Abstract:
This article considers the design and analysis of multiple moving target defenses for recognizing and isolating attacks on cyber-physical systems. We consider attackers w...Show MoreMetadata
Abstract:
This article considers the design and analysis of multiple moving target defenses for recognizing and isolating attacks on cyber-physical systems. We consider attackers who perform integrity attacks on some set of sensors and actuators in a control system. In such cases, it has been shown that a model aware adversary can carefully design attack vectors to bypass bad data detection and identification filters while causing damage to the control system. To counter such an attacker, we propose the moving target defense which introduces stochastic, time-varying parameters in the control system. The underlying random dynamics of the system limit an attacker's knowledge of the model and inhibit his or her ability to construct stealthy attack sequences. Moreover, the time-varying nature of the dynamics thwarts adaptive adversaries. We explore three main designs. First, we consider a hybrid system where parameters within the existing plant are switched among multiple modes. We demonstrate how such an approach can enable both the detection and identification of malicious nodes. Next, we investigate the addition of an extended system with dynamics that are coupled to the original plant but do not affect the system performance. Here, an attack on the original system will affect the authenticating subsystem and in turn be revealed by a set of sensors measuring the extended plant. Finally, we propose the use of sensor nonlinearities to enhance the effectiveness of the moving target defense. The nonlinear dynamics act to conceal normal operational behavior from an attacker who has tampered with the system state, further hindering an attacker's ability to glean information about the time-varying dynamics. In all cases mechanisms for analysis and design are proposed. Finally, we analyze attack detectability for each moving target defense by investigating expected lower bounds on the detection statistic. Our contributions are also tested via simulation.
Published in: IEEE Transactions on Automatic Control ( Volume: 66, Issue: 5, May 2021)
Funding Agency:
Department of Electrical and Computer Engineering, Carnegie Mellon University, Pittsburgh, PA, USA
Paul Griffioen (Student Member, IEEE) received the B.S. degree in engineering, electrical/computer concentration in 2016 from Calvin College, Grand Rapids, MI, USA and the M.S. degree in electrical and computer engineering in 2018 from Carnegie Mellon University, Pittsburgh, PA, USA, where he is currently working toward the Ph.D. degree in electrical and computer engineering.
His research interests include the modeling, an...Show More
Paul Griffioen (Student Member, IEEE) received the B.S. degree in engineering, electrical/computer concentration in 2016 from Calvin College, Grand Rapids, MI, USA and the M.S. degree in electrical and computer engineering in 2018 from Carnegie Mellon University, Pittsburgh, PA, USA, where he is currently working toward the Ph.D. degree in electrical and computer engineering.
His research interests include the modeling, an...View more
Department of Electrical and Computer Engineering, Carnegie Mellon University, Pittsburgh, PA, USA
Sean Weerakkody (Member, IEEE) received the B.S. degree in electrical engineering and mathematics from the University of Maryland, College Park, MD, USA, in 2012 and the Ph.D. degree in electrical and computer engineering from Carnegie Mellon University, Pittsburgh PA, USA, in 2018.
His research interests include secure design and active detection in cyber-physical systems and estimation in sensor networks.
Dr. Weerakkody w...Show More
Sean Weerakkody (Member, IEEE) received the B.S. degree in electrical engineering and mathematics from the University of Maryland, College Park, MD, USA, in 2012 and the Ph.D. degree in electrical and computer engineering from Carnegie Mellon University, Pittsburgh PA, USA, in 2018.
His research interests include secure design and active detection in cyber-physical systems and estimation in sensor networks.
Dr. Weerakkody w...View more
Department of Electrical and Systems Engineering, Washington University in St. Louis, St. Louis, MO, USA
Bruno Sinopoli (Senior Member, IEEE) received the Dr. Eng. degree from the University of Padova, Padua, Italy, in 1998 and the M.S. and Ph.D. degrees in electrical engineering from the University of California at Berkeley, Berkeley, CA, USA, in 2003 and 2005, respectively.
After a Postdoctoral Position with Stanford University, Stanford, CA, USA, he was the faculty with the Carnegie Mellon University, Pittsburgh, PA, USA, ...Show More
Bruno Sinopoli (Senior Member, IEEE) received the Dr. Eng. degree from the University of Padova, Padua, Italy, in 1998 and the M.S. and Ph.D. degrees in electrical engineering from the University of California at Berkeley, Berkeley, CA, USA, in 2003 and 2005, respectively.
After a Postdoctoral Position with Stanford University, Stanford, CA, USA, he was the faculty with the Carnegie Mellon University, Pittsburgh, PA, USA, ...View more
Contents Department of Electrical and Computer Engineering, Carnegie Mellon University, Pittsburgh, PA, USA
Paul Griffioen (Student Member, IEEE) received the B.S. degree in engineering, electrical/computer concentration in 2016 from Calvin College, Grand Rapids, MI, USA and the M.S. degree in electrical and computer engineering in 2018 from Carnegie Mellon University, Pittsburgh, PA, USA, where he is currently working toward the Ph.D. degree in electrical and computer engineering.
