This article studies a fundamental problem of security of cyber-physical
systems (CPSs). We focus on a class of attacks where some of the actuators
could be malicious while all the sensors are considered to be honest. We
introduce a novel idea of separability of state trajectories that are generated
by the honest and corrupt actuators, and establish its connection to the
security of CPSs in the context of detecting the presence of malicious
actuators (if any,) in the system. As a defense strategy to guard the CPS
against malicious attacks, we focus on the mechanism of perturbing the
pre-determined control action by injecting a certain class of random process by
the honest actuators called private excitation, which is assumed to have a
known distribution. As primary contributions we give sufficient conditions for
the existence and non-existence of a separator for linear time-invariant
stochastic systems, under the assumption that the policies are
randomized-Markovian and randomized history dependent. Several technical
aspects of the established results are discussed extensively.Comment: 26 page