Cyber-physical systems(CPSs)have emerged as an essential area of research in the last decade,providing a new paradigm for the integration of computational and physical units in modern control systems.Remote state esti...Cyber-physical systems(CPSs)have emerged as an essential area of research in the last decade,providing a new paradigm for the integration of computational and physical units in modern control systems.Remote state estimation(RSE)is an indispensable functional module of CPSs.Recently,it has been demonstrated that malicious agents can manipulate data packets transmitted through unreliable channels of RSE,leading to severe estimation performance degradation.This paper aims to present an overview of recent advances in cyber-attacks and defensive countermeasures,with a specific focus on integrity attacks against RSE.Firstly,two representative frameworks for the synthesis of optimal deception attacks with various performance metrics and stealthiness constraints are discussed,which provide a deeper insight into the vulnerabilities of RSE.Secondly,a detailed review of typical attack detection and resilient estimation algorithms is included,illustrating the latest defensive measures safeguarding RSE from adversaries.Thirdly,some prevalent attacks impairing the confidentiality and data availability of RSE are examined from both attackers'and defenders'perspectives.Finally,several challenges and open problems are presented to inspire further exploration and future research in this field.展开更多
This paper explores security risks in state estimation based on multi-sensor systems that implement a Kalman filter and aχ^(2) detector.When measurements are transmitted via wireless networks to a remote estimator,th...This paper explores security risks in state estimation based on multi-sensor systems that implement a Kalman filter and aχ^(2) detector.When measurements are transmitted via wireless networks to a remote estimator,the innovation sequence becomes susceptible to interception and manipulation by adversaries.We consider a class of linear deception attacks,wherein the attacker alters the innovation to degrade estimation accuracy while maintaining stealth against the detector.Given the inherent volatility of the detection function based on theχ^(2) detector,we propose broadening the traditional feasibility constraint to accommodate a certain degree of deviation from the distribution of the innovation.This broadening enables the design of stealthy attacks that exploit the tolerance inherent in the detection mechanism.The state estimation error is quantified and analyzed by deriving the iteration of the error covariance matrix of the remote estimator under these conditions.The selected degree of deviation is combined with the error covariance to establish the objective function and the attack scheme is acquired by solving an optimization problem.Furthermore,we propose a novel detection algorithm that employs a majority-voting mechanism to determine whether the system is under attack,with decision parameters dynamically adjusted in response to system behavior.This approach enhances sensitivity to stealthy and persistent attacks without increasing the false alarm rate.Simulation results show that the designed leads to about a 41%rise in the trace of error covariance for stable systems and 29%for unstable systems,significantly impairing estimation performance.Concurrently,the proposed detection algorithm enhances the attack detection rate by 33%compared to conventional methods.展开更多
This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the meas...This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the measurement residuals of partial sensors due to limited attack resources,is proposed to maximally degrade system estimation performance.The attack stealthiness condition is given,and then the estimation error covariance in compromised state is derived to quantify the system performance under attack.The optimal attack strategy is obtained by solving several convex optimization problems which maximize the trace of the compromised estimation error covariance subject to the stealthiness condition.Moreover,due to the constraint of attack resources,the selection principle of the attacked sensor is provided to determine which sensor is attacked so as to hold the most impact on system performance.Finally,simulation results are presented to verify the theoretical analysis.展开更多
In this paper,the authors consider how to design defensive countermeasures against DoS attacks for remote state estimation of multiprocess systems.For each system,a sensor will measure its state and transmits the data...In this paper,the authors consider how to design defensive countermeasures against DoS attacks for remote state estimation of multiprocess systems.For each system,a sensor will measure its state and transmits the data packets through an unreliable channel which is vulnerable to be jammed by an attacker.Under limited communication bandwidth,only a subset of sensors are allowed for data transmission,and how to select the optimal one to maximize the accuracy of remote state estimation is the focus of the proposed work.The authors first formulate this problem as a Markov decision process and investigate the existence of optimal policy.Moreover,the authors demonstrate the piecewise monotonicity structure of optimal policy.Given the difficulty of obtaining an optimal policy of large-scale problems,the authors develop a suboptimal heuristic policy based on the aforementioned policy structure and Whittle’s index.Moreover,a closed form of the indices is derived in order to reduce implementation complexity of proposed scheduling policy and numerical examples are provided to illustrate the proposed developed results.展开更多
基金the Natural Sciences and Engineering Research Council(NSERC)of Canada。
文摘Cyber-physical systems(CPSs)have emerged as an essential area of research in the last decade,providing a new paradigm for the integration of computational and physical units in modern control systems.Remote state estimation(RSE)is an indispensable functional module of CPSs.Recently,it has been demonstrated that malicious agents can manipulate data packets transmitted through unreliable channels of RSE,leading to severe estimation performance degradation.This paper aims to present an overview of recent advances in cyber-attacks and defensive countermeasures,with a specific focus on integrity attacks against RSE.Firstly,two representative frameworks for the synthesis of optimal deception attacks with various performance metrics and stealthiness constraints are discussed,which provide a deeper insight into the vulnerabilities of RSE.Secondly,a detailed review of typical attack detection and resilient estimation algorithms is included,illustrating the latest defensive measures safeguarding RSE from adversaries.Thirdly,some prevalent attacks impairing the confidentiality and data availability of RSE are examined from both attackers'and defenders'perspectives.Finally,several challenges and open problems are presented to inspire further exploration and future research in this field.
