Security Index from Input/Output Data: Theory and Computation

TL;DR

This paper introduces a data-driven security index for systems that quantifies the minimum components to compromise for undetectable attacks, computable solely from input/output data without system models.

Contribution

It presents a novel data-driven security index, conditions for its equivalence to the model-based index, and algorithms including a polynomial-time upper bound for NP-hard computation.

Findings

The data-driven index matches the model-based index under certain conditions.

An algorithm for computing the index is proposed and tested.

Numerical examples demonstrate the index's effectiveness and limitations.

Abstract

The concept of a security index quantifies the minimum number of components that must be compromised to carry out an undetectable attack. This metric enables system operators to quantify each component's security risk and implement countermeasures. In this paper, we introduce a data-driven security index that can be computed solely from input/output data when the system model is unknown. We show a sufficient condition under which the data-driven security index coincides with the model-based security index, which implies that the exact risk level of each component can be identified solely from the data. We provide an algorithm for computing the data-driven security index. Although computing this index is NP-hard, we derive a polynomial-time computable upper bound. Numerical examples on vehicle platooning illustrate the efficacy and limitations of the proposed index and algorithms.