Data-Driven Control and Data-Poisoning attacks in Buildings: the KTH Live-In Lab case study

TL;DR

This paper explores the use of data-driven control techniques, specifically VRFT, in building management systems, and examines their vulnerability to data-poisoning attacks using a digital replica of the KTH Live-In Lab.

Contribution

It demonstrates the application of VRFT in a realistic building model and analyzes its susceptibility to subtle data poisoning attacks, highlighting security concerns.

Findings

Data-driven control via VRFT is effective in the KTH Live-In Lab model.

Small dataset modifications can significantly impair control performance.

Data-poisoning attacks can be crafted to undermine building control systems.

Abstract

This work investigates the feasibility of using input-output data-driven control techniques for building control and their susceptibility to data-poisoning techniques. The analysis is performed on a digital replica of the KTH Livein Lab, a non-linear validated model representing one of the KTH Live-in Lab building testbeds. This work is motivated by recent trends showing a surge of interest in using data-based techniques to control cyber-physical systems. We also analyze the susceptibility of these controllers to data-poisoning methods, a particular type of machine learning threat geared towards finding imperceptible attacks that can undermine the performance of the system under consideration. We consider the Virtual Reference Feedback Tuning (VRFT), a popular data-driven control technique, and show its performance on the KTH Live-In Lab digital replica. We then demonstrate how poisoning attacks can be crafted and illustrate the impact of such attacks. Numerical experiments reveal the feasibility of using data-driven control methods for finding efficient control laws. However, a subtle change in the datasets can significantly deteriorate the performance of VRFT.