Maximization of Damage from a Non-Detected Cyber-Attack to a Control System with an Invariant-Set-Based Protection

The paper elaborates a cyber-attack on a control system that is realized as a distortion of its feedback signal. The control system has an implemented detection of this type of cyber-attack by means of a minimum robust positively invariant set computed for the closed-loop control system for the case of bounded measurement noise. The work explores how to maximize the damage to the control system from the side of a well-informed attacker that tries to remain non-discovered by the implemented detection system. The information obtained through this analysis is crucial to assess the effectiveness of the analyzed detection system in suppressing potential damages of the considered cyber-attack type. It gives an insight into how large the damage can be in the worst case with the implemented protection scheme. A demonstration is performed on a simple double-integrator process and an important conclusion is that even the fully-informed attacker cannot perform significant damage while remaining below the radar of the invariant-set-based cyber-threat detection.

Automated summary

The paper discusses a cyber-attack on a control system realized through distorting its feedback signal, and introduces a method for detecting this type of attack. The study investigates the extent of damage to the control system caused by a well-informed attacker trying to remain undetected. A demonstration on a simple double-integrator process shows that the invariant-set-based cyber-threat detection system can prevent significant damage even from a fully-informed attacker.