2016 UKACC 11th International Conference on Control (CONTROL)
Belfast, UK, 31st August - 2nd September, 2016
Security Analysis of Stochastic Networked Control
Systems under False Data Injection Attacks
Liang Hu1,2 , Zidong Wang1 , and Wasif Naeem2
1
Department of Computer Science, Brunel University London, UK
Email: {liang.hu, Zidong.Wang}@brunel.ac.uk
2
School of Electronics, Electrical Engineering and Computer Science, Queen’s University Belfast
Email: {l.hu, w.naeem}@qub.ac.uk
Abstract—In this paper, the security issue is investigated for
networked control systems (NCSs) where the physical plant is
controlled by a remote observer-based controller. The commu-
nication channel from system measurement to remote control
centre is vulnerable to attacks from malicious adversaries. Here,
false data injection (FDI) attacks are considered. The aim is
to find the so-called insecurity conditions under which the NCS
is insecure in the sense that there exist FDI attacks that can
bypass the anomaly detector but still destabilize the overall
system. In particular, a new necessary and sufficient condition
for the insecurity is derived when the communication channel is
compromised by the adversary. Moreover, a specific algorithm
is proposed with which the NCS is shown to be insecure. A
simulation example is utilized to demonstrate the usefulness of
the proposed conditions/algorithms in the secure control problem.
Index Terms—False data injection attacks, Security analysis,
Networked control systems
I. I NTRODUCTION
In the past two decades, the study of networked control
systems (NCSs) has been a focus of research due to its wide
applications in many fields such as automotive industry and
process control engineering [7]. The components of NCSs are
connected through wired or wireless networks, and therefore
possess several advantages over traditional control systems
such as low cost, reduced weight and power requirements.
However, inserting a network to a control loop may cause
new problems that will deteriorate the system performance.
So far, the networked-induced phenomena (e.g. signal trans-
mission delay, packet dropout and data quantization) have
been extensively investigated [5], [18]. Additionally, the use
of communication networks makes the system vulnerable to
cyber-attacks, and the possible malicious attacks on NCSs
may cause negative impact on the economy, the environment
and the national security. Despite its clear engineering insight
and societal significance, the security issue of NCSs has not
attracted adequate research attention yet mainly due to the
complexities in modelling cyber-attacks.
The first-ever cyber-attack in real-world control systems
called Stuxnet was reported in 2010 [3]. Since then, the
cyber-security issue in NCSs has been a hot topic of re-
search that stirs considerable interest. Unlike the traditional
cyber-attacks that primarily cause damages in the computer
978-1-4673-9891-6/16/$31.00 ©2016 IEEE
networks and information systems, the attacks on NCSs are
aimed at deteriorating the system performance in the physical
layer. As such, existing information security methods (e.g.
authentication, access control, message integrity) which do
not explicitly exploit the system dynamics of the underlying
physical process, are unsuitable since system dynamics is
often the target for cyber-attacks. This situation motivates the
current investigation in this paper.
The false data injection (FDI) attack is the most common
one among all kinds of cyber-attacks. Through modifying
the data packets, the FDI attack violates data integrity of
the communication networks. Compared with other cyber-
attacks such as denial-of-service attacks, FDI attacks are more
