Secure Set-based State Estimation for Safety-Critical Applications under Adversarial Attacks on Sensors

TL;DR

This paper presents a novel secure set-based state estimation method that guarantees safety and security against sensor cyberattacks, maintaining accurate state estimates without overly restricting system operation.

Contribution

The paper introduces the S3E algorithm that provides guaranteed state inclusion under sensor attacks and offers strategies to balance computational complexity and performance.

Findings

The S3E algorithm maintains true state within the estimated set despite sensor attacks.

The estimated set remains unaffected by sufficiently large attack signals.

Conditions for attack detection, identification, and filtering are established.

Abstract

Set-based state estimation provides guaranteed state inclusion certificates that are crucial for the safety verification of dynamical systems. However, when system sensors are subject to cyberattacks, maintaining both safety and security guarantees becomes a fundamental challenge that existing point-based secure state estimation methods cannot adequately address due to their inherent inability to provide state inclusion certificates. This paper introduces a novel approach that simultaneously ensures safety guarantees through guaranteed state inclusion and security guarantees against sensor attacks, without imposing conservative restrictions on system operation. We propose a Secure Set-based State Estimation (S3E) algorithm that maintains the true system state within the estimated set under sensor attacks, provided the initialization set contains the initial state and the system remains observable from the uncompromised sensor subset. The algorithm gives the estimated set as a collection of constrained zonotopes (agreement sets), which can be employed as robust certificates for verifying whether the system adheres to safety constraints. Furthermore, we demonstrate that the estimated set remains unaffected by attack signals of sufficiently large magnitude and also establish sufficient conditions for attack detection, identification, and filtering. This compels the attacker to only inject signals of small magnitudes to evade detection, thus preserving the accuracy of the estimated set. To address the computational complexity of the algorithm, we offer several strategies for complexity-performance trade-offs. The efficacy of the proposed algorithm is illustrated through several examples, including its application to a three-story building model.