Optimal Attack against Cyber-Physical Control Systems with Reactive Attack Mitigation

TL;DR

This paper develops an optimal attack strategy against cyber-physical control systems with detection and mitigation, using a Markov decision process to maximize system disruption while considering detection trade-offs.

Contribution

It introduces a novel MDP-based framework for designing optimal false data injection attacks that account for detection and mitigation effects in cyber-physical systems.

Findings

Optimal attack sequences significantly increase system error.

Attack impact depends on attack stealthiness and magnitude.

Framework validated on power grid voltage control system.

Abstract

This paper studies the performance and resilience of a cyber-physical control system (CPCS) with attack detection and reactive attack mitigation. It addresses the problem of deriving an optimal sequence of false data injection attacks that maximizes the state estimation error of the system. The results provide basic understanding about the limit of the attack impact. The design of the optimal attack is based on a Markov decision process (MDP) formulation, which is solved efficiently using the value iteration method. Using the proposed framework, we quantify the effect of false positives and mis-detections on the system performance, which can help the joint design of the attack detection and mitigation. To demonstrate the use of the proposed framework in a real-world CPCS, we consider the voltage control system of power grids, and run extensive simulations using PowerWorld, a high-fidelity power system simulator, to validate our analysis. The results show that by carefully designing the attack sequence using our proposed approach, the attacker can cause a large deviation of the bus voltages from the desired setpoint. Further, the results verify the optimality of the derived attack sequence and show that, to cause maximum impact, the attacker must carefully craft his attack to strike a balance between the attack magnitude and stealthiness, due to the simultaneous presence of attack detection and mitigation.