
A. Linear Deception Attack
Similar to the attack models in existing works [32], [33]
and the man-in-the-middle attack where the attacker has
knowledge of all relevant messages passing between the two
victims and can inject new ones [34], [35], we suppose that
the attacker is able to intercept and modify the transmitted
data. At each time k, the attack strategy is defined as
̃zk = fk(zk) + bk,
where zk is the currently intercepted innovation, ̃zk the in-
novation modified by the attacker, fk an arbitrary function,
bk ∼ N (0, L ) an i.i.d. Gaussian random variable which is
independent of zk.
In this paper, we focus on the subset of all linear attack
strategies where fk is a linear transformation of the innovation
zk. We shall consider the general nonlinear attack strategies in
the future work. The proposed linear attack strategy is defined
as
̃zk = Tkzk + bk, (13)
where Tk ∈ Rm×m is an arbitrary matrix. Since zk ∼
N (0, P), where P = CP CT + R, it is easy to see that
̃zk is also an i.i.d. Gaussian random variable with zero mean
and variance TkPT T
k + L .
According to the detection criterion (12) of the false data
detector, the detection rate of the proposed linear attack (13)
is the same as without attack if the modified innovation ̃zk
preserves the same statistical characteristic as zk. In other
words, to bypass the false data detector, ̃zk is supposed to
satisfy the Gaussian distribution N (0, P), i.e., have zero mean
and covariance P. Hence,
TkPT T
k + L = P.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TCNS.2016.2570003, IEEE
Transactions on Control of Network Systems3
remote estimator, and P −
k and Pk are the corresponding error
covariances. The recursion starts from ˆx−
0 = 0 and P −
0 =
Π0 ≥ 0.
For notational brevity, we also define the Lyapunov and
Riccati operators h, ̃g : Sn
+ → Sn
+ as:
h(X) , AXAT + Q, (9)
̃g(X) , X − XCT (CXCT + R)−1CX. (10)
It is well known that the gain and the error covariance of the
Kalman filter converge from any initial condition [28]. Hence,
we denote the steady-state value of the a priori estimation
error covariance as
P = lim
k→∞ P −
k ,
where P is the unique positive semi-definite solution of h ◦
̃g(X) = X.
To simplify our subsequent discussions, we assume that the
Kalman filter at the remote estimator starts from the steady
state, i.e., Π0 = P , which results in a steady-state Kalman
filter with fixed gain
K = P CT (CP CT + R)−1. (11)
Remark 1 Using the smart sensor instead of the conventional
sensor not only improves measurement accuracy, but also
reduces the computations at the remote estimator and improve
communication efficiency [29]. Another reason why sending
the innovation zk rather than the measurement yk or the
local estimate ˆxk is that the innovation zk will approach a
steady-state distribution that can be easily checked by a false
data detector. If yk or ˆxk is sent instead, it is difficult to find
an appropriate detector which can detect potential malicious
attacks.
C. False Data Detector
The innovation sequence zk sent by the smart sensor is a
white Gaussian process with zero mean and covariance P,
where P = CP CT + R [28]. The false data detector at
the remote estimator side monitors the system behavior and
detects cyber attacks by checking the statistical characteristic
of the arriving innovation sequence. The mean and covariance
of the innovations are used to diagnose the existence of
potential cyber attacks.
The χ2 detector is a residue-based detector widely used
to reveal system anomalies [30], [31]. The detector makes a
decision based on the sum of squared residues zk which is
normalized by the steady-state innovation covariance matrix
P. At time slot k, we suppose the detection criterion is given
in the following form:
gk =
k∑
i=k−J+1
zT
i P−1zi
H0
≶
H1
δ, (12)
where J is the window size of detection, δ is the threshold,
the null hypotheses H0 means that the system is operating
normally, while the alternative hypotheses H1 means that the
system is under attack. The left hand side of (12) satisfies the
χ2 distribution with mJ degrees of freedom. Thus, it is easy
to calculate the false alarm rate from the χ2 distribution. If gk
is greater than the threshold, the detector triggers an alarm.
D. Problems of Interest
Based on the model of the process, the smart sensor, and
the false data detector, the main problems we are interested in
consist of the following:
1) What are the possible attack strategies under which the
attacker remains undetectable to the false data detector?
2) What is the corresponding estimation error at the remote
estimator under such an attack?
3) Does there exist an optimal attack strategy that renders
maximum estimation error?
The detailed mathematical formulations and solutions to
these problems will be introduced in the following two sec-
tions.
III. LINEAR ATTACK STRATEGY
In this section, we consider the existence of a malicious
agent who intentionally launches cyber attacks to degrade the
system performance. We will first define the attack policy and
then analyze the feasibility constraint needed for such attack
from being detected by the false data detector.
A. Linear Deception Attack
Similar to the attack models in existing works [32], [33]
and the man-in-the-middle attack where the attacker has
knowledge of all relevant messages passing between the two
victims and can inject new ones [34], [35], we suppose that
the attacker is able to intercept and modify the transmitted
data. At each time k, the attack strategy is defined as
̃zk = fk(zk) + bk,
where zk is the currently intercepted innovation, ̃zk the in-
novation modified by the attacker, fk an arbitrary function,
bk ∼ N (0, L ) an i.i.d. Gaussian random variable which is
independent of zk.
In this paper, we focus on the subset of all linear attack
strategies where fk is a linear transformation of the innovation
zk. We shall consider the general nonlinear attack strategies in
the future work. The proposed linear attack strategy is defined
as
̃zk = Tkzk + bk, (13)
where Tk ∈ Rm×m is an arbitrary matrix. Since zk ∼
N (0, P), where P = CP CT + R, it is easy to see that
̃zk is also an i.i.d. Gaussian random variable with zero mean
and variance TkPT T
k + L .
According to the detection criterion (12) of the false data
detector, the detection rate of the proposed linear attack (13)
is the same as without attack if the modified innovation ̃zk
preserves the same statistical characteristic as zk. In other
words, to bypass the false data detector, ̃zk is supposed to
satisfy the Gaussian distribution N (0, P), i.e., have zero mean
and covariance P. Hence,
TkPT T
k + L = P.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Optimal Denial-of-Service Attack Scheduling with Energy Constraintlg...
|6
|9729
|245