Change search
Link to record
Permanent link

Direct link
BETA
Publications (10 of 179) Show all publications
Pirani, M., Nekouei, E., Sandberg, H. & Johansson, K. H. (2019). A game-theoretic framework for security-aware sensor placement problem in networked control systems. In: Proceedings of the American Control Conference: . Paper presented at 2019 American Control Conference, ACC 2019; Philadelphia; United States; 10 July 2019 through 12 July 2019 (pp. 114-119). Institute of Electrical and Electronics Engineers (IEEE), Article ID 8814443.
Open this publication in new window or tab >>A game-theoretic framework for security-aware sensor placement problem in networked control systems
2019 (English)In: Proceedings of the American Control Conference, Institute of Electrical and Electronics Engineers (IEEE), 2019, p. 114-119, article id 8814443Conference paper, Published paper (Refereed)
Abstract [en]

This paper studies the sensor placement problem in a networked control system for improving its security against cyber-physical attacks. The problem is formulated as a zero-sum game between an attacker and a detector. The attacker's decision is to select f nodes of the network to attack whereas the detector's decision is to place f sensors to detect the presence of the attack signals. In our formulation, the attacker minimizes its visibility, defined as the system L2 gain from the attack signals to the deployed sensors' outputs, and the detector maximizes the visibility of the attack signals. The equilibrium strategy of the game determines the optimal locations of the sensors. The existence of Nash equilibrium for the attacker-detector game is studied when the underlying connectivity graph is a directed or an undirected tree. When the game does not admit a Nash equilibrium, it is shown that the Stackelberg equilibrium of the game, with the detector as the game leader, can be computed efficiently. Our results show that, under the optimal sensor placement strategy, an undirected topology provides a higher security level for a networked control system compared with its corresponding directed topology.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2019
Series
Proceedings of the American Control Conference, ISSN 07431619
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-262596 (URN)2-s2.0-85072277874 (Scopus ID)9781538679265 (ISBN)
Conference
2019 American Control Conference, ACC 2019; Philadelphia; United States; 10 July 2019 through 12 July 2019
Note

QC 20191016

Available from: 2019-10-16 Created: 2019-10-16 Last updated: 2019-10-16Bibliographically approved
Milosevic, J., Sandberg, H. & Johansson, K. H. (2019). A Security Index for Actuators Based on Perfect Undetectability: Properties and Approximation. In: 2018 56th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2018: . Paper presented at 56th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2018, 2 October 2018 through 5 October 2018 (pp. 235-241). Institute of Electrical and Electronics Engineers Inc.
Open this publication in new window or tab >>A Security Index for Actuators Based on Perfect Undetectability: Properties and Approximation
2019 (English)In: 2018 56th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2018, Institute of Electrical and Electronics Engineers Inc. , 2019, p. 235-241Conference paper, Published paper (Refereed)
Abstract [en]

A novel security index based on the definition of perfect undetectability is proposed. The index is a tool that can help a control system operator to localize the most vulnerable actuators in the network. In particular, the security index of actuator i represents the minimal number of sensors and actuators that needs to be compromised in addition to i, such that a perfectly undetectable attack is possible. A method for computing this index for small scale systems is derived, and difficulties with the index once the system is of large scale are outlined. An upper bound for the index that overcomes these difficulties is then proposed. The theoretical developments are illustrated on a numerical example. 

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers Inc., 2019
Keywords
Computer programming, Computer science, Control engineering, Security indices, Sensors and actuators, Small-scale systems, System operator, Theoretical development, Upper Bound, Actuators
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-252077 (URN)10.1109/ALLERTON.2018.8635906 (DOI)000461021200034 ()2-s2.0-85062843906 (Scopus ID)
Conference
56th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2018, 2 October 2018 through 5 October 2018
Note