difficult to detect because the adversary could keep the attacks
stealthy to the anomaly detector in NCSs through deliberately
designing the attack sequences. Based on a static system
model, the FDI attacks have been considered in [9], [11], [17]
for the state estimation problems of power systems.
In addition, the cyber-security of dynamical systems has
also been investigated. Specifically, for deterministic systems
without noises, fundamental issues such as detectability and
identifiability for FDI attacks have been analysed and efficient
control algorithms have been developed against FDI attacks in
[4], [16]. In [14], [15], the data encryption scheme (together
with time-stamp techniques) has been adopted to detect the
deception attacks and compensate the side-effects. However, as
highlighted in [8], the detection task of malicious behaviors for
stochastic systems (with external noise) is more difficult than
that for deterministic (without stochastic noise) because of the
fact that the injected attack by the adversary could be mistaken
as a type of noises by the protection devices. Noting the fact
that in practice most of NCSs work in noisy environments, it
is important yet challenging to analyse the cyber-security for
stochastic NCSs.
In this paper, the aim is to propose a new insecurity
condition for stochastic NCS under FDI attacks. Specifically,
when the communication channel from the sensor to the state
estimator in the remote control centre is compromised by the
adversary, a new necessary and sufficient condition is proposed
under which the system is insecure in the sense that the
FDI attacks can bypass the anomaly detector but destabilize
the NCS. Such a new condition is shown to be concise that
simplifies the existing results in [10], [12]. Moreover, a specific
algorithm is developed for generating the attack sequence with
which the system is insecure. The algorithm can be used for
cyber-security test in simulation and further development of
protection countermeasures.
The remainder of this paper is organized as follows. The
security problem of NCSs under cyber-attacks is formulated
in Section II. In Section III, the system security under FDI
attacks is analysed and further an algorithm for generating
attacks is proposed. An Example for illustration is given in
Section IV and the paper is concluded in Section V.
Notation: N, R and C denote, respectively, the set of non-
negative integers, the set of all real numbers, and the set of
all complex numbers. {x(k)} denotes an infinite sequence
x(1), x(2), · · · , x(k), · · · . Rn×m (Cn×m ) denotes the set of
all n × m real (complex) matrices, and Rn denotes the n
dimensional Euclidean space. For α ∈ C, Re(α) and |α|
denote its real part and its modulus, respectively. For a ∈ Rn ,
kak denotes its l2 norm. For a matrix P ∈ Rn×m , P T , P −1 ,
Tr{P } and Rk{P } represent its transpose, inverse, trace, and Fig. 1. The NCS under FDI attacks
rank, respectively. For square matrix A, det(A) stands for the
determinant of A, and ρ(A) stands for the spectral radius of A.
that the matrix pairs (A, B) and (A, C) are controllable and
diag{· · · } and I denote a block-diagonal matrix and identity
observable, respectively.
matrix of compatible dimension, respectively, and Im (0m )
s A time-invariant observer-based feedback controller is pro-
denotes the m × m-dimensional identity (zeros) matrix. Im
posed to be employed in the remote control centre, and the
denotes the s-th column of m×m-dimensional identity matrix
s−1 linear estimator E and the linear controller C, respectively, are
s
 z }| { T
Im , e.g, Im = 0, . . . , 0, 1, 0, . . . , 0 . described as follows:
