Experimental evaluation of sensor attacks and defense mechanisms in feedback systems

TL;DR

This paper experimentally evaluates sensor attack feasibility and defense strategies in feedback systems, confirming theoretical predictions and exploring the impact of controller dynamics and anomaly detectors on attack stealthiness.

Contribution

It provides an experimental validation of theoretical attack impact, analyzes how controller design affects attack stealthiness, and assesses defense mechanisms like anomaly detectors and noise injection.

Findings

Stealthy sensor attacks are feasible on stable controllers.

Integral action in controllers reduces attack stealthiness.

Detectors with internal dynamics decrease attack impact.

Abstract

In this work, we evaluate theoretical results on the feasibility of, the worst-case impact of, and defense mechanisms against a stealthy sensor attack in an experimental setup. We demonstrate that for a controller with stable dynamics the stealthy sensor attack is possible to conduct and the theoretical worst-case impact is close to the achieved practical one. However, although the attack should theoretically be possible when the controller has integral action, we show that the integral action slows the attacker down and the attacker is not able to remain stealthy if it has not perfect knowledge of the controller state. In addition to that, we investigate the effect of different anomaly detectors on the attack impact and conclude that the impact under detectors with internal dynamics is smaller. Finally, we use noise injection into the controller dynamics to unveil the otherwise stealthy attacks.