Event-triggered state observers for sparse sensor noise/attacks

This paper describes two algorithms for state reconstruction from sensor measurements that are corrupted with sparse, but otherwise arbitrary, 'noise.' These results are motivated by the need to secure cyber-physical systems against a malicious adversary that can arbitrarily corrupt sensor measurements. The first algorithm reconstructs the state from a batch of sensor measurements while the second algorithm is able to incorporate new measurements as they become available, in the spirit of a Luenberger observer. A distinguishing point of these algorithms is the use of event-triggered techniques to improve the computational performance of the proposed algorithms

A Satisfiability Modulo Theory Approach to Secure State Reconstruction in Differentially Flat Systems Under Sensor Attacks

We address the problem of estimating the state of a differentially flat system from measurements that may be corrupted by an adversarial attack. In cyber-physical systems, malicious attacks can directly compromise the system's sensors or manipulate the communication between sensors and controllers. We consider attacks that only corrupt a subset of sensor measurements. We show that the possibility of reconstructing the state under such attacks is characterized by a suitable generalization of the notion of s-sparse observability, previously introduced by some of the authors in the linear case. We also extend our previous work on the use of Satisfiability Modulo Theory solvers to estimate the state under sensor attacks to the context of differentially flat systems. The effectiveness of our approach is illustrated on the problem of controlling a quadrotor under sensor attacks.Comment: arXiv admin note: text overlap with arXiv:1412.432

A secure state estimation algorithm for nonlinear systems under sensor attacks

The state estimation of continuous-time nonlinear systems in which a subset of sensor outputs can be maliciously controlled through injecting a potentially unbounded additive signal is considered in this paper. Analogous to our earlier work for continuous-time linear systems in \cite{chong2015observability}, we term the convergence of the estimates to the true states in the presence of sensor attacks as `observability under $M$ attacks', where $M$ refers to the number of sensors which the attacker has access to. Unlike the linear case, we only provide a sufficient condition such that a nonlinear system is observable under $M$ attacks. The condition requires the existence of asymptotic observers which are robust with respect to the attack signals in an input-to-state stable sense. We show that an algorithm to choose a compatible state estimate from the state estimates generated by the bank of observers achieves asymptotic state reconstruction. We also provide a constructive method for a class of nonlinear systems to design state observers which have the desirable robustness property. The relevance of this study is illustrated on monitoring the safe operation of a power distribution network.Comment: This paper has been accepted for publication at the 59th IEEE Conference on Decision and Control, 202