|
m
{z } E : x̂(k + 1) = Ax̂(k) + Bu(k) + Kz(k + 1)
II. P ROBLEM FORMULATION z(k + 1) = y(k + 1) − C(Ax̂(k) + Bu(k)) (2)
In this section, the model of FDI attacks is described C : u(k + 1) = Lx̂(k + 1)
and how the injected attacks affect the system dynamics is where x̂(k + 1), u(k + 1) and z(k + 1) are the state estimate,
analysed. The structure of the NCS under cyber-attacks is the control input and the estimation residual at time instant
shown in Fig. 1. For presentation convenience, first the NCS k + 1, respectively. Throughout this paper, it is assumed that
without cyber-attacks is introduced (i.e., y a (k) = y(k) in the overall system converges to its steady state.
Fig. 1). Define the estimation error e(k) := x(k) − x̂(k), then the
dynamics of e(k) can be given as follows:
A. NCS without cyber-attacks
From Fig. 1, it can be found that the overall system is e(k + 1) = Ae(k) − Kz(k + 1) + ω(k). (3)
composed of four parts: the physical plant (P), the state
It is well known that the controller (2) stabilizes the system (1)
estimator (E), the controller (C) and the anomaly detector
if and only if the matrices (I − KC)A and A + BL are stable
(D). The latter three parts are co-located in the remote control
[6]. In this paper, it is assumed that the closed-loop NCS is
centre, which communicates with the physical plant through
stable by choosing appropriate estimator and controller gains
communication networks.
K, L.
Let the physical plant be given by:
Anomaly detectors are often used to detect abnormal op-
erations. Here, it is assumed that a χ2 anomaly detector is
(
x(k + 1) = Ax(k) + Bu(k) + ω(k)
P: (1) deployed. At each time instant k, the χ2 anomaly detector
y(k) = Cx(k) + ν(k)
first computes the value g(k) = z T (k)(CΣC T + R)−1 z(k)
where x(k) ∈ Rn is the system state, u(k) ∈ Rq is the where Σ is the steady estimation error covariance, and then
control input, and y(k) ∈ Rm is the measurement output. compares g(k) with a prescribed threshold α. If g(k) > α,
The initial state x(0) has mean x̄(0) and covariance Σ(0), then an alarm will be triggered. When the system operates
the process noise ω(k) ∈ Rn and the measurement noise normally (i.e. without attacks), g(k) satisfies a χ2 distribution
ν(k) ∈ Rm are assumed to be mutually uncorrelated, zero- implying low probability of a large g(k) [1].
mean random signals with known covariance matrices W In practice, the wired or wireless network, which connects
and R, respectively. Throughout this paper, it is assumed the physical plant and the remote control centre, is prone to
cyber-attacks launched by malicious attackers. Next a typical
cyber-attack the FDI attack is introduced, which can affect the
system dynamics of NCS.
B. False data injection attack
In this subsection, the model of FDI attack is introduced
and then how it affects the system dynamics is investigated.
Assume that the adversary has perfect knowledge about the
system model, that is, the values of all the matrices A, C,
K,L, W and R described in Subsection II-A are known by
the attacker. We also assume that the attacker has the ability
to inject false data over the communication channel from the
system measurement to the remote control centre. Under FDI
attacks, the measurement output received by the estimator is
given as follows:
y a (k) = y 0 (k) + a(k) = Cx0 (k) + ν(k) + a(k) (4)
where y 0 (k) is the system output of NCS (1) under FDI attacks
and a(k) ∈ Rm represents the false data injected by the
attacker at time instant k.
With the compromised measurement y a (k), based on the
estimator E and the controller C in (2), the system dynamics
can be derived as follows:
 0
 x (k + 1) = Ax0 (k) + Bu0 (k) + ω(k)


