Privacy and Security in Network Controlled Systems via Dynamic Masking

TL;DR

It is shown that it is possible to introduce significant bias in the system estimates of the adversary to provide privacy of the system parameters, and efficiently detect attacks when the adversary performs a ZDA using the identified system: thus providing security.

Abstract

In this paper, we propose a new architecture to enhance the privacy and security of networked control systems against malicious adversaries. We consider an adversary which first learns the system dynamics (privacy) using system identification techniques, and then performs a data injection attack (security). In particular, we consider an adversary conducting zero-dynamics attacks (ZDA) which maximizes the performance cost of the system whilst staying undetected. However, using the proposed architecture, we show that it is possible to (i) introduce significant bias in the system estimates of the adversary: thus providing privacy of the system parameters, and (ii) efficiently detect attacks when the adversary performs a ZDA using the identified system: thus providing security. Through numerical simulations, we illustrate the efficacy of the proposed architecture.

Figures (6)

• Figure 1: Proposed dynamic masking architecture. Here $z$ represents the $Z-$transform operator. $D1$ and $D2$ represent the two possible locations of the detector. The arbitrary system $S(z)$ in the dotted box is the plant seen by the adversary.
• Figure 2: Architecture believed by the adversary.
• Figure 3: Comparison of the collected data $w_k$ with the response of $\hat{S}$ to $u_k$.
• Figure 4: Singular values of $G,S$ and $\hat{S}$ along the unit circle.
• Figure 5: Performance of ZDA on $S(z)$