Coding Schemes for Securing Cyber-Physical Systems Against Stealthy Data Injection Attacks

Fei Miao, Quanyan Zhu, Miroslav Pajic, George J. Pappas

Research output: Contribution to journalArticle

Abstract

This paper considers a method of coding the sensor outputs in order to detect stealthy false data injection attacks. An intelligent attacker can design a sequence of data injection to sensors and actuators that pass the state estimator and statistical fault detector, based on knowledge of the system parameters. To stay undetected, the injected data should increase the state estimation errors while keep the estimation residues small. We employ a coding matrix to change the original sensor outputs to increase the estimation residues under intelligent data injection attacks. This is a low-cost method compared with encryption schemes over all sensor measurements in communication networks. We show the conditions of a feasible coding matrix under the assumption that the attacker does not have knowledge of the exact coding matrix. An algorithm is developed to compute a feasible coding matrix, and, we show that in general, multiple feasible coding matrices exist. To defend against attackers who estimates the coding matrix via sensor and actuator measurements, time-varying coding matrices are designed according to the detection requirements. A heuristic algorithm to decide the time length of updating a coding matrix is then proposed.

Original languageEnglish (US)
Article number7478650
Pages (from-to)106-117
Number of pages12
JournalIEEE Transactions on Control of Network Systems
Volume4
Issue number1
DOIs
StatePublished - Mar 1 2017

Fingerprint

Injection
Coding
Attack
Sensor
Sensors
Actuators
Actuator
Cyber Physical System
State estimation
Heuristic algorithms
Time measurement
Output
State Estimation
Estimation Error
Telecommunication networks
Cryptography
Communication Networks
Heuristic algorithm
Encryption
Updating

Keywords

  • Coding
  • detection
  • feasible coding matrix
  • state estimator
  • stealthy data injection attacks
  • time-varying coding

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Signal Processing
  • Computer Networks and Communications
  • Control and Optimization

Cite this

Coding Schemes for Securing Cyber-Physical Systems Against Stealthy Data Injection Attacks. / Miao, Fei; Zhu, Quanyan; Pajic, Miroslav; Pappas, George J.

In: IEEE Transactions on Control of Network Systems, Vol. 4, No. 1, 7478650, 01.03.2017, p. 106-117.

Research output: Contribution to journalArticle

@article{05a11f355c834b2da960abcab3568f59,
title = "Coding Schemes for Securing Cyber-Physical Systems Against Stealthy Data Injection Attacks",
abstract = "This paper considers a method of coding the sensor outputs in order to detect stealthy false data injection attacks. An intelligent attacker can design a sequence of data injection to sensors and actuators that pass the state estimator and statistical fault detector, based on knowledge of the system parameters. To stay undetected, the injected data should increase the state estimation errors while keep the estimation residues small. We employ a coding matrix to change the original sensor outputs to increase the estimation residues under intelligent data injection attacks. This is a low-cost method compared with encryption schemes over all sensor measurements in communication networks. We show the conditions of a feasible coding matrix under the assumption that the attacker does not have knowledge of the exact coding matrix. An algorithm is developed to compute a feasible coding matrix, and, we show that in general, multiple feasible coding matrices exist. To defend against attackers who estimates the coding matrix via sensor and actuator measurements, time-varying coding matrices are designed according to the detection requirements. A heuristic algorithm to decide the time length of updating a coding matrix is then proposed.",
keywords = "Coding, detection, feasible coding matrix, state estimator, stealthy data injection attacks, time-varying coding",
author = "Fei Miao and Quanyan Zhu and Miroslav Pajic and Pappas, {George J.}",
year = "2017",
month = "3",
day = "1",
doi = "10.1109/TCNS.2016.2573039",
language = "English (US)",
volume = "4",
pages = "106--117",
journal = "IEEE Transactions on Control of Network Systems",
issn = "2325-5870",
publisher = "IEEE CONTROL SYSTEMS SOCIETY",
number = "1",

}

TY - JOUR

T1 - Coding Schemes for Securing Cyber-Physical Systems Against Stealthy Data Injection Attacks

AU - Miao, Fei

AU - Zhu, Quanyan

AU - Pajic, Miroslav

AU - Pappas, George J.

PY - 2017/3/1

Y1 - 2017/3/1

N2 - This paper considers a method of coding the sensor outputs in order to detect stealthy false data injection attacks. An intelligent attacker can design a sequence of data injection to sensors and actuators that pass the state estimator and statistical fault detector, based on knowledge of the system parameters. To stay undetected, the injected data should increase the state estimation errors while keep the estimation residues small. We employ a coding matrix to change the original sensor outputs to increase the estimation residues under intelligent data injection attacks. This is a low-cost method compared with encryption schemes over all sensor measurements in communication networks. We show the conditions of a feasible coding matrix under the assumption that the attacker does not have knowledge of the exact coding matrix. An algorithm is developed to compute a feasible coding matrix, and, we show that in general, multiple feasible coding matrices exist. To defend against attackers who estimates the coding matrix via sensor and actuator measurements, time-varying coding matrices are designed according to the detection requirements. A heuristic algorithm to decide the time length of updating a coding matrix is then proposed.

AB - This paper considers a method of coding the sensor outputs in order to detect stealthy false data injection attacks. An intelligent attacker can design a sequence of data injection to sensors and actuators that pass the state estimator and statistical fault detector, based on knowledge of the system parameters. To stay undetected, the injected data should increase the state estimation errors while keep the estimation residues small. We employ a coding matrix to change the original sensor outputs to increase the estimation residues under intelligent data injection attacks. This is a low-cost method compared with encryption schemes over all sensor measurements in communication networks. We show the conditions of a feasible coding matrix under the assumption that the attacker does not have knowledge of the exact coding matrix. An algorithm is developed to compute a feasible coding matrix, and, we show that in general, multiple feasible coding matrices exist. To defend against attackers who estimates the coding matrix via sensor and actuator measurements, time-varying coding matrices are designed according to the detection requirements. A heuristic algorithm to decide the time length of updating a coding matrix is then proposed.

KW - Coding

KW - detection

KW - feasible coding matrix

KW - state estimator

KW - stealthy data injection attacks

KW - time-varying coding

UR - http://www.scopus.com/inward/record.url?scp=85016315984&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85016315984&partnerID=8YFLogxK

U2 - 10.1109/TCNS.2016.2573039

DO - 10.1109/TCNS.2016.2573039

M3 - Article

AN - SCOPUS:85016315984

VL - 4

SP - 106

EP - 117

JO - IEEE Transactions on Control of Network Systems

JF - IEEE Transactions on Control of Network Systems

SN - 2325-5870

IS - 1

M1 - 7478650

ER -