 u0 (k) = Lx̂0 (k)
(5)

 x̂ (k + 1) = Ax̂0 (k) + Bu0 (k) + Kz 0 (k + 1)
0

 0
z (k + 1) = y a (k + 1) − C(Ax̂0 (k) + Bu0 (k))
where x0 (k), x̂0 (k) and z 0 (k) are the system state, state
estimate and the estimation residue of system (1) at time k
using the compromised measurement (4), respectively. Without
loss of generality, it is assumed that the attack begins at time
instant 1 and x̂a (0) = x̂(0).
Defining the estimation error e0 (k) := x0 (k) − x̂0 (k), then
the dynamics of e0 (k) is given as follows,
0 0 0
e (k + 1) = Ae (k) − Kz (k + 1) + ω(k). (6)
To take into account the effect of FDI attacks on the NCS
(1), define the difference between the system state, the state
estimates, estimation residual and state error of system (1)
(without FDI attacks) and system (5) (with FDI attacks) as
follows:
0 0
∆x(k) := x (k) − x(k), ∆x̂(k) := x̂ (k) − x̂(k)
∆z(k) := z 0 (k) − z(k), ∆e(k) := e0 (k) − e(k)
For convenience, ∆x(k), ∆x̂(k), ∆z(k) and ∆e(k) are
called as the state difference, the estimation difference, the
residual difference and the error difference, respectively. The
dynamics of ∆x̂(k) and ∆e(k) can be derived as follows:
∆x̂(k + 1) = (A + BL)∆x̂(k) + K∆z(k + 1) (7)
∆e(k + 1) = A∆e(k) − K∆z(k + 1) (8)
where
∆z(k + 1) = CA∆e(k) + a(k + 1) (9)
In the considered FDI attack model, the purpose of the
attacker is to launch a “special” FDI attack sequence under
which the state difference ∆x(k) will diverge to ∞ without
any alarm triggered by the χ2 detector. In other words, the
attacker aims to inject false data which would destabilize the
NCS without being detected by the detector. To characterize
the stealthiness of such attacks, the following lemma is needed.
Lemma 1: [13] Consider the NCS (1)-(2) under FDI attacks
(4). The attacks will not be detected by the anomaly detector
D, if k∆z(k)k ≤ M, where M is a sufficiently small positive
scalar.
In the following section, the security of NCSs under cyber-
attacks will be investigated. Before proceeding further, the
following definitions on security of NCSs are given as follows.
Definition 1: The NCS (1)-(2) is called insecure, if there
exists at least one FDI attack sequence {a(k)}, such that the
following two conditions hold simultaneously:
1) for the state difference ∆x(k),
lim k∆x(k)k → ∞; (10)
k→∞
2) for the estimation residual difference ∆z(k),
k∆z(k)k ≤ M (11)
where M is a prescribed small positive constant.
In case that (10)-(11) do not hold simultaneously under FDI
attacks (4), the NCS (1)-(2) is called secure under FDI attacks.
Noting that matrix A + BL is Shur stable, from (7), it is
obvious that ∆x̂(k) is always bounded under the condition
(10). Since ∆x(k) = ∆x̂(k) + ∆e(k), it can be easily found
that Definition 1 is equivalent to the following one:
Definition 2: The NCS (1)-(2) is called insecure, if there
exists at least one FDI attack sequence {a(k)}, such that the
following two conditions are satisfied simultaneously:
1) for the estimation difference ∆e(k),
lim k∆e(k)k → ∞; (12)
k→∞
2) for the estimation residual difference ∆z(k),
k∆z(k)k ≤ M (13)
where M is a prescribed small positive constant.
In case that (12)-(13) do not hold simultaneously under FDI
attacks (4), the NCS (1)-(2) is called secure under FDI attacks.
The aim of the addressed system security problem is to analyse
under what conditions there exists an FDI attack sequence that
is undetectable by the anomaly detector but drives the system
dynamics of the physical plant unstable.
III. S ECURITY ANALYSIS
Assume that the system matrix A in (1) has p independent
eigenvectors and its Jordan form J is given by
J = P −1 AP (14)
where follows:
  det (λI − A(I − KC))
  λi 1 " # " #!
J1 0 ... 0  λi 1    Qo 

 Λ1 0 Qo
0 J2 ... 0

.. ..
 =det Po Pc λI − Po Pc
Qc 0 Λ2
 
J =
 
 , Ji = 
 . .

, Qc − X̃C
.. .. .. ..
 . . . .  
 ..

   
0 0 0 Jp
 . 1    (λI − Λ1 )Qo
=det  Po Pc  
λi (λI − Λ2 )Qc + Λ2 X̃C
 
the Jordan block Ji ∈ Cni ×n i
(i = 1, . . . , p) with |λ1 | ≥ (λI − Λ1 )Qo
|λ2 | ≥ · · · ≥ |λp | and
Pi=p =det(P )det   .
i=1 ni = n. Denote P =
(λI − Λ2 )Qc + Λ2 X̃C
−1 T T T
  
