kth.sePublications
Change search
Refine search result
1 - 16 of 16
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Chong, Michelle
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Umsonst, David
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Centres, ACCESS Linnaeus Centre. KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Local voltage control of an inverter-based power distribution network with a class of slope-restricted droop controllers2019In: IFAC PAPERSONLINE, ELSEVIER , 2019, Vol. 52, no 20, p. 163-168Conference paper (Refereed)
    Abstract [en]

    Motivated by the environmental and economical benefits of using renewable energy, we consider the problem of regulating the voltage of a power distribution network in a line configuration where each customer is equipped with an inverter. The substation at the head of the line determines the nominal voltage level which is communicated to each customer in the distribution line. The voltage level of each customer is regulated by an inverter which generates reactive power according to our class of droop controllers satisfying the sloperestriction property. This paper provides a sufficient condition for regulating the customers' voltage level within a desired band, which depends on the properties of the distribution line (line impedances) and the droop controller employed. This is achieved when only the upper bound of all the customers' net power usage is known, thereby preserving the privacy of each customer. Simulation studies are performed on a benchmark model for a distribution system with renewable sources. 

  • 2.
    Chong, Michelle
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Umsonst, David
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Centres, ACCESS Linnaeus Centre. KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Voltage regulation of a power distribution network in a radial configuration with a class of sector-bounded droop controllers2019In: Proceedings of the IEEE Conference on Decision and Control, Institute of Electrical and Electronics Engineers (IEEE) , 2019, p. 3515-3520Conference paper (Refereed)
    Abstract [en]

    We consider the problem of voltage regulation for a power distribution network where each inverter-equipped customer is connected sequentially with the sub-station at the head of the line. The substation dictates the desired voltage and transmits the reference voltage to each inverter in the distribution line. The inverter generates reactive power using our modified droop control law, which regulates the voltage level by influencing the power flow in the line, described by the DistFlow model. This paper provides conditions on the distribution line (the line impedances), the droop control law employed, and the nominal voltage level at the substation such that the each customer's voltage level are within a desired margin, when only the bound on the customers' overall power consumption is known. Thereby preserving the privacy of each customer's net power usage. We have also widened the choice of droop functions by only requiring them to be sector bounded. Simulation studies are provided to illustrate our results. 

  • 3.
    Kang, BooJoong
    et al.
    Queens Univ Belfast, Belfast, Antrim, North Ireland..
    Umsonst, David
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Faschang, Mario
    AIT Austrian Inst Technol GmbH, Vienna, Austria..
    Seitl, Christian
    AIT Austrian Inst Technol GmbH, Vienna, Austria..
    Friedberg, Ivo
    Austrian Power Grid AG, Vienna, Austria..
    Kupzog, Friederich
    AIT Austrian Inst Technol GmbH, Vienna, Austria..
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Centres, ACCESS Linnaeus Centre. KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    McLaughlin, Kieran
    Queens Univ Belfast, Belfast, Antrim, North Ireland..
    Intrusion Resilience for PV Inverters in a Distribution Grid Use-Case Featuring Dynamic Voltage Control2020In: CRITICAL INFORMATION INFRASTRUCTURES SECURITY (CRITIS 2019) / [ed] NadjmTehrani, S, Springer Nature , 2020, p. 97-109Conference paper (Refereed)
    Abstract [en]

    ICT-enabled smart grid devices, potentially introduce new cyber vulnerabilities that weaken the resilience of the electric grid. Using real and simulated PV inverters, this work demonstrates how cyber-attacks on IEC 61850 communications to field devices can force an unstable state, causing voltage oscillations or overvoltage situations in a distribution grid. An automated resilience mechanism is therefore presented, combining intrusion detection and decentralised resilient controllers, which is demonstrated to assure stable operation of an energy system by counteracting cyber-attacks targeting embedded PV inverters.

