#### DMCA

## Attack detection and identification in cyber-physical systems

Venue: | IEEE Trans. Automat. Contr |

Citations: | 29 - 4 self |

### Citations

1365 | Decoding by linear programming
- Candes, Tao
- 2005
(Show Context)
Citation Context ...on problem) Consider the system (1) with identifiable attack set K. The attack identification problem given the system matrices E, A, C, and the measurements y is NP-hard. Proof: Consider the NP-hard =-=[48]-=- sparse recovery problem min¯ ξ∈R n ‖¯y− ¯ C ¯ ξ‖ℓ0, where ¯ C ∈ R p×n and ¯y ∈ R p are given and constant. In order to prove the claimed statement, we show that every instance of the sparse recovery ... |

672 | Nikiforov, Detection of Abrupt Changes: Theory and Applications
- Basseville, I
- 1993
(Show Context)
Citation Context ... on their data management and communication layer. Concerns about security of control systems are not new, as the numerous manuscripts on systems fault detection, isolation, and recovery testify [6], =-=[7]-=-. Cyber-physical systems, however, suffer from specific vulnerabilities which do not affect classical control systems, and for which This material is based upon work supported in part by NSF grant CNS... |

523 | Multivariable Feedback control: Analysis and Design - Skogestad, Postlethwaite - 2005 |

283 |
Linear Multivariable Control – A Geometric Approach
- Wonham
- 1985
(Show Context)
Citation Context ...the measurements. For our model, we define the notions of detectability and identifiability of an attack by its effect on output measurements. Informed by the classic work on geometric control theory =-=[24]-=-, [25], our framework includes the deterministic static detection problem considered in [9], [10], and the prototypical deception and denial of service [8], stealth [16], (dynamic) false-data injectio... |

172 |
Singular Control Systems,
- Dai
- 1989
(Show Context)
Citation Context ...ptor system (1) has no invariant zeros and the matrix pencil in (8) necessarily has full rank. It follows that the triple (E, A, C) is observable, G can be chosen to make the pair (E, A + GC) Hurwitz =-=[42]-=-, and the error system (6) is stable without zero dynamics. Notice that, if the initial state x(0) is not available, then, an arbitrary initial state w(0) ∈ Rn can be chosen. In this case, since (E, A... |

160 | Matpower: Steady-state operations, planning, and analysis tools for power systems research and education
- Zimmerman, andnchez, et al.
- 2011
(Show Context)
Citation Context ...the reconstructed system state at time t. C. An example of distributed detection The IEEE 118 bus system shown in Fig. 3 is composed of 118 buses and 54 generators, and its parameters can be found in =-=[51]-=-. Following Section II, a linear continuous-time descriptor model of the system under attack takes the form (1).1 0 Residual area 1 �1 0 5 10 15 20 25 30 35 40 1 Residual area 2 0 �1 0 5 10 15 20 25 ... |

146 | False data injection attacks against state estimation in electric power grids
- Liu, Ning, et al.
- 2011
(Show Context)
Citation Context ...d they are cast by altering the behavior of sensors and actuators. Denial of service attacks, instead, compromise the availability of resources by, for instance, jamming the communication channel. In =-=[9]-=- false data injection attacks against static state estimators are introduced. False data injection attacks are specific deception attacks in the context of static estimators. It is shown that undetect... |

144 |
The wave-form relaxation method for time-domain analysis of large scale integrated circuits
- Lelarasmee, Ruehli, et al.
- 1982
(Show Context)
Citation Context ... under assumptions (A1)-(A7) requires the input ACw and hence continuous communication among control centers. To overcome this continuous communication obstacle we rely on waveform relaxation methods =-=[44]-=-, [45] developed for parallel numerical integration. The Gauss-Jacobi waveform relaxation applied to the filter (10) yields the waveform relaxation iteration E ˙w (k) (t) = (AD + GC)w (k) (t) + ACw (k... |

