Centrality-Based Security Allocation in Networked Control Systems

TL;DR

This paper introduces a centrality-based method for security resource allocation in networked control systems, balancing attack mitigation efficiency and computational speed.

Contribution

It proposes a novel centrality-guided approach for security allocation that is faster and nearly as effective as optimal solutions in large-scale networks.

Findings

Centrality-based approach significantly reduces allocation time.

Method performs comparably to optimal solutions in numerical tests.

Validated on Erdos-Renyi graph models.

Abstract

This paper addresses the security allocation problem within networked control systems, which consist of multiple interconnected control systems under the influence of two opposing agents: a defender and a malicious adversary. The adversary aims to maximize the worst-case attack impact on system performance while remaining undetected by launching stealthy data injection attacks on one or several interconnected control systems. Conversely, the defender's objective is to allocate security resources to detect and mitigate these worst-case attacks. A novel centrality-based approach is proposed to guide the allocation of security resources to the most connected or influential subsystems within the network. The methodology involves comparing the worst-case attack impact for both the optimal and centrality-based security allocation solutions. The results demonstrate that the centrality measure approach enables significantly faster allocation of security resources with acceptable levels of performance loss compared to the optimal solution, making it suitable for large-scale networks. The proposed method is validated through numerical examples using Erdos-Renyi graphs.