Research On Detection And Defense Of Data Integrity Attacks In Cyber-Physical Systems

As a comprehensive intelligent system that integrates computation,communication and con-trol technologies and deeply combines industrialization and informatization,cyber-physical sys-tems(CPS)have been widely applied in critical infrastructure fields such as industrial processes,smart cities,intelligent transportation,and military.However,in recent years,CPS security inci-dents have frequently appeared,especially the cyber-physical threat with high stealthiness.This greatly affects CPS with aspects including resource optimization,perception,and control,which makes it difficult to provide reliable and efficient services.Therefore,CPS security has become one of the basic problems of CPS and has gained great attention from both industry and academia communities.Considering the data integrity attack in CPS,which is one of the main attack methods of cyber-physical threats,they can severely impact the state estimation and control of CPS.In addi-tion,these attacks can also work collaboratively to maintain a certain degree of stealthiness.As a result,such kind of attack has been the focus of research.Research on detection and defense for such attacks has received widespread attention and has made great progress.But there are still deficiencies in the following three aspects.First,the existing attack modeling is not general enough to describe attack stealthiness and its performance degradation.Secondly,there is still a lack of optimization and analysis of detection mechanisms for discontinuous attacks.Lastly,existing re-silient state estimation strategies are still insufficient due to limitations such as the limited number of tolerable malicious devices,and their attack resilience needs to be further reinforced.To solve these problems,considering data integrity attacks,this dissertation first establishes a general attack model to quantify the stealthiness of attacks and induced performance degradation.Based on the attack model,the proactive detection method for discontinuous attacks is provided,and the en-hanced resilient state estimation strategy against attacks with different level of stealthiness is also proposed.The main work and contributions are summarized as follows:1.For the problem of general attack modeling of attack stealthiness and its performance impact in stochastic CPS,the definition of(?,?)-stealthiness is provided based on information the-ories.For a given attack,the(?,?)-stealthiness takes the maximum achievable convergence rates of the false alarm and detection probabilities in arbitrary detectors as the quantification of attack stealthiness level,to characterize the attack stealthiness without the detector knowl-edge.According to the definition of(?,?)-stealthiness,the necessary and sufficient condi-tions for the attack to have a certain degree of stealthiness are given.In further,considering attacks on the control command which cause the residuals of the Kalman filter to be Gaussian independent and identically distributed,the upper bound of the performance impact of such attacks on the control system is characterized.In addition,for the right-invertible system,an optimal attack strategy that achieves the mentioned upper bound is designed.Through comparing with existing attack modeling methods,the(?,?)-stealthiness better characterizes the extent of attack stealthiness.2.For the problem of the optimization and improvement of watermark-based detection strate-gies for discontinuous replay attacks,a periodic watermark scheduling and optimization strategy is proposed.First,by analyzing real attack events,it can be seen that replay attacks may be discontinuous.Due to the discontinuity of such attacks,when the system detector is insensitive to the added watermark signal,the existing method of continuously applying watermark signals on the control input may result in a waste of control costs.To this end,a one-time attack duration model is established.Based on this model,a periodic watermark-ing scheduling strategy is designed,and the analytical relationship between the control cost under the proposed strategy and the scheduling duty cycle(that is,the number of times the watermark is added per unit time)is given.Further,given the control cost constraints,the optimal periodic watermarking scheduling strategy with respect to approximate detection performance is obtained.3.For the problem of enhanced resilient state estimation for sensor attacks,in view of the lim-ited number of tolerable malicious sensors in CPS,an integrated strategy of attack isolation and resilient state estimation,based on attack signal estimation,is proposed to enhance the CPS security against sensor attacks.Considering the stable control system,an attack signal estimator is designed,and the estimated attack signal is proved to be asymptotic unbiased.Based on the estimated attack signals,a sensor-level anomaly detection mechanism and at-tack isolation strategy are designed to overcome the constraints of the existing methods that rely on the strong observability of the system itself.In addition,a theoretical analysis of the attack isolation performance is provided.Based on the time-varying attack isolation results,a corresponding resilient state estimation algorithm is proposed and a theoretical guarantee for the state estimation performance is provided.In the end,the thesis is concluded and the future research work is discussed.