81 | Differential-Algebraic Equations - Analysis and Numerical Solution - Kunkel, Mehrmann - 2006 |

77 | A survey of linear singular systems, - Lewis - 1986 |

73 |
Expósito, Power System State Estimation: Theory and Implementation
- Abur, G
- 2000
(Show Context)
Citation Context ...nsistency of the measurements without knowledge of the system dynamics and without exploiting relations among measurements taken at discrete time instants. For instance, the bad data detector in [9], =-=[37]-=- is a static monitor. Then, an attack (BKuK, DKuK) is undetectable by a static monitor if and only if, for some state trajectory x : R≥0 → Rn and for all times t ∈ N it holds Cx(t) + DKuK(t) = 0. Note... |

66 | Research challenges for the security of control systems - Cárdenas, Amin, et al. - 2008 |

65 | Distributed function calculation via linear iterative strategies in the presence of malicious agents
- Sundaram, Hadjicostis
- 2011
(Show Context)
Citation Context ...corrupted measurements. Finally, security issues of specific cyber-physical systems have received considerable attention, such as power networks [15]–[19], linear networks with misbehaving components =-=[20]-=-, [21], and water networks [22], [23]. Contributions. The contributions of this paper are as follows. First, we describe a unified modeling framework for cyber-physical systems and attacks (Section II... |

64 |
Failure detection and identification
- Massoumnia, Verghese, et al.
- 1989
(Show Context)
Citation Context ...tacks on their data management and communication layer. Concerns about security of control systems are not new, as the numerous manuscripts on systems fault detection, isolation, and recovery testify =-=[6]-=-, [7]. Cyber-physical systems, however, suffer from specific vulnerabilities which do not affect classical control systems, and for which This material is based upon work supported in part by NSF gran... |

64 | Model-Based Fault Diagnosis Techniques: Design Schemes, Algorithms, and Tools - Ding - 2008 |

63 | Ekl, “Security technology for smart grid networks
- Metke, L
- 2010
(Show Context)
Citation Context ...t should be noticed that this result relies on the fact that the rotor angle measurement is known to be correct, because, for instance, it is protected using sophisticated and costly security methods =-=[29]-=-. Since the state of the IEEE 14 bus system can be reconstructed by means of this measurement only (the system turns out to be observable by measuring one generator rotor angle), the output attack Du ... |

58 |
der Woude. Generic properties and control of linear structured systems: a survey
- Dion, Commault, et al.
(Show Context)
Citation Context ...f the determinant |sE −A| = 0 for a generic realization of E and A, that is, |sE − A| = 0 holds in the whole parameter space of elements of E and A with exception of a low dimensional variety [24], =-=[38]-=-. Example 1: (Power network structural analysis) Consider the power network illustrated in Fig. 2(a), where, being ei the i-th canonical vector, we take [E] = blkdiag(1, 1, 1, M1, M2, M3, 0, 0, 0, 0, ... |

57 | Safe and Secure Networked Control Systems under Denial-of-Service Attacks. Number 5469
- Amin, Cardenas, et al.
- 2009
(Show Context)
Citation Context ...cal systems to external attacks has received increasing attention in the last years. The general approach has been to study the effect of specific attacks against particular systems. For instance, in =-=[8]-=- deception and denial of service attacks against a networked control system are defined, and, for the latter ones, a countermeasure based on semi-definite programming is proposed. Deception attacks re... |

55 | Consensus computation in unreliable networks: A system theoretic approach
- Pasqualetti, Bicchi, et al.
- 2012
(Show Context)
Citation Context ...ted measurements. Finally, security issues of specific cyber-physical systems have received considerable attention, such as power networks [15]–[19], linear networks with misbehaving components [20], =-=[21]-=-, and water networks [22], [23]. Contributions. The contributions of this paper are as follows. First, we describe a unified modeling framework for cyber-physical systems and attacks (Section II). Mot... |

