Research On Design And Detection For Data Attacks In Cyber-Physical Systems

With the development of information technology and industry scale,cyber-physical systems(CPSs),feature integrating information communication network with physical plant,are ubiquitous and crucial in the modern industry.Their emergences attract many attentions from various research areas,such as power grids,water supply and transportation systems.The applications of information networks make the CPSs expose more vulnerabilities to the malicious groups,and further cause the physical facilities be sabotaged severely.However,the traditional network security technologies are not able to deal these difficulties.For example,Iran's nuclear centrifuges accident and western Ukraine blackout both inflict significant economic losses.Thus,the analysis of data attack's behaviors and detection problems based on control theories is crucial for CPS's security and reliability.Data attacks,such as replay attacks and false data injection attacks,generally occur in the transmission channels between sensors and controller or the ones between controller and actuators.They usually require stealth for the detection mechanism in CPSs,when compromise the systems.Hence,this thesis studies the attacker behavior and attack detection method based the control theory.Though many works are achieved,some limitations are still existing in their studies:the design of data attacks decrease the attack energy to guarantee the stealth due to the existence of external disturbance;the noisy control method for detecting the replay attack reduces the control performance;the coding scheme for detecting false data injection attack assumes the attacker is unable to access the coding matrix,which is ensured by the time-varying coding matrix.But the time-varying coding matrix is also a challenge for the communication security and reliability.This thesis designs a novel adaptive cooperative attack scheme based on H?/H_indexes,the stochastic coding detection scheme against the replay attacks and the SUM detector for detecting the false data injection attacks.The main contributions are summarized as follows.1)A novel cooperative attack policy comprising adaptive and bias signals is studied against the CPSs based on the model knowledge.From the attacker's stand point,the design objective is deteriorating the system performance and deceiving the previously equipped detector in the CPSs.Combining with H?/H_indexes,the bias signal is elaborately designed to compromise the systems by applying the linear matrix inequality(LMI)technology.Different from the existing works,in order to increase the attack effectiveness,an adaptive signal is also injected to compensate the possible external disturbance by the attacker.Moreover,some technology difficulties in the H?/H_attack design problems are also investigated with the LMI approach.2)By the replay attack,attacker records and covers the transmitted data between the senders and receivers of the sensors.In order to achieve the detection objective for malicious replay attack,the stochastic coding scheme is proposed to make the compromised CPSs generate covariance differences of certain data.Different from the existing results,this method detects the replay attack without sacrificing any system performances in normal systems.Based on the coding scheme,two types of detectors are further designed to detect the covariance changes in residual and output,respectively.Moreover,the output-based detector has more low-computing solution process than the residual-based one.3)The false data injection attacks usually modify the sensors data so as to make CPSs unstable and keep stealth for ?2 detector.To guarantee system security,a novel detector,i.e.the summation(SUM)detector,is proposed to triggers alarm for the false data injection attacks.Different form the ?2 detector,the SUM detector not only utilizes the current compromise information,but also collects all historical information to reveal the threat.It can also effectively prevents false alarm in the case of white noise and energy bounded disturbance.Furthermore,an improved false data injection attack with time-variable increment coefficient is introduced based on the existing approaches.The effects of SUM detector are also verified for the traditional and the improved false injection attacks,respectively.