Switching and Data Injection Attacks on Stochastic Cyber-Physical Systems: Modeling, Resilient Estimation and Attack Mitigation

TL;DR

This paper addresses attack-resilient state estimation in stochastic cyber-physical systems, modeling attacks as hidden mode systems, and proposes algorithms for detection, mitigation, and resilient estimation with demonstrated effectiveness.

Contribution

It introduces a multiple-model inference approach for resilient estimation under switching and data injection attacks, including fundamental limitations and mitigation strategies.

Findings

Effective recovery of unbiased state estimates under attack

Successful attack detection and identification demonstrated

Resilient estimation validated on benchmark and IEEE systems

Abstract

In this paper, we consider the problem of attack-resilient state estimation, that is to reliably estimate the true system states despite two classes of attacks: (i) attacks on the switching mechanisms and (ii) false data injection attacks on actuator and sensor signals, in the presence of unbounded stochastic process and measurement noise signals. We model the systems under attack as hidden mode stochastic switched linear systems with unknown inputs and propose the use of a multiple-model inference algorithm to tackle these security issues. Moreover, we characterize fundamental limitations to resilient estimation (e.g., upper bound on the number of tolerable signal attacks) and discuss the topics of attack detection, identification and mitigation under this framework. Simulation examples of switching and false data injection attacks on a benchmark system and an IEEE 68-bus test system show the efficacy of our approach to recover resilient (i.e., asymptotically unbiased) state estimates as well as to identify and mitigate the attacks.