QC 20190801

Available from: 2019-08-01 Created: 2019-08-01 Last updated: 2019-08-01Bibliographically approved
Farokhi, F. & Sandberg, H. (2019). Ensuring privacy with constrained additive noise by minimizing Fisher information. Paper presented at 56th IEEE Annual Conference on Decision and Control (CDC), DEC 12-15, 2017, Melbourne, AUSTRALIA, ARKE BS, 1990, IEEE TRANSACTIONS ON INFORMATION THEORY, V36, P453. Automatica, 99, 275-288
Open this publication in new window or tab >>Ensuring privacy with constrained additive noise by minimizing Fisher information
2019 (English)In: Automatica, ISSN 0005-1098, E-ISSN 1873-2836, Vol. 99, p. 275-288Article in journal (Refereed) Published
Abstract [en]

The problem of preserving the privacy of individual entries of a database when responding to linear or nonlinear queries with constrained additive noise is considered. For privacy protection, the response to the query is systematically corrupted with an additive random noise whose support is a subset or equal to a pre-defined constraint set. A measure of privacy using the inverse of the trace of the Fisher information matrix is developed. The Cramer-Rao bound relates the variance of any estimator of the database entries to the introduced privacy measure. The probability density that minimizes the trace of the Fisher information (as a proxy for maximizing the measure of privacy) is computed. An extension to dynamic problems is also presented. Finally, the results are compared to the differential privacy methodology. Crown Copyright

Place, publisher, year, edition, pages
PERGAMON-ELSEVIER SCIENCE LTD, 2019
Keywords
Privacy, Additive constrained noise, Fisher information
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-242254 (URN)10.1016/j.automatica.2018.10.012 (DOI)000454965300031 ()2-s2.0-85056467557 (Scopus ID)
Conference
56th IEEE Annual Conference on Decision and Control (CDC), DEC 12-15, 2017, Melbourne, AUSTRALIA, ARKE BS, 1990, IEEE TRANSACTIONS ON INFORMATION THEORY, V36, P453
Note

QC 20190225

Available from: 2019-01-31 Created: 2019-01-31 Last updated: 2019-02-25Bibliographically approved
Tegling, E. & Sandberg, H. (2019). Noise-induced limitations to the scalability of distributed integral control. Systems & control letters (Print), 130, 23-31
Open this publication in new window or tab >>Noise-induced limitations to the scalability of distributed integral control
2019 (English)In: Systems & control letters (Print), ISSN 0167-6911, E-ISSN 1872-7956, Vol. 130, p. 23-31Article in journal (Refereed) Published
Abstract [en]

We study performance limitations of distributed feedback control in large-scale networked dynamical systems. Specifically, we address the question of how the performance of distributed integral control is affected by measurement noise. We consider second-order consensus-like problems modeled over a toric lattice network, and study asymptotic scalings (in network size) of H2 performance metrics that quantify the variance of nodal state fluctuations. While previous studies have shown that distributed integral control fundamentally improves these performance scalings compared to distributed proportional feedback control, our results show that an explicit inclusion of measurement noise leads to the opposite conclusion. The noise's impact on performance is shown to decrease with an increased inter-nodal alignment of the local integral states. However, even though the controller can be tuned for acceptable performance for any given network size, performance will degrade as the network grows, limiting the scalability of any such controller tuning. In particular, the requirement for inter-nodal alignment increases with network size. We show that this may in practice imply that very large and sparse networks will require any integral control to be centralized, rather than distributed. In this case, the best-achievable performance scaling, which is shown to be that of proportional feedback control, is retrieved.

Place, publisher, year, edition, pages
Elsevier, 2019
Keywords
Fundamental limitations, Large-scale systems, Networked control systems
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
urn:nbn:se:kth:diva-262554 (URN)10.1016/j.sysconle.2019.06.005 (DOI)000478703200004 ()2-s2.0-85068851331 (Scopus ID)
Note