51 | Multivariable Control. A Graph Theoretic Approach - Reinschke - 1988 |

38 | Kron reduction of graphs with applications to electrical networks. arXiv preprint arXiv:1102.2950 - Dorfler, Bullo - 2011 |

36 | Stealth attacks and protection schemes for state estimators in power systems
- Dan, Sandberg
- 2010
(Show Context)
Citation Context ...rk on geometric control theory [24], [25], our framework includes the deterministic static detection problem considered in [9], [10], and the prototypical deception and denial of service [8], stealth =-=[16]-=-, (dynamic) false-data injection [26], replay attacks [11], and covert attacks [12] as special cases. Second, we show the fundamental limitations of a class of monitors (Section III-A). This class inc... |

33 |
2007], Lessons learned from the Maroochy Water Breach
- Slay, Miller
(Show Context)
Citation Context ...lude transportation networks, power generation and distribution networks, water and gas distribution networks, and advanced communication systems. As recently highlighted by the Maroochy water breach =-=[1]-=- in March 2000, multiple recent power blackouts in Brazil [2], the SQL Slammer worm attack on the Davis-Besse nuclear plant in January 2003 [3], the StuxNet computer worm [4] in June 2010, and by vari... |

29 | Cyber security analysis of state estimators in electric power systems - Teixeira, Amin, et al. - 2010 |

27 |
2009b], Modeling and Control of Hydrosystems
- Litrico, Fromion
(Show Context)
Citation Context ...cyber-physical systems, such as gas transmission and distribution networks [32], large-scale process engineering plants [33], and water networks. Examples of water networks include open channel flows =-=[34]-=- for irrigation purposes and municipal water networks [35], [36]. The vulnerability of open channel networks to cyber-physical attacks has been studied in [12], [22], and municipal water networks are ... |

26 |
Simulation and Analysis of Gas Networks
- Osiadacz
- 1987
(Show Context)
Citation Context ... been identified as an issue of primary concern, see [19], [29] and [10], [16]–[18], [30], [31]. Mass transport networks are cyber-physical systems, such as gas transmission and distribution networks =-=[32]-=-, large-scale process engineering plants [33], and water networks. Examples of water networks include open channel flows [34] for irrigation purposes and municipal water networks [35], [36]. The vulne... |

24 | A screening methodology for the identification and ranking of infrastructure vulnerabilities due to terrorism - Apostolakis, Lemon - 2005 |

23 | Secure control against replay attack
- Mo, Sinopoli
- 2009
(Show Context)
Citation Context ...igned even when the attacker has limited resources. In a similar fashion, stealthy deception attacks against the Supervisory Control and Data Acquisition system are studied, among others, in [10]. In =-=[11]-=- the effect of replay attacks on a control system is discussed. Replay attacks are cast by hijacking the sensors, recording the readings for a certain amount of time, and repeating such readings while... |

23 |
Cyber–physical system security for the electric power grid
- Sridhar, Hahn, et al.
- 2012
(Show Context)
Citation Context ...d, and a decoding algorithm is proposed to detect corrupted measurements. Finally, security issues of specific cyber-physical systems have received considerable attention, such as power networks [15]–=-=[19]-=-, linear networks with misbehaving components [20], [21], and water networks [22], [23]. Contributions. The contributions of this paper are as follows. First, we describe a unified modeling framework ... |

23 |
2010], Stealthy deception attacks on water SCADA systems
- Amin, Litrico, et al.
(Show Context)
Citation Context ..., security issues of specific cyber-physical systems have received considerable attention, such as power networks [15]–[19], linear networks with misbehaving components [20], [21], and water networks =-=[22]-=-, [23]. Contributions. The contributions of this paper are as follows. First, we describe a unified modeling framework for cyber-physical systems and attacks (Section II). Motivated by existing cyber-... |

23 | Challenges for securing cyber physical systems - Cárdenas, Amin, et al. - 2009 |

