22 research outputs found
Statistical Watermarking for Networked Control Systems
Watermarking can detect sensor attacks in control systems by injecting a
private signal into the control, whereby attacks are identified by checking the
statistics of the sensor measurements and private signal. However, past
approaches assume full state measurements or a centralized controller, which is
not found in networked LTI systems with subcontrollers. Since generally the
entire system is neither controllable nor observable by a single subcontroller,
communication of sensor measurements is required to ensure closed-loop
stability. The possibility of attacking the communication channel has not been
explicitly considered by previous watermarking schemes, and requires a new
design. In this paper, we derive a statistical watermarking test that can
detect both sensor and communication attacks. A unique (compared to the
non-networked case) aspect of the implementing this test is the state-feedback
controller must be designed so that the closed-loop system is controllable by
each sub-controller, and we provide two approaches to design such a controller
using Heymann's lemma and a multi-input generalization of Heymann's lemma. The
usefulness of our approach is demonstrated with a simulation of detecting
attacks in a platoon of autonomous vehicles. Our test allows each vehicle to
independently detect attacks on both the communication channel between vehicles
and on the sensor measurements
Information Flow for Security in Control Systems
This paper considers the development of information flow analyses to support
resilient design and active detection of adversaries in cyber physical systems
(CPS). The area of CPS security, though well studied, suffers from
fragmentation. In this paper, we consider control systems as an abstraction of
CPS. Here, we extend the notion of information flow analysis, a well
established set of methods developed in software security, to obtain a unified
framework that captures and extends system theoretic results in control system
security. In particular, we propose the Kullback Liebler (KL) divergence as a
causal measure of information flow, which quantifies the effect of adversarial
inputs on sensor outputs. We show that the proposed measure characterizes the
resilience of control systems to specific attack strategies by relating the KL
divergence to optimal detection techniques. We then relate information flows to
stealthy attack scenarios where an adversary can bypass detection. Finally,
this article examines active detection mechanisms where a defender
intelligently manipulates control inputs or the system itself in order to
elicit information flows from an attacker's malicious behavior. In all previous
cases, we demonstrate an ability to investigate and extend existing results by
utilizing the proposed information flow analyses