QC 20191017

Available from: 2019-10-17 Created: 2019-10-17 Last updated: 2019-10-17Bibliographically approved
Wei, J., Yi, X., Sandberg, H. & Johansson, K. H. (2019). Nonlinear Consensus Protocols With Applications to Quantized Communication and Actuation. IEEE Transactions on Big Data, 6(2), 598-608
Open this publication in new window or tab >>Nonlinear Consensus Protocols With Applications to Quantized Communication and Actuation
2019 (English)In: IEEE Transactions on Big Data, ISSN 2325-5870, E-ISSN 2168-6750, Vol. 6, no 2, p. 598-608Article in journal (Refereed) Published
Abstract [en]

Nonlinearities are present in all real applications. Two types of general nonlinear consensus protocols are considered in this paper, namely, the systems with nonlinear communication and actuator constraints. The solutions of the systems are understood in the sense of Filippov to handle the possible discontinuity of the controllers. For each case, we prove the asymptotic stability of the systems with minimal assumptions on the nonlinearity, for both directed and undirected graphs. These results extend the literature to more general nonlinear dynamics and topologies. As applications of established theorems, we interpret the results on quantized consensus protocols.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2019
Keywords
Networks of autonomous agents, nonlinear systems, nonsmooth analysis, stability
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-254088 (URN)10.1109/TCNS.2018.2860461 (DOI)000469874200012 ()2-s2.0-85050615718 (Scopus ID)
Note

QC 20190625

Available from: 2019-06-25 Created: 2019-06-25 Last updated: 2019-06-25Bibliographically approved
Wiese, M., Oechtering, T. J., Johansson, K. H., Papadimitratos, P., Sandberg, H. & Skoglund, M. (2019). Secure Estimation and Zero-Error Secrecy Capacity. IEEE Transactions on Automatic Control, 64(3), 1047-1062
Open this publication in new window or tab >>Secure Estimation and Zero-Error Secrecy Capacity
Show others...
2019 (English)In: IEEE Transactions on Automatic Control, ISSN 0018-9286, E-ISSN 1558-2523, Vol. 64, no 3, p. 1047-1062Article in journal (Refereed) Published
Abstract [en]

We study the problem of securely estimating the states of an unstable dynamical system subject to non-stochastic disturbances. The estimator obtains all its information through an uncertain channel, which is subject to nonstochastic disturbances as well, and an eavesdropper obtains a disturbed version of the channel inputs through a second uncertain channel. An encoder observes and block encodes the states in such a way that, upon sending the generated codeword, the estimator's error is bounded and a security criterion is satisfied, thereby ensuring that the eavesdropper obtains as little state information as possible. Two security criteria are considered and discussed with the help of a numerical example. A sufficient condition on the uncertain wiretap channel, i.e., the pair formed by the uncertain channel from the encoder to the estimator and the uncertain channel from the encoder to the eavesdropper is derived, which ensures that a bounded estimation error and security are achieved. This condition is also shown to be necessary for a subclass of uncertain wiretap channels. To formulate the condition, the zero-error secrecy capacity of uncertain wiretap channels is introduced, i.e., the maximal rate at which data can be transmitted from the encoder to the estimator in such a way that the eavesdropper is unable to reconstruct the transmitted data. Finally, the zero-error secrecy capacity of uncertain wiretap channels is studied.

Place, publisher, year, edition, pages
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 2019
Keywords
Secure state estimation, uncertain wiretap channel, zero-error secrecy capacity
National Category
Computer and Information Sciences
Identifiers
urn:nbn:se:kth:diva-247828 (URN)10.1109/TAC.2018.2849620 (DOI)000460415600012 ()2-s2.0-85048871914 (Scopus ID)
Note