His research interests include the modeling, analysis, and design of active detection techniques and resilient mechanisms for secure cyber-physical systems.
Paul Griffioen (Student Member, IEEE) received the B.S. degree in engineering, electrical/computer concentration in 2016 from Calvin College, Grand Rapids, MI, USA and the M.S. degree in electrical and computer engineering in 2018 from Carnegie Mellon University, Pittsburgh, PA, USA, where he is currently working toward the Ph.D. degree in electrical and computer engineering.
His research interests include the modeling, analysis, and design of active detection techniques and resilient mechanisms for secure cyber-physical systems.View more
Department of Electrical and Computer Engineering, Carnegie Mellon University, Pittsburgh, PA, USA
Sean Weerakkody (Member, IEEE) received the B.S. degree in electrical engineering and mathematics from the University of Maryland, College Park, MD, USA, in 2012 and the Ph.D. degree in electrical and computer engineering from Carnegie Mellon University, Pittsburgh PA, USA, in 2018.
His research interests include secure design and active detection in cyber-physical systems and estimation in sensor networks.
Dr. Weerakkody was awarded the National Defense Science and Engineering Graduate fellowship in 2014 and the Siebel Scholarship in Energy Science in 2018.
Sean Weerakkody (Member, IEEE) received the B.S. degree in electrical engineering and mathematics from the University of Maryland, College Park, MD, USA, in 2012 and the Ph.D. degree in electrical and computer engineering from Carnegie Mellon University, Pittsburgh PA, USA, in 2018.
His research interests include secure design and active detection in cyber-physical systems and estimation in sensor networks.
Dr. Weerakkody was awarded the National Defense Science and Engineering Graduate fellowship in 2014 and the Siebel Scholarship in Energy Science in 2018.View more
Department of Electrical and Systems Engineering, Washington University in St. Louis, St. Louis, MO, USA
Bruno Sinopoli (Senior Member, IEEE) received the Dr. Eng. degree from the University of Padova, Padua, Italy, in 1998 and the M.S. and Ph.D. degrees in electrical engineering from the University of California at Berkeley, Berkeley, CA, USA, in 2003 and 2005, respectively.
After a Postdoctoral Position with Stanford University, Stanford, CA, USA, he was the faculty with the Carnegie Mellon University, Pittsburgh, PA, USA, from 2007 to 2019, where he was a Full Professor with the Department of Electrical and Computer Engineering with courtesy appointments in mechanical engineering and with the Robotics Institute and Co-Director of the Smart Infrastructure Institute, a research center aimed at advancing innovation in the modeling analysis and design of smart infrastructure. In 2019, he joined Washington University in Saint Louis, St. Louis, MO, USA, where he is the Chair of the Electrical and Systems Engineering Department. His research interests include the modeling, analysis and design of secure by design cyber-physical systems with applications to energy systems, interdependent infrastructures, and Internet of Things.
Dr. Sinopoli was awarded the 2006 Eli Jury Award for outstanding research achievement in the areas of systems, communications, control and signal processing at U.C. Berkeley, the 2010 George Tallman Ladd Research Award from Carnegie Mellon University, and the NSF Career Award in 2010.
Bruno Sinopoli (Senior Member, IEEE) received the Dr. Eng. degree from the University of Padova, Padua, Italy, in 1998 and the M.S. and Ph.D. degrees in electrical engineering from the University of California at Berkeley, Berkeley, CA, USA, in 2003 and 2005, respectively.
After a Postdoctoral Position with Stanford University, Stanford, CA, USA, he was the faculty with the Carnegie Mellon University, Pittsburgh, PA, USA, from 2007 to 2019, where he was a Full Professor with the Department of Electrical and Computer Engineering with courtesy appointments in mechanical engineering and with the Robotics Institute and Co-Director of the Smart Infrastructure Institute, a research center aimed at advancing innovation in the modeling analysis and design of smart infrastructure. In 2019, he joined Washington University in Saint Louis, St. Louis, MO, USA, where he is the Chair of the Electrical and Systems Engineering Department. His research interests include the modeling, analysis and design of secure by design cyber-physical systems with applications to energy systems, interdependent infrastructures, and Internet of Things.
Dr. Sinopoli was awarded the 2006 Eli Jury Award for outstanding research achievement in the areas of systems, communications, control and signal processing at U.C. Berkeley, the 2010 George Tallman Ladd Research Award from Carnegie Mellon University, and the NSF Career Award in 2010.View more