  • 4.
    Kintzler, Florian
    et al.
    Siemens AG Austria, Corp Technol, Vienna, Austria..
    Gawron-Deutsch, Tobias
    Siemens AG Austria, Corp Technol, Vienna, Austria..
    Cejka, Stephan
    Siemens AG Austria, Corp Technol, Vienna, Austria..
    Schulte, Judith
    OFFIS eV, Inst Informat, R&D Div Energy, Oldenburg, Germany..
    Uslar, Mathias
    OFFIS eV, Inst Informat, R&D Div Energy, Oldenburg, Germany..
    Veith, Eric M. S. P.
    OFFIS eV, Inst Informat, R&D Div Energy, Oldenburg, Germany..
    Piatkowska, Ewa
    AIT Austrian Inst Technol, Ctr Digital Safety & Secur, Vienna, Austria..
    Smith, Paul
    AIT Austrian Inst Technol, Ctr Digital Safety & Secur, Vienna, Austria..
    Kupzog, Friederich
    AIT Austrian Inst Technol, Ctr Digital Safety & Secur, Vienna, Austria..
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Chong, Michelle
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Umsonst, David
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Mittelsdorf, Marco
    Fraunhofer Inst Solar Energy Syst, Freiburg, Germany..
    Large Scale Rollout of Smart Grid Services2018In: 2018 GLOBAL INTERNET OF THINGS SUMMIT (GIOTS), IEEE , 2018, p. 215-221Conference paper (Refereed)
    Abstract [en]

    In the domain of energy automation, where a massive number of software-based IoT services interact with a complex dynamic system, processes for software installation and software update become more important and more complex. These processes have to ensure that the dependencies on all layers are fulfilled, including dependencies arising due to the energy system controlled by IT components being a hidden communication channel between these components. In addition, the processes have to be resilient against faults in and attacks to both the energy grid and the communication network. The ERA-Net funded project LarGo! aims at developing and testing processes for the large scale rollout of software applications in the power grid domain as well as the user domain. This article describes a work in progress and the project's roadmap to solve the technical issues. It investigates the problems that arise from the interlocking of the two networks - the power grid and the communication network. Based on this analysis a first set of requirements for a rollout process in such a Smart Grid is derived and the chosen approach to verify the resilience of the developed processes under research is described.

  • 5.
    Milosevic, Jezdimir
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Umsonst, David
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Johansson, Karl Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Quantifying the Impact of Cyber-Attack Strategies for Control Systems Equipped with an Anomaly Detector2018In: 2018 European Control Conference, ECC 2018, Institute of Electrical and Electronics Engineers (IEEE), 2018, p. 331-337, article id 8550188Conference paper (Refereed)
    Abstract [en]

    Risk assessment is an inevitable step in the implementation of cost-effective security strategies for control systems. One of the difficulties of risk assessment is to estimate the impact cyber-attacks may have. This paper proposes a framework to estimate the impact of several cyber-attack strategies against a dynamical control system equipped with an anomaly detector. In particular, we consider denial of service, sign alternation, rerouting, replay, false data injection, and bias injection attack strategies. The anomaly detectors we consider are stateless, cumulative sum, and multivariate exponentially weighted moving average detectors. As a measure of the attack impact, we adopt the infinity norm of critical states after a fixed number of time steps. For this measure and the aforementioned anomaly detectors, we prove that the attack impact for all of the attack strategies can be reduced to the problem of solving a set of convex minimization problems. Therefore, the exact value of the attack impact can be obtained easily. We demonstrate how our modeling framework can be used for risk assessment on a numerical example.

  • 6.
    Umsonst, David
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Stealthy Sensor Attacks on Feedback Systems: Attack Analysis and Detector-based Defense Mechanisms2021Doctoral thesis, monograph (Other academic)
    Abstract [en]

    In this thesis, we investigate sensor attacks on feedback systems and how anomaly detectors can be used as a defense mechanism. We consider an attacker with access to all sensor measurements and full knowledge about the closed-loop system model. The attacker wants to maximize its impact on the system while not triggering an alarm in the anomaly detector. The defender wants to mitigate the attacker's impact with detector-based defense mechanisms, which consider the normal operating cost as well.

    The sensor attack consists of three different stages and we begin by analyzing each stage separately. First, to launch its stealthy attack, the attacker needs to estimate the internal controller state perfectly while only accessing the measurements. We prove that the attacker can perfectly estimate the controller state if and only if the linear controller dynamics do not have eigenvalues outside of the unit circle. The theory for controller state estimation is applied to reference estimation as well, where we show that the attacker can estimate common reference signals, such as constant and sinusoidal signals, regardless of the controller used. Second, the attacker estimates the internal anomaly detector state. When the detector has linear dynamics, the attacker is able to estimate the state while injecting a malicious signal that mimics the detector output statistics based on the Kullback-Leibler divergence. In the third stage, the attacker launches its worst-case attack on the closed-loop system. We provide a convex optimization approach to estimate the worst-case impact of an attack with an infinity norm-based objective. All stages are evaluated in an experimental setup, which shows that both the controller and the detector play a critical role for the feasibility and the severity of the attack.

