# Centralized Versus Decentralized Detection of Attacks in Stochastic   Interconnected Systems

**Authors:** Rajasekhar Anguluri, Vaibhav Katewa, and Fabio Pasqualetti

arXiv: 1903.10109 · 2019-03-26

## TL;DR

This paper compares centralized and decentralized attack detection methods in stochastic interconnected systems, revealing conditions where decentralized detection can outperform centralized detection, and designs attacks to challenge system security.

## Contribution

It characterizes the performance of both detection schemes, showing the surprising potential for decentralized detectors to outperform centralized ones under certain conditions.

## Key findings

- Decentralized detectors can outperform centralized detectors depending on system parameters.
- A method to design worst-case attacks that maximize system degradation while remaining detectable.
- Validation through numerical studies on an electric power system.

## Abstract

We consider a security problem for interconnected systems governed by linear, discrete, time-invariant, stochastic dynamics, where the objective is to detect exogenous attacks by processing the measurements at different locations. We consider two classes of detectors, namely centralized and decentralized detectors, which differ primarily in their knowledge of the system model. In particular, a decentralized detector has a model of the dynamics of the isolated subsystems, but is unaware of the interconnection signals that are exchanged among subsystems. Instead, a centralized detector has a model of the entire dynamical system. We characterize the performance of the two detectors and show that, depending on the system and attack parameters, each of the detectors can outperform the other. In particular, it may be possible for the decentralized detector to outperform its centralized counterpart, despite having less information about the system dynamics, and this surprising property is due to the nature of the considered attack detection problem. To complement our results on the detection of attacks, we propose and solve an optimization problem to design attacks that maximally degrade the system performance while maintaining a pre-specified degree of detectability. Finally, we validate our findings via numerical studies on an electric power system.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1903.10109/full.md

## Figures

8 figures with captions in the complete paper: https://tomesphere.com/paper/1903.10109/full.md

## References

34 references — full list in the complete paper: https://tomesphere.com/paper/1903.10109/full.md

---
Source: https://tomesphere.com/paper/1903.10109