18 |
Control of Nonlinear Differential Algebraic Equation Systems
- Kumar, Daoutidis
- 1999
(Show Context)
Citation Context ...rn, see [19], [29] and [10], [16]–[18], [30], [31]. Mass transport networks are cyber-physical systems, such as gas transmission and distribution networks [32], large-scale process engineering plants =-=[33]-=-, and water networks. Examples of water networks include open channel flows [34] for irrigation purposes and municipal water networks [35], [36]. The vulnerability of open channel networks to cyber-ph... |

16 |
Stuxnet and the future of cyber war
- Farwell, Rohozinski
- 2011
(Show Context)
Citation Context ...the Maroochy water breach [1] in March 2000, multiple recent power blackouts in Brazil [2], the SQL Slammer worm attack on the Davis-Besse nuclear plant in January 2003 [3], the StuxNet computer worm =-=[4]-=- in June 2010, and by various industrial security incidents [5], cyber-physical systems are prone to failures and attacks on their physical infrastructure, and cyber attacks on their data management a... |

16 | Cyber-physical attacks in power networks: Models, fundamental limitations and monitor design
- Pasqualetti, Dorfler, et al.
- 2011
(Show Context)
Citation Context ...ttack signal uS satisfying y(t) = y(x0, uK, t) = y(x1, uS, t). Our consistency assumption ensures that false-alarms are not triggered by our monitors. Examples of monitors can be found in [10], [11], =-=[17]-=-. The objective of a monitor is twofold: Definition 1: (Attack detection and identification) Consider system (1) with nonzero attack (BKuK, DKuK). The attack (BKuK, DKuK) is detected by a monitor Φ if... |

15 | Optimization models for operative planning in drinking water networks - Burgschweiger, Gnädig, et al. - 2009 |

13 |
Secure state-estimation for dynamical systems under active adversaries
- Hamza, Tabuada, et al.
- 2011
(Show Context)
Citation Context ...on Stackelberg control law is proposed to stabilize the control system despite the attack. Recently the problem of estimating the state of a linear system with corrupted measurements has been studied =-=[14]-=-. More precisely, the maximumnumber of tolerable faulty sensors is characterized, and a decoding algorithm is proposed to detect corrupted measurements. Finally, security issues of specific cyber-phy... |

13 | Distributed internet-based load altering attacks against smart power grids
- Mohsenian-Rad, Leon-Garcia
- 2011
(Show Context)
Citation Context ...l combine physical dynamics with a sophisticated coordination infrastructure. The cyber-physical security of the grid has been identified as an issue of primary concern, see [19], [29] and [10], [16]–=-=[18]-=-, [30], [31]. Mass transport networks are cyber-physical systems, such as gas transmission and distribution networks [32], large-scale process engineering plants [33], and water networks. Examples of ... |

13 |
Observer-based monitors and distributed wave controllers for electromechanical disturbances in power systems
- Scholtz
- 2004
(Show Context)
Citation Context ...ine physical dynamics with a sophisticated coordination infrastructure. The cyber-physical security of the grid has been identified as an issue of primary concern, see [19], [29] and [10], [16]–[18], =-=[30]-=-, [31]. Mass transport networks are cyber-physical systems, such as gas transmission and distribution networks [32], large-scale process engineering plants [33], and water networks. Examples of water ... |

12 |
False data injection attacks in control systems
- Mo, Sinopoli
- 2010
(Show Context)
Citation Context ...[25], our framework includes the deterministic static detection problem considered in [9], [10], and the prototypical deception and denial of service [8], stealth [16], (dynamic) false-data injection =-=[26]-=-, replay attacks [11], and covert attacks [12] as special cases. Second, we show the fundamental limitations of a class of monitors (Section III-A). This class includes the widely-studied static, dyna... |

12 | A graph theoretic characterization of power network vulnerabilities
- Pasqualetti, Bicchi, et al.
- 2011
(Show Context)
Citation Context ...ysical dynamics with a sophisticated coordination infrastructure. The cyber-physical security of the grid has been identified as an issue of primary concern, see [19], [29] and [10], [16]–[18], [30], =-=[31]-=-. Mass transport networks are cyber-physical systems, such as gas transmission and distribution networks [32], large-scale process engineering plants [33], and water networks. Examples of water networ... |