P1 , . . . , Pp and Q = P = Q1 , . . . , Qp , where
Pi ∈ Cn×ni and Qi ∈ Cni ×n . Setting λ = λi (i ∈ {1, . . . , l}), it can be seen that the last
If ρ(A) ≥ 1, there exists a positive integer l satisfying 1 ≤ row of matrix λI − Ji is a zero row, which implies that there
l ≤ p such that the inequality |λ1 | ≥ · · · ≥ |λl |P≥ 1 > is at least a zero row in the sub-matrix (λI −Λ1 )Qo and hence
l
|λl+1 | ≥ · · · ≥ |λp | is true. Furthermore, define ¯l = i=1 ni , det (λI − A(I − KC)) = 0. In other words, it is concluded
then that λi (i = 1, . . . , l) is the eigenvalue of matrix A(I − KC).
" # Noting that |λi | ≥ 1 (i = 1, . . . , l), this conclusion contradicts
Qo

 Λ1 0
the inequality ρ(A(I − KC)) < 1. As a result, there is no

A = P JQ = Po Pc , (15)
0 Λ2 Qc solution to the matrix equation (16) and the proof is complete.

where block matrices Λ1 = diag{J1 , . . . , Jl } ∈Cl̄×l̄ , Λ2 = From Lemma 3, the following lemma can be easily ob-
diag{Jl+1 , . . . , Jp } ∈ C(n−l̄)×(n−l̄) , Po = P1 , . . . , Pl , tained.
T Lemma 4: For the system (1)-(2), let ρ(A) ≥ 1 and Es,t
P = Pl+1 , . . . , Pp , Qo = Q1 , . . . , QTl
   T 
and Qc =
cT T
T represent the element of matrix E in the sth row and tth
Ql+1 , . . . , Qp are of appropriate dimensions.
column. Define matrix E = P −1 K. Then, there exists at
To introduce the main results, the following lemmas are
least one non-zero component in matrix E, that is, there Pl exist
needed.
integers s ∈ {1, . . . , ¯l} and t ∈ {1, . . . , m} with ¯l , i=1 ni
Lemma 2: [2] For two matrices M, N ∈ Cn×n , det(M N ) = such that Es,t 6= 0.
det(M )det(N ). Moreover, matrices M N and N M have the Proof: Let us prove the lemma by contradiction. Assume
same non-zero eigenvalues. that Es,t = 0, ∀s ∈ {1, . . . , ¯l}, ∀t ∈ {1, . . . , m}. That is,
Lemma 3: For the NCS (1)-(2), if ρ(A) ≥ 1, the following 0
matrix equation E = where Ē ∈ C(n−l̄)×m is the sub-matrix forming
Ē
Pc X = K (16) by the last n − ¯l rows of E. Then, the equation K = P E can
be rewritten as follows:
 
has no solution, where matrix K is the estimator gain of state   0
K = P E = Po Pc = Pc Ē.
estimator (2) and matrix Pc is given in (15). Ē
Proof: It is known from Lemma 2 that the matrices (I −
KC)A and A(I − KC) have the same eigenvalues. Then, it The above equation implies that Ē is the solution of equation
follows from ρ((I − KC)A) < 1 that the inequality ρ(A(I − (16), which contradicts the statement in Lemma 3 that equation
KC)) < 1 holds. (16) has no solution. The proof is now complete.
Before presenting the necessary and sufficient condition
Let us prove the lemma by contradiction. Assume that there
under which the NCS (1)-(2) is insecure, a procedure for
exists a matrix solution X̃ to equation (16), then it follows that
generating a certain sequence of FDI attacks is outlined in
" # Algorithm 1.
Qo

  Λ1 0 Theorem 1: Under the cyber-attack (4), the NCS (1)-(2) is
A(I − KC) = Po Pc (I − Pc X̃C),
0 Λ2 Qc insecure if and only if ρ(A) ≥ 1.
Proof: (Sufficiency) Start by proving that, if ρ(A) ≥ 1,
and it follows from Qo Pc = 0 and Qc Pc = I that the NCS (1)-(2) is insecure under the cyber-attack (4). Ac-
cording to Definition 2, it is needed to prove that there exists
 " Qo
#
at least one FDI attack sequence satisfying both (12) and (13)
  Λ1 0
A(I − KC) = Po Pc . if ρ(A) ≥ 1. In the following, it is to be proved that (12) and
0 Λ2 Qc − X̃C
(13) are true under the attacks generated by Algorithm 1.
According to Algorithm 1, it is known that
Accordingly, the characteristic polynomial of matrix A(I −
t
KC), denoted by det (λI − A(I − KC)), can be given as a(k + 1) = −CA∆e(k) + σ(k + 1)M Im (17)
Algorithm 1 The algorithm for generating FDI attacks It follows from (20) that
1: Initialize:   λ 
Decompose matrix A in (1) as the Jordan normal