QC 20190326

Available from: 2019-03-26 Created: 2019-03-26 Last updated: 2019-03-26Bibliographically approved
Fang, S., Johansson, K. H., Skoglund, M., Sandberg, H. & Ishii, H. (2019). Two-Way Coding in Control Systems Under Injection Attacks: From Attack Detection to Attack Correction. In: Ramachandran, GS Ortiz, J (Ed.), ICCPS '19: PROCEEDINGS OF THE 2019 10TH ACM/IEEE INTERNATIONAL CONFERENCE ON CYBER-PHYSICAL SYSTEMS. Paper presented at 10th ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS), APR 16-18, 2019, Montreal, CANADA (pp. 141-150). ASSOC COMPUTING MACHINERY
Open this publication in new window or tab >>Two-Way Coding in Control Systems Under Injection Attacks: From Attack Detection to Attack Correction
Show others...
2019 (English)In: ICCPS '19: PROCEEDINGS OF THE 2019 10TH ACM/IEEE INTERNATIONAL CONFERENCE ON CYBER-PHYSICAL SYSTEMS / [ed] Ramachandran, GS Ortiz, J, ASSOC COMPUTING MACHINERY , 2019, p. 141-150Conference paper, Published paper (Refereed)
Abstract [en]

In this paper, we introduce the method of two-way coding, a concept originating in communication theory characterizing coding schemes for two-way channels, into (networked) feedback control systems under injection attacks. We first show that the presence of two-way coding can distort the perspective of the attacker on the control system. In general, the distorted viewpoint on the attacker side as a consequence of two-way coding will facilitate detecting the attacks, or restricting what the attacker can do, or even correcting the attack effect. In the particular case of zero-dynamics attacks, if the attacks are to be designed according to the original plant, then they will be easily detected; while if the attacks are designed with respect to the equivalent plant as viewed by the attacker, then under the additional assumption that the plant is stabilizable by static output feedback, the attack effect may be corrected in steady state.

Place, publisher, year, edition, pages
ASSOC COMPUTING MACHINERY, 2019
Series
ACM-IEEE International Conference on Cyber-Physical Systems, ISSN 2375-8317
Keywords
Cyber-physical system, networked control system, cyber-physical security, two-way channel, two-way coding, zero-dynamics attack
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-255508 (URN)10.1145/3302509.3311047 (DOI)000473800800014 ()2-s2.0-85066616846 (Scopus ID)978-1-4503-6285-6 (ISBN)
Conference
10th ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS), APR 16-18, 2019, Montreal, CANADA
Note

QC 20191011

Available from: 2019-10-11 Created: 2019-10-11 Last updated: 2019-10-11Bibliographically approved
Umsonst, D. & Sandberg, H. (2018). A game-theoretic approach for choosing a detector tuning under stealthy sensor data attacks. In: 2018 IEEE CONFERENCE ON DECISION AND CONTROL (CDC): . Paper presented at 57th IEEE Conference on Decision and Control, CDC 2018; Centre of the Fontainebleau in Miami Beach Miami; United States; 17 December 2018 through 19 December 2018 (pp. 5975-5981). IEEE
Open this publication in new window or tab >>A game-theoretic approach for choosing a detector tuning under stealthy sensor data attacks
2018 (English)In: 2018 IEEE CONFERENCE ON DECISION AND CONTROL (CDC), IEEE , 2018, p. 5975-5981Conference paper, Published paper (Refereed)
Abstract [en]

A Stackelberg game framework is presented to choose the detector tuning for a general detector class under stealthy sensor attacks. In this framework, the defender acts as a leader and chooses a detector tuning, while the attacker will follow with a stealthy attack adjusted to this tuning. The tuning chosen is optimal with respect to the cost induced by the false alarms and the attack impact. We can show that under some practical assumptions the Stackelberg game always has a solution and we state two different sufficient conditions for the uniqueness of the solution. Interestingly, these conditions show that the attack impact does not have to be a convex function. An illustrative attack scenario of a false-data injection attack shows how one can use the Stackelberg game to find the optimal detector tuning.

