Resilience to Denial-of-Service and Integrity Attacks: A Structured Systems Approach

TL;DR

This paper analyzes the resilience of cyberphysical systems to DoS and integrity attacks using a structured systems approach, providing conditions for resilience and extending to switched systems.

Contribution

It introduces a graph-theoretic framework for assessing structural resilience to DoS and integrity attacks in linear systems, including switched systems.

Findings

Conditions for resilience to DoS attacks are established.

Resilience conditions are extended to integrity attacks.

Resilience criteria for switched linear systems are derived.

Abstract

The resilience of cyberphysical systems to denial-of-service (DoS) and integrity attacks is studied in this paper. The cyberphysical system is modeled as a linear structured system, and its resilience to an attack is interpreted in a graph theoretical framework. The structural resilience of the system is characterized in terms of unmatched vertices in maximum matchings of the bipartite graph and connected components of directed graph representations of the system under attack. We first present conditions for the system to be resilient to DoS attacks when an adversary may block access or turn off certain inputs to the system. We extend this analysis to characterize resilience of the system when an adversary might additionally have the ability to affect the implementation of state-feedback control strategies. This is termed an integrity attack. We establish conditions under which a system that is structurally resilient to a DoS attack will also be resilient to a certain class of integrity attacks. Finally, we formulate an extension to the case of switched linear systems, and derive conditions for such systems to be structurally resilient to a DoS attack.