10 |
der Woude, “A graph-theoretic characterization for the rank of the transfer matrix of a structured system
- van
- 1991
(Show Context)
Citation Context ...se conditions are generic, in the sense that they hold for almost all numerical systems with the same structure, and they can be efficiently verified. As a complementary result, we extend a result of =-=[27]-=- on structural left-invertibility to regular descriptor systems. Finally, with respect to our earlier work [20], [21], we consider continuous-time descriptor systems, and we include parameters constra... |

10 |
Invariant subspaces and invertibility properties for singular systems: The general case,” Linear Algebra and its
- Geerts
- 1993
(Show Context)
Citation Context ...able attacks for the attack set K is equivalent to the existence of invariant zeros for the system (E, A, BK, C, DK). For the notions of zero dynamics and invariant zeros we refer the reader to [25], =-=[28]-=-. The following theorem shows that analogous statements hold for the identifiability of attacks. Theorem 3.4: (Identifiability of cyber-physical attacks) For the descriptor system (1) and an attack se... |

8 |
The day the samba stopped
- Conti
(Show Context)
Citation Context ...on networks, water and gas distribution networks, and advanced communication systems. As recently highlighted by the Maroochy water breach [1] in March 2000, multiple recent power blackouts in Brazil =-=[2]-=-, the SQL Slammer worm attack on the Davis-Besse nuclear plant in January 2003 [3], the StuxNet computer worm [4] in June 2010, and by various industrial security incidents [5], cyber-physical systems... |

7 | A decoupled feedback structure for covertly appropriating networked control systems - Smith - 2011 |

7 | Finite Zeros in Discrete Time Control Systems, ser. Lecture notes in control and information sciences - Tokarzewski - 2006 |

6 |
A fault diagnosis and security framework for water systems
- Eliades, Polycarpou
- 2010
(Show Context)
Citation Context ...rity issues of specific cyber-physical systems have received considerable attention, such as power networks [15]–[19], linear networks with misbehaving components [20], [21], and water networks [22], =-=[23]-=-. Contributions. The contributions of this paper are as follows. First, we describe a unified modeling framework for cyber-physical systems and attacks (Section II). Motivated by existing cyber-physic... |

5 |
SQL Slammer worm lessons learned for consideration by the electricity sector,” North American Electricity Reliability Council (NERC
- Kuvshinkova
- 2003
(Show Context)
Citation Context ...ms. As recently highlighted by the Maroochy water breach [1] in March 2000, multiple recent power blackouts in Brazil [2], the SQL Slammer worm attack on the Davis-Besse nuclear plant in January 2003 =-=[3]-=-, the StuxNet computer worm [4] in June 2010, and by various industrial security incidents [5], cyber-physical systems are prone to failures and attacks on their physical infrastructure, and cyber att... |

5 |
On convergence conditions of waveform relaxation methods for linear differential-algebraic equations
- Bai, Yang
(Show Context)
Citation Context ... assumptions (A1)-(A7) requires the input ACw and hence continuous communication among control centers. To overcome this continuous communication obstacle we rely on waveform relaxation methods [44], =-=[45]-=- developed for parallel numerical integration. The Gauss-Jacobi waveform relaxation applied to the filter (10) yields the waveform relaxation iteration E ˙w (k) (t) = (AD + GC)w (k) (t) + ACw (k−1) (t... |

4 |
Comprehensive Water Distribution Systems Analysis Handbook for Engineers and Planners
- Boulos, Lansey, et al.
- 2006
(Show Context)
Citation Context ...n networks [32], large-scale process engineering plants [33], and water networks. Examples of water networks include open channel flows [34] for irrigation purposes and municipal water networks [35], =-=[36]-=-. The vulnerability of open channel networks to cyber-physical attacks has been studied in [12], [22], and municipal water networks are also known to be susceptible to attacks on the hydraulics [1] an... |

