Online Poisoning Attacks Against Data-Driven Predictive Control
Yue Yu, Ruihan Zhao, Sandeep Chinchali, and Ufuk Topcu
TL;DR
This paper introduces a numerical method to craft poisoning attacks on data-driven predictive control systems, significantly increasing output tracking errors by injecting carefully designed perturbations into online data.
Contribution
It develops a novel approach using implicit differentiation to generate effective poisoning attacks on DPC, highlighting vulnerabilities in data-driven control methods.
Findings
Attacks cause an order of magnitude higher tracking error than random noise.
The method effectively exploits the solution map of trajectory optimization.
Numerical experiments validate the attack's impact.
Abstract
Data-driven predictive control (DPC) is a feedback control method for systems with unknown dynamics. It repeatedly optimizes a system's future trajectories based on past input-output data. We develop a numerical method that computes poisoning attacks that inject additive perturbations to the online output data to change the trajectories optimized by DPC. This method is based on implicitly differentiating the solution map of the trajectory optimization in DPC. We demonstrate that the resulting attacks can cause an output tracking error one order of magnitude higher than random perturbations in numerical experiments.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Control Systems Optimization · Fault Detection and Control Systems · Extremum Seeking Control Systems