A Switching Multiplicative Watermarking Scheme for Detection of Stealthy Cyber-Attacks

Riccardo M.G. Ferrari, Andre M.H. Teixeira

Research output: Contribution to journalArticleScientificpeer-review

12 Citations (Scopus)
22 Downloads (Pure)


This article addresses the detection of stealthy attacks on sensor measurements. Inspired in authentication schemes with weak cryptographic guarantees, we propose a watermarking approach to validate the data and its source. In particular, we propose a multiplicative scheme, where the sensor outputs are watermarked by a bank of filters, then transmitted through the possibly unsecured communication network. The original measurement data are finally reconstructed by a watermark remover. To allow the detection of replay attacks, the watermarking filters are devised as hybrid switching systems, whose parameters are assumed to be unknown to the adversary. Design rules are provided, guaranteeing that the nominal closed-loop performance is not deteriorated by the watermarking scheme and ensuring robust stability with mismatched filter parameters. Moreover, we design a switching protocol with no communication overhead to allow the watermarking filters to synchronously update their parameters. The detectability properties of cyber-attacks are analyzed, and the results are illustrated through numerical examples for replay and data injection attacks.

Original languageEnglish
Pages (from-to)2558-2573
JournalIEEE Transactions on Automatic Control
Issue number6
Publication statusPublished - 2021

Bibliographical note

Green Open Access added to TU Delft Institutional Repository 'You share, we take care!' - Taverne project https://www.openaccess.nl/en/you-share-we-take-care

Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.


  • Atmospheric measurements
  • Authentication
  • Cryptography
  • Particle measurements
  • Switches
  • Watermarking


Dive into the research topics of 'A Switching Multiplicative Watermarking Scheme for Detection of Stealthy Cyber-Attacks'. Together they form a unique fingerprint.

Cite this