2 research outputs found
Detectability of Intermittent Zero-Dynamics Attack in Networked Control Systems
This paper analyzes stealthy attacks, particularly the zero-dynamics attack
(ZDA) in networked control systems. ZDA hides the attack signal in the
null-space of the state-space representation of the control system and hence it
cannot be detected via conventional detection methods. A natural defense
strategy builds on changing the null-space via switching through a set of
topologies. In this paper, we propose a realistic ZDA variation where the
attacker is aware of this topology-switching strategy, and hence employs the
policy to avoid detection: "pause (update and resume) attack" before (after)
topology switching to evade detection. We first systematically study the
proposed ZDA variation, and then develop defense strategies under the realistic
assumptions. Particularly, we characterize conditions for detectability of the
proposed ZDA variation, in terms of the network topologies to be maintained,
the set of agents to be monitored, and the measurements of the monitored agents
that should be extracted. We provide numerical results that demonstrate our
theoretical findings.Comment: To appear in IEEE CDC 201
Novel Stealthy Attack and Defense Strategies for Networked Control Systems
This paper studies novel attack and defense strategies, based on a class of
stealthy attacks, namely the zero-dynamics attack (ZDA), for multi-agent
control systems. ZDA poses a formidable security challenge since its attack
signal is hidden in the null-space of the state-space representation of the
control system and hence it can evade conventional detection methods. An
intuitive defense strategy builds on changing the aforementioned representation
via switching through a set of carefully crafted topologies. In this paper, we
propose realistic ZDA variations where the attacker is aware of this
topology-switching strategy, and hence employs the following policies to avoid
detection: (i) pause, update and resume ZDA according to the knowledge of
switching topologies; (ii) cooperate with a concurrent stealthy topology attack
that alters network topology at switching times, such that the original ZDA is
feasible under the corrupted topology. We first systematically study the
proposed ZDA variations, and then develop defense strategies against them under
the realistic assumption that the defender has no knowledge of attack starting,
pausing, and resuming times and the number of misbehaving agents. Particularly,
we characterize conditions for detectability of the proposed ZDA variations, in
terms of the network topologies to be maintained, the set of agents to be
monitored, and the measurements of the monitored agents that should be
extracted, while simultaneously preserving the privacy of the states of the
non-monitored agents. We then propose an attack detection algorithm based on
the Luenberger observer, using the characterized detectability conditions. We
provide numerical simulation results to demonstrate our theoretical findings.Comment: to appear in IEEE TA