文摘This paper explores security risks in state estimation based on multi-sensor systems that implement a Kalman filter and aχ^(2) detector.When measurements are transmitted via wireless networks to a remote estimator,the innovation sequence becomes susceptible to interception and manipulation by adversaries.We consider a class of linear deception attacks,wherein the attacker alters the innovation to degrade estimation accuracy while maintaining stealth against the detector.Given the inherent volatility of the detection function based on theχ^(2) detector,we propose broadening the traditional feasibility constraint to accommodate a certain degree of deviation from the distribution of the innovation.This broadening enables the design of stealthy attacks that exploit the tolerance inherent in the detection mechanism.The state estimation error is quantified and analyzed by deriving the iteration of the error covariance matrix of the remote estimator under these conditions.The selected degree of deviation is combined with the error covariance to establish the objective function and the attack scheme is acquired by solving an optimization problem.Furthermore,we propose a novel detection algorithm that employs a majority-voting mechanism to determine whether the system is under attack,with decision parameters dynamically adjusted in response to system behavior.This approach enhances sensitivity to stealthy and persistent attacks without increasing the false alarm rate.Simulation results show that the designed leads to about a 41%rise in the trace of error covariance for stable systems and 29%for unstable systems,significantly impairing estimation performance.Concurrently,the proposed detection algorithm enhances the attack detection rate by 33%compared to conventional methods.
基金supported by the National Natural Science Foundation of China(61925303,62173034,62088101,U20B2073,62173002)the National Key Research and Development Program of China(2021YFB1714800)Beijing Natural Science Foundation(4222045)。
文摘This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the measurement residuals of partial sensors due to limited attack resources,is proposed to maximally degrade system estimation performance.The attack stealthiness condition is given,and then the estimation error covariance in compromised state is derived to quantify the system performance under attack.The optimal attack strategy is obtained by solving several convex optimization problems which maximize the trace of the compromised estimation error covariance subject to the stealthiness condition.Moreover,due to the constraint of attack resources,the selection principle of the attacked sensor is provided to determine which sensor is attacked so as to hold the most impact on system performance.Finally,simulation results are presented to verify the theoretical analysis.
基金supported by the National Natural Science Foundation of China under Grant No.20231120102304001,STIC under Grant Nos.62303212 and ZDSYS20220330161800001.
文摘In this paper,the authors consider how to design defensive countermeasures against DoS attacks for remote state estimation of multiprocess systems.For each system,a sensor will measure its state and transmits the data packets through an unreliable channel which is vulnerable to be jammed by an attacker.Under limited communication bandwidth,only a subset of sensors are allowed for data transmission,and how to select the optimal one to maximize the accuracy of remote state estimation is the focus of the proposed work.The authors first formulate this problem as a Markov decision process and investigate the existence of optimal policy.Moreover,the authors demonstrate the piecewise monotonicity structure of optimal policy.Given the difficulty of obtaining an optimal policy of large-scale problems,the authors develop a suboptimal heuristic policy based on the aforementioned policy structure and Whittle’s index.Moreover,a closed form of the indices is derived in order to reduce implementation complexity of proposed scheduling policy and numerical examples are provided to illustrate the proposed developed results.