    Next, we investigate detector-based defense mechanisms and begin by looking into metrics to compare detectors under attack. The metric we consider first is based on the worst-case attack impact and the average time between false alarms. Since the attacker's objective, and, thus, the impact, is often unknown, we propose a metric that has the advantage of being agnostic to the attacker's objective. We then present a fixed detector threshold setting based on a Stackelberg game framework, which minimizes the cost induced by the false alarms and the attack impact. Further, a moving target defense is obtained by designing a dynamic threshold setting where the threshold is periodically chosen at random from a discrete set. By analyzing one period in a Bayesian game framework, we determine the optimal distribution over the discrete set by solving a linear program, such that the operator's cost is minimized. In the Bayesian framework, we also include uncertainty about the attacker's objective into our analysis. Additionally, we determine a necessary and sufficient condition for when the optimal distribution does not concentrate the probability on only one threshold. For comparing detectors and threshold-based defense mechanisms, we need to know which threshold results in a certain false alarm rate under nominal conditions. Since the threshold tuning is often non-trivial, we derive three finite sample guarantees for a data-driven threshold tuning such that the threshold guarantees an acceptable false alarm rate with a high probability.

    Download full text (pdf)
    DoctoralThesis_DavidUmsonst
  • 7.
    Umsonst, David
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Hashemi, Navid
    The University of Texas at Dallas, Department of Mechanical Engineering, The University of Texas at Dallas, Department of Mechanical Engineering.
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Ruths, Justin
    The University of Texas at Dallas, Department of Mechanical Engineering, The University of Texas at Dallas, Department of Mechanical Engineering.
    Practical Detectors to Identify Worst-Case Attacks2022In: 2022 IEEE Conference on Control Technology and Applications, CCTA 2022, Institute of Electrical and Electronics Engineers (IEEE) , 2022, p. 197-204Conference paper (Refereed)
    Abstract [en]

    Recent work into quantifying the impact of attacks on control systems has motivated the design of worst-case attacks that define the envelope of the attack impact possible while remaining stealthy to model-based anomaly detectors. Such attacks - although stealthy for the considered detector test - tend to produce detector statistics that are easily identifiable by the naked eye. Although seemingly obvious, human operators cannot simultaneously monitor all process control variables of a large-scale cyber-physical system. What is lacking in the literature is a set of practical detectors that can identify such unusual attacked behavior. In defining these, we enable automated detection of to-date stealthy attacks and also further constrain the impact of attacks stealthy to a set of combined detectors, both existing and new.

  • 8.
    Umsonst, David
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Nekouei, Ehsan
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Teixeira, A.
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    On the confidentiality of linear anomaly detector states2019In: Proceedings of the American Control Conference, Institute of Electrical and Electronics Engineers (IEEE), 2019, p. 397-403, article id 8814731Conference paper (Refereed)
    Abstract [en]

    A malicious attacker with access to the sensor channel in a feedback control system can severely affect the physical system under control, while simultaneously being hard to detect. A properly designed anomaly detector can restrict the impact of such attacks, however. Anomaly detectors with an internal state (stateful detectors) have gained popularity because they seem to be able to mitigate these attacks more than detectors without a state (stateless detectors). In the analysis of attacks against control systems with anomaly detectors, it has been assumed that the attacker has access to the detector's internal state, or designs its attack such that it is not detected regardless of the detector's state. In this paper, we show how an attacker can realize the first case by breaking the confidentiality of a stateful detector state evolving with linear dynamics, while remaining undetected and imitating the statistics of the detector under nominal conditions. The realization of the attack is posed in a convex optimization framework using the notion of Kullback-Leibler divergence. Further, the attack is designed such that the maximum mean estimation error of the Kalman filter is maximized at each time step by exploiting dual norms. A numerical example is given to illustrate the results.

