Switching and Data Injection Attacks on Stochastic Cyber-Physical Systems: Modeling, Resilient Estimation and Attack Mitigation

Sze Zheng Yong,Minghui Zhu,Emilio Frazzoli
DOI: https://doi.org/10.48550/arXiv.1707.07112
2017-07-22
Abstract:In this paper, we consider the problem of attack-resilient state estimation, that is to reliably estimate the true system states despite two classes of attacks: (i) attacks on the switching mechanisms and (ii) false data injection attacks on actuator and sensor signals, in the presence of unbounded stochastic process and measurement noise signals. We model the systems under attack as hidden mode stochastic switched linear systems with unknown inputs and propose the use of a multiple-model inference algorithm to tackle these security issues. Moreover, we characterize fundamental limitations to resilient estimation (e.g., upper bound on the number of tolerable signal attacks) and discuss the topics of attack detection, identification and mitigation under this framework. Simulation examples of switching and false data injection attacks on a benchmark system and an IEEE 68-bus test system show the efficacy of our approach to recover resilient (i.e., asymptotically unbiased) state estimates as well as to identify and mitigate the attacks.
Optimization and Control,Cryptography and Security,Systems and Control,Dynamical Systems
What problem does this paper attempt to address?
The problem that this paper attempts to solve is how to achieve state estimation resistant to two types of attacks, namely switching - mechanism attacks and false data injection attacks, in Stochastic Cyber - Physical Systems (SCPS). Specifically, the authors focus on how to reliably estimate the true system state in the presence of unbounded stochastic processes and measurement noise signals, even if these systems are subject to the above two types of attacks. To meet this challenge, they propose a method of using multi - model inference algorithms to deal with these security issues, and explore the fundamental limitations of resistant estimation (for example, the maximum number of signal attacks that can be tolerated), as well as attack detection, identification and mitigation strategies within this framework. ### The main contributions of the paper include: 1. **Proposing a resistant state estimation algorithm**: This algorithm can output reliable estimates of the true system state in the face of switching attacks and attacks on actuators and sensors simultaneously. 2. **Dealing with switching attacks for the first time**: This is the first time that someone has proposed a resistant state estimation algorithm capable of dealing with switching attacks. 3. **Dealing with simultaneous actuator and sensor attacks**: Under the condition of the existence of unbounded random noise signals, this is also the first successful attempt to deal with these two types of attacks. 4. **Establishing fundamental limitations**: The fundamental limitations of resistant estimation are studied, such as the maximum number of attacks that can be corrected or tolerated, and the topic of attack detection is considered. 5. **Designing an attack - mitigation feedback controller**: This contributes to the non - game - theoretic reactive attack - mitigation literature. ### The structure of the paper is arranged as follows: - **Section 2** provides an inspiring example of a multi - area power system with switching and data injection attacks. - **Section 3** describes the modeling methods of switching and false data injection attacks in SCPS, and states the assumptions / models of the system and the attacker. - **Section 4** reviews multi - model algorithms and their good properties, and explains the application of the general algorithm in resistant state estimation. This section also specifically studies the fundamental limitations of resistant estimation. - **Section 5** focuses on attack detection and identification, providing some sufficient conditions as guiding principles for system operators / designers. - **Section 6** designs an attack - mitigation feedback controller. - **Section 7** demonstrates the effectiveness of the proposed method through a benchmark system and the IEEE 68 - bus test system. - **Section 8** summarizes the full text. By proposing a new multi - model inference algorithm, the paper not only solves the state estimation problem in a complex environment, but also provides important theoretical basis and technical support for future cyber - physical system security research.