t̄r (k + 1) q 1 t̄r (k)

form (14), Choose arbitrarily a scalar σ ∈ (0, 1)  t̄r+1 (k + 1)   ..   t̄r+1 (k)

and the positive scalar M ;   λq . 
 =
 
2: Determine the integers t, r and q according to Lemma 4, (21)
 .. ..
 .. 
.   .

and (22), respectively;
  . 1 

3: Set t̄r (0) = 0;
t̄nq (k + 1) λq t̄ nq (k)

4: while k ≥ 0 do 
1

5: if Re{λq t̄r (k)} ≥ 0 then
6: Set σ(k + 1) = σ;
 0 
+ σ(k + 1)M  ..  ,
 
t
7: Set attack a(k + 1) = −CA∆e(k) + σ(k + 1)M Im ;  . 
8: else
9: Set σ(k + 1) = −σ; 0
10: Set attack a(k + 1) = −CA∆e(k) + σ(k + 1)M Im t
; (23)
11: end if
12: Calculate ∆ex(k + 1) according to (8); where t̄j (k) is the jth element of vector t̄(k), j ∈ {r, r +
13: Calculate t̄r (k + 1) according to (24); 1, . . . , nq }.
14: k = k + 1; Noting the initial condition t̄r+1 (0) = 0, it can be easily
15: end while derived from (23) that t̄i+1 (k) = 0 and
t̄r (k + 1) = λq t̄r (k) + σ(k + 1)M, (24)
where σ(k + 1) takes value on either σ or −σ with σ ∈ (0, 1). and therefore
It follows from (9) and (17) that
|t̄r (k + 1)|2 =|λq |2 |t̄r (k)|2 + σ 2 (k + 1)M 2
t
(25)
∆z(k + 1) = σ(k + 1)M Im , (18) + 2σ(k + 1)M Re{λq t̄r (k)}.
According to Algorithm 1, it is known that σ(k +
from which it can easily seen that k∆z(k + 1)k = σM < M ,
1)Re{λq t̄i (k)} ≥ 0 and σ 2 (k+1) = σ 2 . Furthermore, noticing
and this implies that condition (13) is satisfied.
that |λq | ≥ 1, it is derived that
To show that the condition (12) is satisfied, define vector
t(k) = Q∆e(k) where t(k) = [tT1 (k), . . . , tTp (k)]T with |t̄r (k+1)|2 ≥ |λq |2 |t̄r (k)|2 +σ 2 M 2 ≥ |t̄r (k)|2 +σ 2 M 2 . (26)
ti (k) ∈ Cni (i ∈ {1, 2, . . . , p}). Based on (8), (15) and Lemma
4, the dynamics of t(k) can be derived as follows: Based on the inequality |t̄r (k + 1)|2 ≥ |t̄r (k)|2 + σ 2 M 2 and
the initial condition t̄r (0) = 0, it can be inferred that |t̄r (k +
t(k + 1) = Jt(k) + QK∆z(k + 1) = Jt(k) + E∆z(k + 1). 1)|2 ≥ (k+1)σ 2 M 2 , which implies that limk→∞ |t̄r (k+1)| =
(19) ∞ and therefore limk→∞ t(k + 1) = ∞. Since t(k + 1) =
Substituting (18) into (19) gives Q∆e(k + 1), it can be deduced that at least one component of
vector ∆e(k + 1) is unbounded, and limk→∞ k∆e(k + 1)k =
t
t(k + 1) = Jt(k) + σ(k + 1)M EIm . ∞. To this end, the condition (12) is satisfied and finally it
can be concluded that the system is insecure under the attacks
Define t̄(k) =
T
t1 (k), . . . , tTl (k)
T
and t(k) = generated by Algorithm 1 if ρ(A) ≥ 1.
 (Necessity). To prove the necessity, it is needed to show
T T Λ 1 0
tl+1 (k), . . . , tTp (k) . Noting that J =

