Coding Schemes for Securing Cyber-Physical Systems Against Stealthy Data Injection Attacks

TL;DR

This paper proposes a low-cost coding scheme for sensor outputs in cyber-physical systems to detect stealthy data injection attacks, using static and time-varying coding matrices to enhance security against intelligent attackers.

Contribution

It introduces a novel coding matrix method for attack detection, provides conditions for feasible matrices, and develops algorithms for static and dynamic coding schemes.

Findings

Feasible coding matrices can be computed efficiently.

Multiple coding matrices exist for a given system.

Time-varying coding matrices improve attack detection over static ones.

Abstract

This paper considers a method of coding the sensor outputs in order to detect stealthy false data injection attacks. An intelligent attacker can design a sequence of data injection to sensors and actuators that pass the state estimator and statistical fault detector, based on knowledge of the system parameters. To stay undetected, the injected data should increase the state estimation errors while keep the estimation residues small. We employ a coding matrix to change the original sensor outputs to increase the estimation residues under intelligent data injection attacks. This is a low cost method compared with encryption schemes over all sensor measurements in communication networks. We show the conditions of a feasible coding matrix under the assumption that the attacker does not have knowledge of the exact coding matrix. An algorithm is developed to compute a feasible coding matrix, and, we show that in general, multiple feasible coding matrices exist. To defend against attackers who estimates the coding matrix via sensor and actuator measurements, time-varying coding matrices are designed according to the detection requirements. A heuristic algorithm to decide the time length of updating a coding matrix is then proposed.