Logo: to the web site of Uppsala University

This paper considers observer-based detection of sensor bias injection attacks (BIAs) on linear cyber-physical systems with single output driven by Gaussian noise. Despite their simplicity, BIAs pose a severe risk to systems with integrators, which we refer to as integrator vulnerability. Specifically, the residual generated by any linear observer is indistinguishable under attack and normal operation at steady-state, making BIAs detectable only during transients. To address this, we propose a principled method based on Kullback-Liebler divergence to design a residual generator that significantly increases the signal-to-noise ratio against BIAs. For systems without integrator vulnerability, our method also enables a trade-off between transient and steady-state detectability. The effectiveness of the proposed method is demonstrated through numerical comparisons with three state-of-the-art residual generators.

In this article, we consider the problem of security allocation in a networked control system under stealthy attacks. The system is comprised of interconnected subsystems represented by vertices. A malicious adversary selects a single vertex on which to conduct a stealthy data injection attack with the purpose of maximally disrupting a distant target vertex while remaining undetected. Defense resources against the adversary are allocated by a defender on several selected vertices. First, the objectives of the adversary and the defender with uncertain targets are formulated in a probabilistic manner, resulting in an expected worst-case impact of stealthy attacks. Next, we provide a graph-theoretic necessary and sufficient condition under which the cost for the defender and the expected worst-case impact of stealthy attacks are bounded. This condition enables the defender to restrict the admissible actions to dominating sets of the graph representing the network. Then, the security allocation problem is solved through a Stackelberg game-theoretic framework. Finally, the obtained results are validated through a numerical example of a 50-vertex networked control system.

This paper addresses the security allocation problem within networked control systems, which consist of multiple interconnected control systems under the influence of two opposing agents: a defender and a malicious adversary. The adversary aims to maximize the worst-case attack impact on system performance while remaining undetected by launching stealthy data injection attacks on one or several interconnected control systems. Conversely, the defender's objective is to allocate security resources to detect and mitigate these worst-case attacks. A novel centrality-based approach is proposed to guide the allocation of security resources to the most connected or influential subsystems within the network. The methodology involves comparing the worst-case attack impact for both the optimal and centrality-based security allocation solutions. The results demonstrate that the centrality measure approach enables significantly faster allocation of security resources with acceptable levels of performance loss compared to the optimal solution, making it suitable for large-scale networks. The proposed method is validated through numerical examples using Erd®sRényi graphs.

Delay injection attacks on nonlinear control systems may trigger instability mechanisms like finite escape time dynamics. The paper guards against such attacks by showing how a recursive algorithm for identification of nonlinear dynamics and delay can simultaneously provide parameter estimates for controller tuning and detection of delay injection in the feedback path. The attack methodology is illustrated using a simulated feedback linearized automotive cruise controller where the attack is disguised, but anyway rapidly detected.

Intrusion detection systems (IDSs) are widely used to identify anomalies in computer networks and raise alarms on intrusive behaviors. ML-based IDSs generally take network traces or host logs as input to extract patterns from individual samples, whereas the inter-dependencies of network are often not captured and learned, which may result in large amounts of uncertain predictions, false positives, and false negatives. To tackle the challenges in intrusion detection, we propose a graph neural network-based intrusion detection system (GNN-IDS), which is data-driven and machine learning-empowered. In our proposed GNN-IDS, the attack graph and real-time measurements that represent static and dynamic attributes of computer networks, respectively, are incorporated and associated to represent complex computer networks. Graph neural networks are employed as the inference engine for intrusion detection. By learning network connectivity, graph neural networks can quantify the importance of neighboring nodes and node features to make more reliable predictions. Furthermore, by incorporating an attack graph, GNN-IDS could not only detect anomalies but also identify the malicious actions causing the anomalies. The experimental results on a use case network with two synthetic datasets (one generated from public IDS data) show that the proposed GNN-IDS achieves good performance. The results are analyzed from the aspects of uncertainty, explainability, and robustness.

This paper considers constant bias injection attacks on the glucose sensor deployed in an artificial pancreas system. The main challenge with such apparently simple attacks is that they are detectable for only a limited duration if the system is linear and has an integrator. More formally put, such attacks are steady-state stealthy. To address this issue, we propose a method to design a bias-sensitive Kalman filter based on the Kullback-Leibler divergence metric. The resulting filter outperforms the nominal Kalman filter for attack detection as illustrated by numerical simulations on a realistic model.

Modern glucose sensors deployed in closed -loop insulin delivery systems, so-called artificial pancreas use wireless communication channels. While this allows a flexible system design, it also introduces vulnerability to cyberattacks. Timely detection and mitigation of attacks are imperative for device safety. However, large unknown meal disturbances are a crucial challenge in determining whether the sensor has been compromised or the sensor glucose trajectories are normal. We address this issue from a control -theoretic security perspective. In particular, a time -varying Kalman filter is employed to handle the sporadic meal intakes. The filter prediction error is then statistically evaluated to detect anomalies if present. We compare two state-of-the-art online anomaly detection algorithms, namely the ￜￜￜￜￜￜ2 and CUSUM tests. We establish a robust optimal detection rule for unknown bias injections. Even if the optimality holds only for the restrictive case of constant bias injections, we show that the proposed model -based anomaly detection scheme is also effective for generic non -stealthy sensor deception attacks through numerical simulations.

In this article, we address the problem of risk assessment of stealthy attacks on uncertain control systems. Considering the data injection attacks that aim at maximizing the impact while remaining undetected, we use the recently proposed output-to-output gain to characterize the risk associated with the impact of attacks under a limited system knowledge attacker. The risk is formulated using a well-established risk metric, namely the maximum expected loss. Under this setup, the risk assessment problem corresponds to an untractable infinite nonconvex optimization problem. To address this limitation, we adopt the framework of scenario-based optimization to approximate the infinite nonconvex optimization problem by a sampled nonconvex optimization problem. Then, based on the framework of dissipative system theory and S-procedure, the sampled nonconvex risk assessment problem is formulated as an equivalent convex semidefinite program. Additionally, we derive the necessary and sufficient conditions for the risk to be bounded. Finally, we illustrate the results through numerical simulation of a hydro-turbine power system.

Safety filters ensure that only safe control actions are executed. We propose a simple and stealthy false-data injection attack for deactivating such safety filters; in particular, we focus on deactivating safety filters that are based on control-barrier functions. The attack injects false sensor measurements to bias state estimates to the interior of a safety region, which makes the safety filter accept unsafe control actions. To detect such attacks, we also propose a detector that detects biases manufactured by the proposed attack policy, which complements conventional detectors when safety filters are used. The proposed attack policy and detector are illustrated on a double integrator example.

This article investigates the design of online stealthy attacks with the aim of moving the system's state to the desired target. Different from the design of offline attacks, which is only based on the system's model, to design the online attack, the attacker also estimates the system's state with the intercepted data at each instant and computes the optimal attack accordingly. To ensure stealthiness, the Kullback-Leibler divergence between the innovations with and without attacks at each instant should be smaller than a threshold. We show that the attacker should solve a convex optimization problem at each instant to compute the mean and covariance of the attack. The feasibility of the attack policy is also discussed. Furthermore, for the strictly stealthy case with zero threshold, the analytical expression of the unique optimal attack is given. Finally, a numerical example of the longitudinal flight control system is adopted to illustrate the effectiveness of the proposed attack.