Compensation of Linear Attacks to Cyber Physical Systems through ARX System Identification

TL;DR

This paper presents a method for detecting and compensating linear attacks on cyber-physical systems using ARX system identification, ensuring system stability during cyber attacks.

Contribution

It introduces a novel intrusion detection and compensation framework that restarts system identification and redesigns controllers in response to detected attacks.

Findings

Detection strategy effectively identifies anomalies in real-time.

System compensation maintains stability under deception attacks.

ARX-based identification proves reliable in experimental tests.

Abstract

Cyber-Physical Systems (CPSs) are vastly used in today's cities critical infrastructure. The cyber part of these systems usually has a network component through which cyber attacks can be launched. In this paper, we first design an intrusion detection system (IDS) by identifying the plant. We assume the initial operation period of the CPS is attack-free and learn the plant model. Then, we compare the expected output found via the identifier with the real one coming through the feedback link. Any difference greater than a threshold is deemed to be an anomaly. To compensate, once the IDS flags a change in the loop, we restart the system identification to find the new transfer function. With the estimation of the new transfer function at hand, a new controller is designed to keep the system stable. To test the idea, we took a DC motor as the plant and employed ARX identifier. MATLAB Simulink environment was used to test the proposed intrusion detection and compensation framework. We applied a set of deception attacks to the forward channel in our experiments. The obtained results prove that our detection strategy works well and timely reacts to anomalies. Moreover, they show that the compensation strategy is also effective and keeps the system stable under such attacks.