Sequential Detection of Deception Attacks in Networked Control Systems with Watermarking

• Published in: 2019 18th European Control Conference (ECC) pp. 883 - 890
• Main Authors: Salimi, Somayeh, Dey, Subhrakanti, Ahlen, Anders
• Format: Conference Proceeding
• Language: English
• Published: EUCA 01.06.2019
• DOI: 10.23919/ECC.2019.8796303

In this paper, we investigate the role of a physical watermarking signal in quickest detection of a deception attack in a scalar linear control system where the sensor measurements can be replaced by an arbitrary stationary signal generated by an attacker. By adding a random watermarking signal to the control action, the controller designs a sequential test based on a Cumulative Sum (CUSUM) method that accumulates the log-likelihood ratio of the joint distribution of the residue and the watermarking signal (under attack) and the joint distribution of the innovations and the watermarking signal under no attack. As the average detection delay in such tests is asymptotically (as the false alarm rate goes to zero) upper bounded by a quantity inversely proportional to the Kullback-Leibler divergence(KLD) measure between the two joint distributions mentioned above, we analyze the effect of the watermarking signal variance on the above KLD. We also analyze the increase in the LQG control cost due to the watermarking signal, and show that there is a tradeoff between quick detection of attacks and the penalty in the control cost. It is shown that by considering a sequential detection test based on the joint distributions of residue/innovations and the watermarking signal, as opposed to the distributions of the residue/innovations only, we can achieve a higher KLD, thus resulting in a reduced average detection delay. We also present some new structural results involving the associated KLD and its behaviour with respect to the attacker's signal power and the watermarking signal power. These somewhat non-intuitive structural results can be used by either the attacker to choose their power to minimize the KLD, and/or by the system designer to choose its watermarking signal variance appropriately to increase the KLD. Numerical results are provided to support our claims.