TY - CHAP
T1 - Detection of Cyber-Attacks
T2 - A Multiplicative Watermarking Scheme
AU - Ferrari, Riccardo M.G.
AU - Teixeira, André M.H.
PY - 2021
Y1 - 2021
N2 - This chapter addresses the problem of detecting stealthy data injection attacks on sensor measurements in a networked control system. A multiplicative watermarking scheme is proposed, where the data from each sensor is post-processed by a time-varying filter called watermark generator. At the controller’s side, the watermark is removed from each channel by another filter, called the watermark remover, thus reconstructing the original signal. The parameters of each remover are matched to those of the corresponding generator, and are supposed to be a shared secret not known by the attacker. The rationale for time-varying watermarks is to allow model-based schemes to detect otherwise stealthy attacks by constantly introducing mismatches between the actual and the nominal dynamics used by the detector. A specific model-based diagnosis algorithm is designed to this end. Under the proposed watermarking scheme, the robustness and the detectability properties of the model-based detector are analyzed and guidelines for designing the watermarking filters are derived. Distinctive features of the proposed approach, with respect to other solutions like end-to-end encryption, are that the scheme is lightweight enough to be applied also to legacy control systems, the absence of side-effects such as delays, and the possibility of utilizing a robust controller to operate the closed-loop system in the event of the transmitter and receiver losing synchronization of their watermarking filters. The results are illustrated through numerical examples.
AB - This chapter addresses the problem of detecting stealthy data injection attacks on sensor measurements in a networked control system. A multiplicative watermarking scheme is proposed, where the data from each sensor is post-processed by a time-varying filter called watermark generator. At the controller’s side, the watermark is removed from each channel by another filter, called the watermark remover, thus reconstructing the original signal. The parameters of each remover are matched to those of the corresponding generator, and are supposed to be a shared secret not known by the attacker. The rationale for time-varying watermarks is to allow model-based schemes to detect otherwise stealthy attacks by constantly introducing mismatches between the actual and the nominal dynamics used by the detector. A specific model-based diagnosis algorithm is designed to this end. Under the proposed watermarking scheme, the robustness and the detectability properties of the model-based detector are analyzed and guidelines for designing the watermarking filters are derived. Distinctive features of the proposed approach, with respect to other solutions like end-to-end encryption, are that the scheme is lightweight enough to be applied also to legacy control systems, the absence of side-effects such as delays, and the possibility of utilizing a robust controller to operate the closed-loop system in the event of the transmitter and receiver losing synchronization of their watermarking filters. The results are illustrated through numerical examples.
UR - http://www.scopus.com/inward/record.url?scp=85107990288&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-65048-3_9
DO - 10.1007/978-3-030-65048-3_9
M3 - Chapter
AN - SCOPUS:85107990288
SN - 978-3-030-65047-6
T3 - Lecture Notes in Control and Information Sciences
SP - 173
EP - 201
BT - Safety, Security and Privacy for Cyber-Physical Systems
A2 - Ferrari, Riccardo M.G.
A2 - Teixeira, André M.H.
PB - Springer
ER -