  • 9.
    Umsonst, David
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Ruths, J.
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Finite Sample Guarantees for Quantile Estimation: An Application to Detector Threshold Tuning2023In: IEEE Transactions on Control Systems Technology, ISSN 1063-6536, E-ISSN 1558-0865, Vol. 31, no 2, p. 921-928Article in journal (Refereed)
    Abstract [en]

    In threshold-based anomaly detection, we want to tune the threshold of a detector to achieve an acceptable false alarm rate. However, tuning the threshold is often a non-trivial task due to unknown detector output distributions. A detector threshold that provides an acceptable false alarm rate is equivalent to a specific quantile of the detector output distribution. Therefore, we use quantile estimators based on order statistics to estimate the detector threshold. The estimation of quantiles from sample data has a more than a century-long tradition and we provide three different distribution-free finite sample guarantees for a class of quantile estimators. The first is based on the Dvoretzky-Kiefer-Wolfowitz (DKW) inequality, the second utilizes the Vysochanskij-Petunin inequality, and the third is based on exact confidence intervals for a beta distribution. These guarantees are then compared and used in the detector threshold tuning problem. We use both simulated data as well as data obtained from an experimental setup with the Temperature Control Lab to validate the guarantees provided. 

  • 10.
    Umsonst, David
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Ruths, Justin
    Univ Texas Dallas, Dept Mech Engn, 800 W Campbell Rd, Richardson, TX 75083 USA..
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Sample-based anomaly detector tuning with finite sample guarantees2021In: 2021 american control conference (ACC), Institute of Electrical and Electronics Engineers (IEEE) , 2021, p. 3248-3253Conference paper (Refereed)
    Abstract [en]

    We present a sample-based approach for tuning an anomaly detector threshold to achieve an acceptable false alarm rate without a priori knowledge of system or detector dynamics. If the distribution of the output of the detector is known, finding such a threshold can be re-interpreted as determining a specific quantile of the detector output distribution, which is the minimizer of a convex optimization problem. The sample-based approach we propose approximates the threshold from the empirical distribution. We, further, identify distribution free finite sample guarantees that give the number of samples required to ensure the false alarm rate is near the acceptable value. Finally, we numerically verify our approach on both static and dynamic anomaly detectors, where we investigate both light- and heavy-tailed distributions.

  • 11.
    Umsonst, David
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    A game-theoretic approach for choosing a detector tuning under stealthy sensor data attacks2018In: 2018 IEEE CONFERENCE ON DECISION AND CONTROL (CDC), IEEE , 2018, p. 5975-5981Conference paper (Refereed)
    Abstract [en]

    A Stackelberg game framework is presented to choose the detector tuning for a general detector class under stealthy sensor attacks. In this framework, the defender acts as a leader and chooses a detector tuning, while the attacker will follow with a stealthy attack adjusted to this tuning. The tuning chosen is optimal with respect to the cost induced by the false alarms and the attack impact. We can show that under some practical assumptions the Stackelberg game always has a solution and we state two different sufficient conditions for the uniqueness of the solution. Interestingly, these conditions show that the attack impact does not have to be a convex function. An illustrative attack scenario of a false-data injection attack shows how one can use the Stackelberg game to find the optimal detector tuning.

  • 12.
    Umsonst, David
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Experimental evaluation of sensor attacks and defense mechanisms in feedback systems2022In: Control Engineering Practice, ISSN 0967-0661, E-ISSN 1873-6939, Vol. 124, article id 105178Article in journal (Refereed)
    Abstract [en]

    We evaluate theoretical results, developed under linearity assumptions, on the feasibility of, the worst-case impact of, and defense mechanisms against a stealthy sensor attack in an experimental setup. The goal is to determine if this sensor attack poses a threat to real systems as well. We demonstrate that for a controller with stable dynamics the stealthy sensor attack is possible to conduct and the theoretical worst-case impact is close to the achieved practical one. However, although the attack should theoretically be possible when the controller has integral action, we show that the integral action slows the attacker down and the attacker is not able to remain stealthy if it has not perfect knowledge of the controller state. In addition to that, we investigate the effect of different anomaly detectors on the attack impact and our experiments indicate that the impact under detectors with internal dynamics is smaller for the considered attack objective. Finally, we demonstrate how noise injection into the controller dynamics can unveil the otherwise stealthy attacks.

