A Satisfiability Modulo Theory Approach to Secure State Reconstruction in Differentially Flat Systems Under Sensor Attacks

We address the problem of estimating the state of a differentially flat system from measurements that may be corrupted by an adversarial attack. In cyber-physical systems, malicious attacks can directly compromise the system's sensors or manipulate the communication between sensors and controllers. We consider attacks that only corrupt a subset of sensor measurements. We show that the possibility of reconstructing the state under such attacks is characterized by a suitable generalization of the notion of s-sparse observability, previously introduced by some of the authors in the linear case. We also extend our previous work on the use of Satisfiability Modulo Theory solvers to estimate the state under sensor attacks to the context of differentially flat systems. The effectiveness of our approach is illustrated on the problem of controlling a quadrotor under sensor attacks.Comment: arXiv admin note: text overlap with arXiv:1412.432

A Multi-Observer Based Estimation Framework for Nonlinear Systems under Sensor Attacks

We address the problem of state estimation and attack isolation for general discrete-time nonlinear systems when sensors are corrupted by (potentially unbounded) attack signals. For a large class of nonlinear plants and observers, we provide a general estimation scheme, built around the idea of sensor redundancy and multi-observer, capable of reconstructing the system state in spite of sensor attacks and noise. This scheme has been proposed by others for linear systems/observers and here we propose a unifying framework for a much larger class of nonlinear systems/observers. Using the proposed estimator, we provide an isolation algorithm to pinpoint attacks on sensors during sliding time windows. Simulation results are presented to illustrate the performance of our tools.Comment: arXiv admin note: text overlap with arXiv:1806.0648

Detection of Sensor Attack and Resilient State Estimation for Uniformly Observable Nonlinear Systems having Redundant Sensors

This paper presents a detection algorithm for sensor attacks and a resilient state estimation scheme for a class of uniformly observable nonlinear systems. An adversary is supposed to corrupt a subset of sensors with the possibly unbounded signals, while the system has sensor redundancy. We design an individual high-gain observer for each measurement output so that only the observable portion of the system state is obtained. Then, a nonlinear error correcting problem is solved by collecting all the information from those partial observers and exploiting redundancy. A computationally efficient, on-line monitoring scheme is presented for attack detection. Based on the attack detection scheme, an algorithm for resilient state estimation is provided. The simulation results demonstrate the effectiveness of the proposed algorithm

Design and Implementation of Attack-Resilient Cyber-Physical Systems

Recent years have witnessed a significant increase in the number of security-related incidents in control systems. These include high-profile attacks in a wide range of application domains, from attacks on critical infrastructure, as in the case of the Maroochy Water breach [1], and industrial systems (such as the StuxNet virus attack on an industrial supervisory control and data acquisition system [2], [3] and the German Steel Mill cyberattack [4], [5]), to attacks on modern vehicles [6]-[8]. Even high-assurance military systems were shown to be vulnerable to attacks, as illustrated in the highly publicized downing of the RQ-170 Sentinel U.S. drone [9]-[11]. These incidents have greatly raised awareness of the need for security in cyberphysical systems (CPSs), which feature tight coupling of computation and communication substrates with sensing and actuation components. However, the complexity and heterogeneity of this next generation of safety-critical, networked, and embedded control systems have challenged the existing design methods in which security is usually consider as an afterthought

Attack-Resilient State Estimation in the Presence of Noise

We consider the problem of attack-resilient state estimation in the presence of noise. We focus on the most general model for sensor attacks where any signal can be injected via the compromised sensors. An l0-based state estimator that can be formulated as a mixed-integer linear program and its convex relaxation based on the l1 norm are presented. For both l0 and l1-based state estimators, we derive rigorous analytic bounds on the state-estimation errors. We show that the worst-case error is linear with the size of the noise, meaning that the attacker cannot exploit noise and modeling errors to introduce unbounded state-estimation errors. Finally, we show how the presented attack-resilient state estimators can be used for sound attack detection and identification, and provide conditions on the size of attack vectors that will ensure correct identification of compromised sensors

Resilient State Estimation in Presence of Severe Coordinated Cyber-Attacks on Large-Scale Power Systems

Providing situational awareness in light of severe coordinated cyber-attacks on power grids, where many measurements may be untrusted, is necessary for reliable monitoring and resilient operation of the grid. In this scenario, the set of good measurements is by itself insufficient for state estimation due to loss of observability. In this paper, we present a resilient state estimation algorithm, based on output clustering. By augmenting the measurement set by respective cluster variables, the system observability is regained, and a reliable state estimate can be computed. We show the numerical performance of our proposed algorithm and its ability to successfully replace corrupted measurements using cluster variables through an example on the IEEE 24-bus power system.Comment: arXiv admin note: substantial text overlap with arXiv:2004.0383