Controller-jammer game models of Denial of Service in control systems operating over packet-dropping links

TL;DR

This paper models denial of service attacks in networked control systems as zero-sum games between a strategic jammer and the controller, revealing equilibrium strategies and conditions for optimal attack and defense.

Contribution

It introduces a game-theoretic framework for analyzing DoS attacks in control systems with packet-dropping links, including saddle-point equilibrium analysis.

Findings

Existence of saddle-point equilibrium in one-step games.

Jammer's optimal policy involves randomized strategies in the plant's state space.

Conditions for greedy jamming strategies in multi-stage games.

Abstract

The paper introduces a class of zero-sum games between the adversary and controller as a scenario for a `denial of service' in a networked control system. The communication link is modeled as a set of transmission regimes controlled by a strategic jammer whose intention is to wage an attack on the plant by choosing a most damaging regime-switching strategy. We demonstrate that even in the one-step case, the introduced games admit a saddle-point equilibrium, at which the jammer's optimal policy is to randomize in a region of the plant's state space, thus requiring the controller to undertake a nontrivial response which is different from what one would expect in a standard stochastic control problem over a packet dropping link. The paper derives conditions for the introduced games to have such a saddle-point equilibrium. Furthermore, we show that in more general multi-stage games, these conditions provide `greedy' jamming strategies for the adversary.