Document Type
Article
Publication Date
5-2021
Department
Engineering
Keywords
sensor systems, time-varying systems, cyber-physical systems, actuators, data models, fault detection, linear parameter-varying systems, optimization, time-varying systems
Abstract
This article considers the design and analysis of multiple moving target defenses for recognizing and isolating attacks on cyber-physical systems. We consider attackers who perform integrity attacks on some set of sensors and actuators in a control system. In such cases, it has been shown that a model aware adversary can carefully design attack vectors to bypass bad data detection and identification filters while causing damage to the control system. To counter such an attacker, we propose the moving target defense which introduces stochastic, time-varying parameters in the control system. The underlying random dynamics of the system limit an attacker’s knowledge of the model and inhibits his or her ability to construct stealthy attack sequences. Moreover, the time-varying nature of the dynamics thwarts adaptive adversaries. We explore three main designs. First, we consider a hybrid system where parameters within the existing plant are switched among multiple modes. We demonstrate how such an approach can enable both the detection and identification of malicious nodes. Next, we investigate the addition of an extended system with dynamics that are coupled to the original plant but do not affect system performance. Here, an attack on the original system will affect the authenticating subsystem and in turn be revealed by a set of sensors measuring the extended plant. Lastly, we propose the use of sensor nonlinearities to enhance the effectiveness of the moving target defense. The nonlinear dynamics act to conceal normal operational behavior from an attacker who has tampered with the system state, further hindering an attacker’s ability to glean information about the time-varying dynamics. In all cases mechanisms for analysis and design are proposed. Finally, we analyze attack detectability for each moving target defense by investigating expected lower bounds on the detection statistic. Our contributions are also tested via simulation.
Source Publication Title
IEEE Transactions on Automatic Control
Publisher
IEEE
Volume
66
Issue
5
First Page
2016
DOI
10.1109/TAC.2020.3005686
Recommended Citation
Griffioen, P., Weerakkody, S., & Sinopoli, B. (2021). A Moving Target Defense for Securing Cyber-Physical Systems. IEEE Transactions on Automatic Control, 66 (5), 2016. https://doi.org/10.1109/TAC.2020.3005686
Comments
© 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.