Statistical Watermarking for Networked Control Systems

Watermarking can detect sensor attacks in control systems by injecting a private signal into the control, whereby attacks are identified by checking the statistics of the sensor measurements and private signal. However, past approaches assume full state measurements or a centralized controller, which is not found in networked LTI systems with subcontrollers. Since generally the entire system is neither controllable nor observable by a single subcontroller, communication of sensor measurements is required to ensure closed-loop stability. The possibility of attacking the communication channel has not been explicitly considered by previous watermarking schemes, and requires a new design. In this paper, we derive a statistical watermarking test that can detect both sensor and communication attacks. A unique (compared to the non-networked case) aspect of the implementing this test is the state-feedback controller must be designed so that the closed-loop system is controllable by each sub-controller, and we provide two approaches to design such a controller using Heymann's lemma and a multi-input generalization of Heymann's lemma. The usefulness of our approach is demonstrated with a simulation of detecting attacks in a platoon of autonomous vehicles. Our test allows each vehicle to independently detect attacks on both the communication channel between vehicles and on the sensor measurements

Replay Attack Detection Based on Parity Space Method for Cyber-Physical Systems

The replay attack detection problem is studied from a new perspective based on parity space method in this paper. The proposed detection methods have the ability to distinguish system fault and replay attack, handle both input and output data replay, maintain certain control performance, and can be implemented conveniently and efficiently. First, the replay attack effect on the residual is derived and analyzed. The residual change induced by replay attack is characterized explicitly and the detection performance analysis based on two different test statistics are given. Second, based on the replay attack effect characterization, targeted passive and active design for detection performance enhancement are proposed. Regarding the passive design, four optimization schemes regarding different cost functions are proposed with optimal parity matrix solutions, and the unified solution to the passive optimization schemes is obtained; the active design is enabled by a marginally stable filter so as to enlarge the replay attack effect on the residual for detection. Simulations and comparison studies are given to show the effectiveness of the proposed methods

Replay Attack Detection in Smart Grids using Switching Multi-sine Watermarking

Cyber-Physical Systems (CPS) are systems that include physical and computational components linked by communication channels. In a Smart Grid (SG), the power plants and loads communicate with supervisors (Central Controllers (CC)) for managing the power demand more efficiently. As such, a smart grid can be regarded as a CPS. The computational components and communication links of a CPS can be subject to cyber-attacks. Researchers have been exploring detection and mitigation strategies for various types of cyber-attacks. An important type of attack is the replay attack for which various strategies based on watermarking signals have been proposed. One such scheme is based on switching multi-sine waves as the watermarking signal. This thesis adapts this scheme and develops a design procedure for detecting replay attacks for smart grids. Specifically, it examines the places in a grid where the watermarking signal can be injected and presents guidelines for choosing the amplitude and frequencies of sine waves that suit smart grids. One of the drawbacks of using a watermarking signal is the additional control cost (i.e., decrease in performance). In the context of smart grids, watermarking results in small fluctuations in delivered power. This thesis extends the single-input-single-output watermarking to a two-input-two-output watermarking scheme for smart grids in such a way to considerably lower grid power fluctuations due to watermarking. The proposed method is verified using a simulated grid connected inverter-based plants. Simulation results show that using the suggested strategy, the effect of watermarking on the overall grid power reduces significantly