Abstract
We introduce a new paradigm to the field of control theory: “secure sensor design”. Particularly, we design sensor outputs cautiously against advanced persistent threats that can intervene in cyber-physical systems. Such threats are designed for the very specific target systems and seeking to achieve their malicious goals in the long term while avoiding intrusion detection. Since such attacks can avoid detection mechanisms, the controller of the system could have already been intervened in by an adversary. Disregarding such a possibility and disclosing information without caution can have severe consequences. Therefore, through secure sensor design, we seek to minimize the damage of such undetected attacks in cyber-physical systems while impacting the ordinary operations of the system at minimum. We, specifically, consider a controlled Markov-Gaussian process, where a sensor observes the state of the system and discloses information to a controller that can have friendly or adversarial intentions. We show that sensor outputs that are memoryless and linear in the state of the system can be optimal, in the sense of game-theoretic hierarchical equilibrium, within the general class of strategies. We also provide a semi-definite programming based algorithm to design the secure sensor outputs numerically.
This research was supported by the U.S. Office of Naval Research (ONR) MURI grant N00014-16-1-2710.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Even though we consider time invariant matrices A and B for notational simplicity, the provided results could also be extended to time-variant cases.
- 2.
E.g., horizon length is n.
- 3.
\(\mathsf {B}^m\) denotes the Borel \(\sigma \)-algebra on \(\mathbb {R}^m\).
- 4.
Note the resemblance to (26).
References
Başar, T., Olsder, G.: Dynamic Noncoopertative Game Theory. Society for Industrial Mathematics (SIAM) Series in Classics in Applied Mathematics. SIAM, Philadelphia (1999)
Bansal, R., Başar, T.: Simultaneous design of measurement and control strategies for stochastic systems with feedback. Automatica 25(5), 679–694 (1989)
Billingsley, P.: Probability and Measure. Wiley, New Jersey (2012)
Brangetto, P., Aubyn, M.K.-S.: Economic aspects of national cyber security strategies. Technical report, NATO Cooperative Cyber Defense Centre of Excellence Tallinn, Estonia (2015)
Chen, Y., Kar, S., Moura, J.M.F.: Cyber physical attacks constrained by control objectives. In: Proceedings of American Control Conference (ACC), pp. 1185–1190 (2016)
Chen, Y., Kar, S., Moura, J.M.F.: Cyber physical attacks with control objectives and detection constraints. In: Proceedings of the 55th IEEE Conference on Decision and Control (CDC), pp. 1125–1130 (2016)
Fawzi, H., Tauada, P., Diggavi, S.: Secure estimation and control for cyber physical systems under adversarial attacks. IEEE Trans. Autom. Control 59(6), 1454–1467 (2014)
Karnouskos, S.: Stuxnet worm impact on industrial cyber-physical system security. In: Proceedings of IEEE Industrial Electronics Society (IECON) (2011)
Khaitan, S.K., McCalley, J.D.: Design techniques and applications of cyberphysical systems: a survey. IEEE Syst. J. 9(2), 350–365 (2014)
Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S.: Experimental security analysis of a modern automobile. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 447–462, 2010
Kumar, P.R., Varaiya, P.: Stochastic Systems: Estimation, Identification and Adaptive Control. Prentice Hall, Englewood Cliffs (1986)
Liberzon, D.: Calculus of Variations and Optimal Control Theory: A Concise Introduction. Princeton University Press, Princeton (2011)
Miao, F., Zhu, Q., Pajic, M., Pappas, G.J.: Coding schemes for securing cyber-physical systems against stealthy data injection attacks. IEEE Trans. Autom. Control 4, 106–117 (2017)
Mo, Y., Sinopoli, B.: Integrity attacks on cyber-physical systems. In: Proceedings of the 1st ACM International Conference on High Confidence Networked Systems, pp. 47–54, 2012
Myerson, R.B.: Game Theory: Analysis of Conflict. Harvard University Press, Cambridge (1997)
Nelson, N.: The impact of Dragonfly malware on industrial control systems. The SANS Institute (2016)
Paruchuri, P., Pearce, J.P., Marecki, J., Tambe, M., Ordonez, F., Karus, S.: Playing games for security: An efficient exact algorithm for solving Bayesian Stackelberg games. In: Proceedings of Autonomous Agents and Multiagent Systems (AAMAS) (2008)
Pasqualetti, F., Dorfler, F., Bullo, F.: Attack detection and identification in cyber-physical systems. IEEE Trans. Autom. Control 58(11), 2715–2729 (2013)
Sayin, M.O., Akyol, E., Başar, T.: Hierarchical multi-stage Gaussian signaling games: strategic communication and control. Automatica, arXiv:1609.09448 (2017, submitted)
Zhang, R., Venkitasubramaniam, P.: Stealthy control signal attacks in linear quadratic Gaussian control systems: detectability reward tradeoff. IEEE Trans. Inf. Forensics Secur. 12(7), 1555–1570 (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Appendix: Proof of Lemma 4
A Appendix: Proof of Lemma 4
Let \(\pmb {y}_1 = h(\pmb {x})\) and \(\pmb {y}_2 = h(\pmb {x}+c)\) be random variables, where c is a deterministic shift vector of the same dimension as \(\pmb {x}\). Then, for any \(B \in \mathsf {B}^p\), we have \(\pmb {y}_1^{-1}(B) = \{\omega \in \varOmega : \pmb {y}_1(\omega ) \in B\} = \{\omega \in \varOmega : h(\pmb {x})(\omega )\in B\} = \{\omega \in \varOmega : \pmb {x}(\omega ) \in h^{-1}(B)\}\). Correspondingly, we also have \(\pmb {y}_2^{-1}(B) = \{\omega \in \varOmega : \pmb {y}_2(\omega ) \in B\} = \{\omega \in \varOmega : h(\pmb {x}+ c)(\omega )\in B\} = \{\omega \in \varOmega : \pmb {x}(\omega ) \in h^{-1}(B) - c\}\). Note that the \(\sigma \)-algebras generated by the random variables \(\pmb {y}_1\) and \(\pmb {y}_2\) are given by \(\sigma (\pmb {y}_i) = \{\pmb {y}_i^{-1}(B): B \in \mathsf {B}^p\}\), for \(i=1,2\) [3]. This implies that \(\sigma (\pmb {y}_1) = \{\{\omega \in \varOmega : \pmb {x}(\omega ) \in h^{-1}(B)\}: B\in \mathsf {B}^p\}\) and \(\sigma (\pmb {y}_2) = \{\{\omega \in \varOmega : \pmb {x}(\omega ) \in h^{-1}(B)-c\}: B\in \mathsf {B}^p\}\). Furthermore, for each \(B \in \mathsf {B}^p\), there exists \(B_2 \in \mathsf {B}^p\) such that
since Borel sets are shift invariant [3]. Therefore, we have
and correspondingly, we obtain (41).
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Sayin, M.O., Başar, T. (2017). Secure Sensor Design for Cyber-Physical Systems Against Advanced Persistent Threats. In: Rass, S., An, B., Kiekintveld, C., Fang, F., Schauer, S. (eds) Decision and Game Theory for Security. GameSec 2017. Lecture Notes in Computer Science(), vol 10575. Springer, Cham. https://doi.org/10.1007/978-3-319-68711-7_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-68711-7_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-68710-0
Online ISBN: 978-3-319-68711-7
eBook Packages: Computer ScienceComputer Science (R0)