Attack Detection and Identification in Cyber-Physical Systems -- Part I: Models and Fundamental Limitations

TL;DR

This paper develops a unified linear descriptor system framework to analyze the fundamental detection and identification limitations of cyber-physical systems against omniscient attacks, providing algebraic and graph-theoretic conditions.

Contribution

It introduces a comprehensive model capturing various attack types and characterizes the fundamental detection and identification limits using algebraic and graph-theoretic methods.

Findings

Characterization of undetectable and unidentifiable attacks

Algebraic conditions for attack detection and identification

Graph-theoretic conditions based on system interconnection structure

Abstract

Cyber-physical systems integrate computation, communication, and physical capabilities to interact with the physical world and humans. Besides failures of components, cyber-physical systems are prone to malignant attacks, and specific analysis tools as well as monitoring mechanisms need to be developed to enforce system security and reliability. This paper proposes a unified framework to analyze the resilience of cyber-physical systems against attacks cast by an omniscient adversary. We model cyber-physical systems as linear descriptor systems, and attacks as exogenous unknown inputs. Despite its simplicity, our model captures various real-world cyber-physical systems, and it includes and generalizes many prototypical attacks, including stealth, (dynamic) false-data injection and replay attacks. First, we characterize fundamental limitations of static, dynamic, and active monitors for attack detection and identification. Second, we provide constructive algebraic conditions to cast undetectable and unidentifiable attacks. Third, by using the system interconnection structure, we describe graph-theoretic conditions for the existence of undetectable and unidentifiable attacks. Finally, we validate our findings through some illustrative examples with different cyber-physical systems, such as a municipal water supply network and two electrical power grids.