Abstract
We study the problem of learning-based attacks in a simple abstraction of cyber-physical systems - the case of a scalar, discrete-time, linear, time-invariant plant that may be subject to an attack that overrides the sensor readings and the controller actions. The attacker attempts to learn the dynamics of the plant and subsequently override the controller's actuation signal, to destroy the plant without being detected. The attacker can feed fictitious sensor readings to the controller using its estimate of the plant dynamics and mimicking the legitimate plant operation. The controller, on the other hand, is constantly on the lookout for an attack, and immediately shuts the plant off if an attack is detected. We study the performance of a specific authentication test and, by utilizing tools from information theory and statistics, we bound the asymptotic detection and deception probabilities for any measurable control policy when the attacker uses an arbitrary learning algorithm to estimate the dynamic of the plant. Finally, we show how the controller can impede the learning process of the attacker by superimposing a carefully crafted privacy-enhancing signal upon its control policy.
Original language | English |
---|---|
Pages (from-to) | 369-374 |
Number of pages | 6 |
Journal | IFAC-PapersOnLine |
Volume | 52 |
Issue number | 20 |
DOIs | |
State | Published - 2019 |
Event | 8th IFAC Workshop on Distributed Estimation and Control in Networked Systems, NECSYS 2019 - Chicago, United States Duration: 16 Sep 2019 → 17 Sep 2019 |
Keywords
- Secure control
- cyber-physical systems security
- man-in-the-middle attack
- physical authentication of control systems
- system identification
All Science Journal Classification (ASJC) codes
- Control and Systems Engineering