Place, publisher, year, edition, pages
IEEE, 2018
Series
IEEE Conference on Decision and Control, ISSN 0743-1546
National Category
Computer and Information Sciences
Identifiers
urn:nbn:se:kth:diva-245009 (URN)10.1109/CDC.2018.8619338 (DOI)000458114805087 ()2-s2.0-85062180415 (Scopus ID)978-1-5386-1395-5 (ISBN)
Conference
57th IEEE Conference on Decision and Control, CDC 2018; Centre of the Fontainebleau in Miami Beach Miami; United States; 17 December 2018 through 19 December 2018
Projects
CERCES
Note

QC 20190305

Available from: 2019-03-05 Created: 2019-03-05 Last updated: 2019-04-04Bibliographically approved
Müller, M. I., Milosevic, J., Sandberg, H. & Rojas, C. R. (2018). A Risk-Theoretical Approach to H2-Optimal Control under Covert Attacks. In: 57th IEEE Conference on Decision and Control: . Paper presented at 57th IEEE Conference on Decision and Control (pp. 4553-4558). IEEE
Open this publication in new window or tab >>A Risk-Theoretical Approach to H2-Optimal Control under Covert Attacks
2018 (English)In: 57th IEEE Conference on Decision and Control, IEEE , 2018, p. 4553-4558Conference paper, Published paper (Refereed)
Abstract [en]

We consider the control design problem of optimizing the H-2 performance of a closed-loop system despite the presence of a malicious covert attacker. It is assumed that the attacker has incomplete knowledge on the true process we are controlling. To account for this uncertainty, we employ different measures of risk from the so called family of coherent measures of risk. In particular, we compare the closed-loop performance when a nominal value is used, with three different measures of risk: average risk, worst-case scenario and conditional valueat- risk (CVaR). Additionally, applying the approach from a previous work, we derive a convex formulation for the control design problem when CVaR is employed to quantify the risk. A numerical example illustrates the advantages of our approach.

Place, publisher, year, edition, pages
IEEE, 2018
Series
IEEE Conference on Decision and Control, ISSN 0743-1546
National Category
Computer and Information Sciences
Identifiers
urn:nbn:se:kth:diva-245006 (URN)10.1109/CDC.2018.8618886 (DOI)000458114804034 ()2-s2.0-85062181179 (Scopus ID)978-1-5386-1395-5 (ISBN)
Conference
57th IEEE Conference on Decision and Control
Projects
CERCES
Note

QC 20190305

Available from: 2019-03-05 Created: 2019-03-05 Last updated: 2019-08-27Bibliographically approved
Umsonst, D. & Sandberg, H. (2018). Anomaly Detector Metrics for Sensor Data Attacks in Control Systems. In: 2018 Annual American Control Conference (ACC): . Paper presented at 2018 Annual American Control Conference, ACC 2018, Wisconsin Center / Hilton Milwauke City Center, Milwauke, United States, 27 June 2018 through 29 June 2018 (pp. 153-158). Institute of Electrical and Electronics Engineers (IEEE), Article ID 8431798.
Open this publication in new window or tab >>Anomaly Detector Metrics for Sensor Data Attacks in Control Systems
2018 (English)In: 2018 Annual American Control Conference (ACC), Institute of Electrical and Electronics Engineers (IEEE), 2018, p. 153-158, article id 8431798Conference paper, Published paper (Refereed)
Abstract [en]

We investigate worst-case impacts of stealthy full sensor attacks against linear control systems under a general class of anomaly detectors. We show that the worst-case impact scales with a parameter that is solely determined by the number of sensors in the plant, the detector used, and its tuning. Therefore, we obtain a general metric to compare the performance of detectors of this class of detectors under the investigated sensor attack, which is independent of the plant dynamics and applies to all linear systems with the same number of sensors.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2018
Series
Proceedings of the American Control Conference, ISSN 0743-1619
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-234707 (URN)10.23919/ACC.2018.8431798 (DOI)2-s2.0-85052590291 (Scopus ID)9781538654286 (ISBN)
Conference
2018 Annual American Control Conference, ACC 2018, Wisconsin Center / Hilton Milwauke City Center, Milwauke, United States, 27 June 2018 through 29 June 2018
Projects
CERCES
Note

QC 20180910

Available from: 2018-09-10 Created: 2018-09-10 Last updated: 2018-10-01Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0003-1835-2963

Search in DiVA

Show all publications