외부 공격으로부터 자율 복원 가능한 제어 시스템: 센서 공격에 안전한 상태 추정 기법

학위논문 (박사)-- 서울대학교 대학원 : 공과대학 전기·컴퓨터공학부, 2018. 2. 심형보.Recent advances in computer and communication technologies make control systems more connected thanks to the developments in networked actuation and sensing devices. As this connectivity increases, the resulting large scale networked control systems, or the cyber-physical systems (CPS), are exposed and can be vulnerable to malicious attacks. In response to the crisis by the malicious adversaries, this dissertation presents sophisticated control algorithms which are more reliable even when some components of the feedback control systems are corrupted. Focusing especially on sensor attacks, security related problems on CPS are carefully analyzed and an attack-resilient state estimation scheme is proposed. First, the notion of redundant observability is introduced that explains in a unified manner existing security notions such as dynamic security index, attack detectability, and observability under attacks. The redundant observability is a key concept in this dissertation, and a system is said to be q-redundant observable if it is observable even after eliminating any q measurements. It has been shown that any q-sparse sensor attack is detectable if and only if the given linear time invariant (LTI) system is q-redundant observable. It is also equivalent to the condition that the system is observable under ⌊q/2⌋-sparse sensor attacks. Moreover, the dynamic security index, which is defined by the minimum number of attacks to be undetectable, can be computed as q + 1. In addition, the redundant detectability (or, asymptotic redundant observability), which is a weaker notion than the redundant observability, is also introduced. While the redundant observability does not care about the magnitudes of sensor attacks and does not mind whether the attacks are disruptive or not, the redundant detectability only deals with attacks that do not converge to zero as time goes on, so that it is more practical in the sense that it can only detect and correct the attacks that are actually harmful to the system. Next, a resilient state estimation scheme is proposed under two assumptions: ⌊q/2⌋-sparsity of attack vector and q-redundant detectability of the system. The proposed estimator consists of a bank of partial observers operating based on Kalman detectability decomposition and a decoder exploiting error correction techniques. The partial observers are either constructed by Luenberger observers or Kalman filters. The Luenberger observer guarantees the robustness with bounded disturbances/noises, while the Kalman filter shows the suboptimality in the sense of minimum variance with Garussian disturbances/noises. In terms of time complexity, an ℓ0 minimization problem in the decoder alleviates the computational efforts by reducing the search space to a finite set and by combining a detection algorithm to the optimization process. On the other hand, in terms of space complexity, the required memory is linear with the number of sensors by means of the decomposition used for constructing a bank of partial observers. This resilient state estimation scheme proposed for LTI systems, is further extended for a class of uniformly observable nonlinear systems. Based on the uniform observability decomposition, a high gain observer is constructed for each single measurement to estimate the observable sub-state and it constitutes the partial observer. Finally, the decoder solves a nonlinear error correcting problem by collecting all the information from the high gain observers and by exploiting redundancy.1 Introduction 1 1.1 Background 1 1.2 Research Objective and Contributions 5 1.3 Outline of the Dissertation 8 2 Error Correction over Reals and its Extensions 11 2.1 Error Correction over Reals and Compressed Sensing 11 2.2 Extension to Stacked Vector Case 16 2.2.1 Error Detectability and Error Correctability 16 2.2.2 Error Detection and Correction Scheme for Noiseless Case 20 2.2.3 Error Detection and Correction Scheme for Noisy Case 23 3 On Redundant Observability 41 3.1 Redundant Observability 42 3.1.1 Definition and Characterization 42 3.1.2 Relationship with Strong Observability 45 3.1.3 Redundant Unobservable Subspace 47 3.1.4 Asymptotic Redundant Observability 49 3.2 Attack Detectability and Dynamic Security Index 56 3.3 Observability under Sparse Sensor Attacks 65 4 Attack-Resilient State Estimation for Linear Systems 69 4.1 Problem Formulation 70 4.2 Components of Attack-Resilient Estimator and Their Functions 73 4.2.1 Partial Observer: Kalman Detectability Decomposition 73 4.2.2 Decoder: Error Correction for Stacked Vector 77 4.3 Design of Attack-Resilient State Estimator 78 4.3.1 Deterministic Estimator with Bounded Disturbance and Noise 79 4.3.2 Suboptimal Estimator with Gaussian Disturbance and Noise 85 4.4 Remarks on Proposed Attack-Resilient Estimator 93 4.4.1 Comparison with Fault Detection and Isolation 93 4.4.2 Analysis of Time and Space Complexity 95 4.5 Simulation Results: Three-Inertia System 96 5 Attack-Resilient State Estimation for Nonlinear Systems 101 5.1 Problem Formulation and Preliminaries 102 5.1.1 Problem Formulation 102 5.1.2 Bi-Lipschitz Function and Lipschitz Left Inverse 103 5.1.3 Nonlinear Error Detectability and Error Correctability 105 5.2 Uniformly Observable Nonlinear Systems for Any Input 108 5.2.1 Uniform Observability Decomposition 108 5.2.2 Design of High Gain Observer 111 5.3 Redundant Observability for Nonlinear Systems 112 5.4 Attack Detection and Resilient Estimation for Nonlinear Systems 115 5.4.1 Detection of Sensor Attacks 115 5.4.2 Attack-Resilient State Estimation 119 5.5 Simulation Results: Numerical Example 121 6 Conclusion 125 6.1 Summary 125 6.2 Future Works 127 Bibliography 129 국문초록 141Docto

State of the art of cyber-physical systems security: An automatic control perspective

Cyber-physical systems are integrations of computation, networking, and physical processes. Due to the tight cyber-physical coupling and to the potentially disrupting consequences of failures, security here is one of the primary concerns. Our systematic mapping study sheds light on how security is actually addressed when dealing with cyber-physical systems from an automatic control perspective. The provided map of 138 selected studies is defined empirically and is based on, for instance, application fields, various system components, related algorithms and models, attacks characteristics and defense strategies. It presents a powerful comparison framework for existing and future research on this hot topic, important for both industry and academia