  • 13.
    Umsonst, David
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    On the confidentiality of controller states under sensor attacks2021In: Automatica, ISSN 0005-1098, E-ISSN 1873-2836, Vol. 123, article id 109329Article in journal (Refereed)
    Abstract [en]

    With the emergence of cyber-attacks on control systems it has become clear that improving the security of control systems is an important task in today's society. We investigate how an attacker that has access to the measurements transmitted from the plant to the controller can perfectly estimate the internal state of the controller. This attack on sensitive information of the control loop is, on the one hand, a violation of the privacy, and, on the other hand, a violation of the security of the closed-loop system if the obtained estimate is used in a larger attack scheme. Current literature on sensor attacks often assumes that the attacker has already access to the controller's state. However, this is not always possible. We derive conditions for when the attacker is able to perfectly estimate the controller's state. These conditions show that if the controller has unstable poles a perfect estimate of the controller state is not possible. Moreover, we propose a defence mechanism to render the attack infeasible. This defence is based on adding uncertainty to the controller dynamics. We also discuss why an unstable controller is only a good defence for certain plants. Finally, simulations with a three-tank system verify our results.

  • 14.
    Umsonst, David
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    On the confidentiality of the reference signal under sensor attacks2021In: 2021 60Th Ieee Conference On Decision And Control (Cdc), Institute of Electrical and Electronics Engineers (IEEE) , 2021, p. 3468-3473Conference paper (Refereed)
    Abstract [en]

    In this paper, we investigate the confidentiality of the reference signal of a feedback system under sensor attacks. In particular, we analyze the conditions for when an attacker with perfect model knowledge and access to the sensor measurements can obtain an unbiased estimate of the reference signal in a feedback control system such that the estimate's error covariance converges to zero. We call such an estimate a perfect estimate. Under the assumption of linear dynamics for the plant, the controller, and the reference signal, we show that the attacker can perfectly estimate the reference signal if and only if the reference dynamics do not have eigenvalues outside the unit circle. This implies that an attacker is able to perfectly estimate common reference signals such as step functions and sinusoidal signals from noisy measurements. The convergence rate of the estimate is, however, not exponentially fast for common reference signals and depends on the reference signal to be estimated as well as the controller used. We verify our results numerically with a simulation of a three-tank system.

  • 15.
    Umsonst, David
    et al.
    KTH, School of Electrical Engineering (EES), Automatic Control.
    Sandberg, Henrik
    KTH, School of Electrical Engineering (EES), Automatic Control.
    Cardenas, A. A.
    Security analysis of control system anomaly detectors2017In: American Control Conference (ACC), 2017, Institute of Electrical and Electronics Engineers (IEEE), 2017, p. 5500-5506, article id 7963810Conference paper (Refereed)
    Abstract [en]

    Two anomaly detectors for control systems are analyzed with respect to their sensitivity to malicious data injection attacks. A stateless anomaly detector based on the current residual signal is compared to a cumulative sum detector. The worst-case impact of a stealthy time-limited data injection attack is characterized for both detectors by a non-convex optimization problem and compared to determine which detector limits the impact the most. We prove that the problem can be solved by means of a set of convex optimization problems. Simulations verify that finding the right configuration for the cumulative sum is crucial to limit the worst-case attack impact more than with a stateless anomaly detector.

  • 16.
    Umsonst, David
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Saritas, Serkan
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).
    A Nash equilibrium-based moving target defense against stealthy sensor attacks2020In: Proceedings of the IEEE Conference on Decision and Control, Institute of Electrical and Electronics Engineers (IEEE) , 2020, p. 3772-3778Conference paper (Refereed)
    Abstract [en]

    This paper investigates a moving target defense strategy based on detector threshold switching against stealthy sensor attacks. We model the interactions between the attacker and the defender as a game. While the attacker wants to remain stealthy and maximize its impact, the defender wants to minimize both the cost for investigating false alarms and the attack impact. We define the moving target defense as a mixed strategy Nash equilibrium and are able to formulate an equivalent finite matrix game of the original game. We provide a necessary and sufficient condition for the existence of a moving target defense strategy. A globally optimal moving target defense strategy is obtained via a linear optimization problem by exploiting the structure of the matrix game. Simulations with a four tank system verify that by applying an optimal moving target defense strategy, the defender reduces its cost compared to the optimally chosen fixed detector threshold. 

1 - 16 of 16
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf