Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

On the detection of the presence of malicious components in cyber-physical systems in the almost sure sense

Souvik Das, Priyanka Dey, Debasish Chatterjee

TL;DR

This work addresses the fundamental problem of almost-surely detecting malicious actuators in cyber-physical systems by introducing the separability of state trajectories between the nominal (no-attack) and attack-influenced dynamics. It formulates CPS security within Markov decision processes and develops an abstract, measure-theoretic foundation linking separator existence to mutual singularity of trajectory measures via Radon–Nikodym derivatives. For stochastic linear systems with Gaussian private excitation, it derives sufficient conditions under two policy classes (randomized history-dependent and randomized Markovian) that determine when a separator exists or not, providing both positive and negative results. The results illuminate how private excitation and network structure influence detectability, and they set the stage for future work on implementable, finite-time detection algorithms with strong theoretical guarantees. This baseline framework advances understanding of the fundamental limits of securing CPS against arbitrarily clever actuator attacks and informs design choices for watermarking-like defenses.

Abstract

This article studies a fundamental problem of security of cyber-physical systems (CPSs): that of detecting, almost surely, the presence of malicious components in the CPS. We assume that some of the actuators may be malicious while all sensors are honest. We introduce a novel idea of separability of state trajectories generated by CPSs in two situations: those under the nominal no-attack situation and those under the influence of an attacker. We establish its connection to security of CPSs in the context of detecting the presence of malicious actuators (if any) in them. As primary contributions we establish necessary and sufficient conditions for the aforementioned detection in CPSs modeled as Markov decision processes (MDPs). Moreover, we focus on the mechanism of perturbing the pre-determined control policies of the honest agents in CPSs modeled as stochastic linear systems, by injecting a certain class of random process called private excitation; sufficient conditions for detectability and non-detectability of the presence of malicious actuators assuming that the policies are randomized history dependent and randomized Markovian, are established. Several technical aspects of our results are discussed extensively.

On the detection of the presence of malicious components in cyber-physical systems in the almost sure sense

TL;DR

This work addresses the fundamental problem of almost-surely detecting malicious actuators in cyber-physical systems by introducing the separability of state trajectories between the nominal (no-attack) and attack-influenced dynamics. It formulates CPS security within Markov decision processes and develops an abstract, measure-theoretic foundation linking separator existence to mutual singularity of trajectory measures via Radon–Nikodym derivatives. For stochastic linear systems with Gaussian private excitation, it derives sufficient conditions under two policy classes (randomized history-dependent and randomized Markovian) that determine when a separator exists or not, providing both positive and negative results. The results illuminate how private excitation and network structure influence detectability, and they set the stage for future work on implementable, finite-time detection algorithms with strong theoretical guarantees. This baseline framework advances understanding of the fundamental limits of securing CPS against arbitrarily clever actuator attacks and informs design choices for watermarking-like defenses.

Abstract

This article studies a fundamental problem of security of cyber-physical systems (CPSs): that of detecting, almost surely, the presence of malicious components in the CPS. We assume that some of the actuators may be malicious while all sensors are honest. We introduce a novel idea of separability of state trajectories generated by CPSs in two situations: those under the nominal no-attack situation and those under the influence of an attacker. We establish its connection to security of CPSs in the context of detecting the presence of malicious actuators (if any) in them. As primary contributions we establish necessary and sufficient conditions for the aforementioned detection in CPSs modeled as Markov decision processes (MDPs). Moreover, we focus on the mechanism of perturbing the pre-determined control policies of the honest agents in CPSs modeled as stochastic linear systems, by injecting a certain class of random process called private excitation; sufficient conditions for detectability and non-detectability of the presence of malicious actuators assuming that the policies are randomized history dependent and randomized Markovian, are established. Several technical aspects of our results are discussed extensively.
Paper Structure (18 sections, 62 equations, 1 figure, 1 table)

This paper contains 18 sections, 62 equations, 1 figure, 1 table.

Table of Contents

  1. Introduction
  2. Separability of state trajectories in a general context
  3. The setting of Markov decision processes (MDPs)
  4. The concept of separability
  5. Chief observation
  6. Sufficient conditions for the (non)existence of a separator
  7. System description
  8. Attack description
  9. Sufficient conditions for (non)separability under $\Pi_{\mathsf{RH}}$
  10. Sufficient conditions for (non)separability under $\Pi_{\mathsf{RM}}$
  11. Examples
  12. Discussion
  13. Conclusions and future work
  14. Existence of the measure $\mathsf{P}^{\pi}_{\nu}$ and $\mathsf{P}^{\breve{\pi}}_{\nu}$
  15. Proofs
  16. ...and 3 more sections

Figures (1)

  • Figure 1: Diagram of the attack prone components corresponding to agent $i$.

Theorems & Definitions (2)

  • Example 1: Effect of the network structure
  • Example 2: Choice of the private excitation