4 |
Geometric design techniques for observers in singular systems
- Lewis
- 1990
(Show Context)
Citation Context ...D † † K )C 0 (I − DKD K )DR ]The statement follows. The second design step of our attack identification monitor relies on the concept of conditioned invariant subspace. We refer to [24], [25], [28], =-=[49]-=- for a comprehensive discussion of geometric control theory. Let S ∗ be the conditioned invariant subspace associated with the system (E, A, B, C, D), that is, the smallest subspace of the state space... |

4 | Attack Detection and Identification - Pasqualetti, Dörfler, et al. |

3 | Graph-theoretic approach to symbolic analysis of linear descriptor systems - Reinschke - 1994 |

3 |
A report prepared by the reliability test system task force of the application of probability methods sub committee
- Wong, Albrecht, et al.
- 1999
(Show Context)
Citation Context ...me. D. An example of detection and identification in the presence of noise and model uncertainties We apply our centralized attack detection and identification methods to the IEEE RTS96 power network =-=[52]-=-. In particular, we first consider the nominal case, in which the power network dynamics evolve as linear time-invariant descriptor system, as described in Section II. Second, we consider the case of ... |

3 |
Stackelberg-game analysis of correlated attacks in cyber-physical systems
- Zhu, Martı́nez
- 2011
(Show Context)
Citation Context ...stems is investigated. Specifically, a parameterized decoupling structure allows a covert agent to alter the behavior of the physical plant while remaining undetected from the original controller. In =-=[13]-=- a resilient control problem is studied, in which control packets transmitted over a network are corrupted by a human adversary. A receding-horizon Stackelberg control law is proposed to stabilize the... |

2 |
Hackers vs slackers,” Engineering
- Richards
- 2008
(Show Context)
Citation Context ...wer blackouts in Brazil [2], the SQL Slammer worm attack on the Davis-Besse nuclear plant in January 2003 [3], the StuxNet computer worm [4] in June 2010, and by various industrial security incidents =-=[5]-=-, cyber-physical systems are prone to failures and attacks on their physical infrastructure, and cyber attacks on their data management and communication layer. Concerns about security of control syst... |

2 |
The potential for malicious control in a competitive power systems environment
- DeMarco, Sariashkar, et al.
- 1996
(Show Context)
Citation Context ...erized, and a decoding algorithm is proposed to detect corrupted measurements. Finally, security issues of specific cyber-physical systems have received considerable attention, such as power networks =-=[15]-=-–[19], linear networks with misbehaving components [20], [21], and water networks [22], [23]. Contributions. The contributions of this paper are as follows. First, we describe a unified modeling frame... |

1 |
Distributed estimation in continuous time with discrete communication
- Dörfler, Pasqualetti, et al.
- 2012
(Show Context)
Citation Context ... iteration k. In practice, only an approximation or a finite basis representation ˆw (k) i (t) can be transmitted. The error due to this approximation can be characterized, and we refer the reader to =-=[46]-=-. □ C. Complexity of the attack identification problem In this subsection we study the problem of attack identification, that is, the problem of identifying from measurements the state and output vari... |

1 |
Matrix pencils: Theory, applications, and numerical methods
- Ikramov
- 1993
(Show Context)
Citation Context ...E −1 S ∗ and M = S ∗ . Notice that (A + LC)E −1 S ∗ ⊆ S ∗ by the invariance property of S ∗ [28], [49]. It follows that L and M are a pair of right deflating subspaces for the matrix pair (A + LC, E) =-=[50]-=-, that is, M = AL + EL and dim(M) ≤ dim(L). The sparsity pattern in the descriptor and dynamic matrices ˜ E and Ã of (25) arises by construction of the right deflating subspaces P and Q [50, Eq. (2.17... |

1 | Epanet 2, water distribution system modeling software - Rossman - 2000 |