, one has that the system (1)-(2) is secure if matrix ρ(A) < 1. Again,
0 Λ2
let us prove by contradiction. Assume that the system (1)-
t̄(k + 1) = Λ1 t̄(k) + σ(k + 1)M d, (20) (2) is insecure, that is, there exist attack sequences satisfying
(12) and (13). It follows from (13) that ∆z(k + 1) is norm-
bounded. Since ρ(A) < 1, based on the equation ∆e(k + 1) =
  t
where d = Il̄ , 0l̄×(n−l̄) EIm , i.e., vector d is formed by the
first ¯l elements of the tth column of matrix E. From Lemma A∆e(k) + K∆z(k + 1), it can be inferred that ∆e(k + 1) is
4, it is known that d 6= 0. norm-bounded as well. That is, condition (12) is violated and
 T
Define d = d1 , . . . , dl̄ and the proof is now complete.
Remark 1: In the main results of [10], [12], it has been
r = argmax (dj 6= 0), (21) stated that the necessary and sufficient conditions for the state
1≤j≤l̄ error by FDI attacks to be unbounded are that a) the system
matrix A should be unstable; and b) at least one eigenvector v
that is, dr is the non-zero element of vector d with the maximal corresponding to the unstable system mode satisfies v ∈ Qoa
index. Since 1 ≤ r ≤ ¯l, there exists an integer q (1 ≤ q ≤ l) where Qoa is the controllability matrix associated with the pair
such that (A − KCA, KBa ). Note that when Ba = Im , condition b) is
q q
X X actually unnecessary and has been removed in Theorem 1 of
ni − nq < r ≤ ni . (22) this paper.
i=1 i=1
 2000
V. C ONCLUSION
0
In this paper, the cyber-security of networked control sys-
tems has been considered, where the adversary can inject
-2000
false data into the communication channel from the physical
-4000
plant to the remote control centre. Using the techniques from
matrix analysis and linear system theory, a necessary and
-6000
sufficient condition has been derived under which the system
-8000 x1(k)
state caused by the attack is divergent to infinity. Furthermore,
x2(k) a specific algorithm has been developed for generating attack
-10000
0 10 20 30 40 50 sequences with which the networked control system is inse-
cure. A simulation example has been proposed to verify the
(a) system state.
usefulness of the developed result and algorithm.
0.25

R EFERENCES
0.2
[1] B. D. Anderson and J. B. Moore, Optimal Filtering. Courier Dover
Publications, 2005.
0.15 [2] D. S. Bernstein, Matrix Mathematics: Theory, Facts, and Formulas.
Princeton University Press, 2009.
0.1 [3] T. Chen, “Stuxnet, the real start of cyber warfare?[editor’s note],” IEEE
Network, vol. 24, no. 6, pp. 2–3, 2010.
[4] H. Fawzi, P. Tabuada, and S. Diggavi, “Secure estimation and control for
0.05
cyber-physical systems under adversarial attacks,” IEEE Transactions on
∆ z(k)
Automatic Control, vol. 59, no. 6, pp. 1454–146, 2014.
0 [5] H. Gao and T. Chen, “H∞ estimation for uncertain systems with limited
0 10 20 30 40 50
communication capacity,” IEEE Transactions on Automatic Control,
vol. 52, no. 11, pp. 2070–2084, 2007.
(b) residual difference. [6] J. P. Hespanha, Linear Systems Theory. Princeton university press,
2009.
Fig. 2. The system state and estimation residual difference under FDI attacks [7] J. P. Hespanha, P. Naghshtabrizi, and Y. Xu, “A survey of recent results
in networked control systems,” Proceedings-IEEE, vol. 95, no. 1, p. 138,
2007.
[8] O. Kosut, “Malicious data attacks against dynamic state estimation in
IV. N UMERICAL EXAMPLE the presence of random noise,” in Proc. Global Conference on Signal
and Information Processing, 2013, pp. 261–264.
Consider the physical plant P given in (2) with the follow- [9] O. Kosut, L. Jia, R. J. Thomas, and L. Tong, “Malicious data attacks
ing system matrices, on the smart grid,” IEEE Transactions on Smart Grid, vol. 2, no. 4, pp.
645–658, 2011.
[10] C. Kwon, W. Liu, and I. Hwang, “Security analysis for cyber-physical
   
1.2 1 −1
A= , B= systems against stealthy deception attacks,” in Proc. American Control
0 0.5 1 Conference (ACC), 2013, pp. 3344–3349.
[11] Y. Liu, P. Ning, and M. K. Reiter, “False data injection attacks against
 
C = 1 0 , W = diag{0.1, 0.1}, R = 0.1.
state estimation in electric power grids,” in Proc. 16th ACM conference
on Computer and Communications Security, 2009, pp. 21–32.
It can be verified that with the above parameters, the physical [12] Y. Mo and B. Sinopoli, “False data injection attacks in cyber physical
plant P is both controllable and observable. Suppose that the systems,” in First Workshop on Secure Control Systems, 2010.
proposed controller (2) is employed, where gains K and L are [13] ——, “On the performance degradation of cyber-physical systems under
stealthy integrity attacks,” IEEE Transactions on Automatic Control, in
chosen as the steady-state Kalman filter gain and LQG control press.
gain as follows: [14] Z.-H. Pang and G.-P. Liu, “Design and implementation of secure
  networked predictive control systems under deception attacks,” IEEE
0.7865   Transactions on Control Systems Technology, vol. 20, no. 5, pp. 1334–
K= , L = −1.6551 −2.4795 . 1342, 2012.
0.1468 [15] Z.-H. Pang, G. Zheng, G.-P. Liu, and C.-X. Luo, “Secure transmission
mechanism for networked control systems under deception attacks,” in
It can be computed that the eigenvalues of system matrix Proc. International Conference on Cyber Technology in Automation,
A are 1.2 and 0.5. According to Theorem 1, the system is Control, and Intelligent Systems, 2011, pp. 27–32.
[16] F. Pasqualetti, F. Dorfler, and F. Bullo, “Attack detection and identi-
insecure. To confirm this conclusion via simulation, a specific fication in cyber-physical systems,” IEEE Transactions on Automatic
deceptive FDI attack sequence is generated according to Algo- Control, vol. 58, no. 11, pp. 2715–2729, 2013.
rithm 1 where the parameters are chosen as σ = 0.1, M = 2. [17] A. Teixeira, S. Amin, H. Sandberg, K. H. Johansson, and S. S. Sastry,
“Cyber security analysis of state estimators in electric power systems,”
Fig. 2 depicts the system state x(k) and the the estimation in Proc. IEEE Conference on Decision and Control (CDC), 2010, pp.
residual difference ∆ẑ(k) under the designed attack sequences 5991–5998.
{ad (k)}. From Fig. 2, it can be seen that the sequence [18] Z. Wang, H. Dong, B. Shen, and H. Gao, “Finite-horizon H∞ filtering
with missing measurements and quantization effects,” IEEE Transactions
{kx(k)k} diverges to ∞ while the sequence {k∆z(k)k} is on Automatic Control, vol. 58, no. 7, pp. 1707–1718, 2013.
always less the prescribed scalar M . Here, the closed-loop
system is destabilized by the designed FDI attacks but this
cannot be detected by the χ2 anomaly detector.