Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Path Integral Methods for Synthesizing and Preventing Stealthy Attacks in Nonlinear Cyber-Physical Systems

Apurva Patil, Kyle Morgenstein, Luis Sentis, Takashi Tanaka

TL;DR

The paper addresses stealthy attacks in nonlinear cyber-physical systems by quantifying stealth via the KL divergence $D(P\|Q)$ and formulating two problems: (i) synthesis of worst-case stealthy attacks with a fixed controller and (ii) a minimax KL control framework to counteract such attacks. It develops a path-integral control framework enabling simulator-based, real-time computation of attack policies and saddle-point defenses without explicit system models, leveraging Monte Carlo sampling and the Cole–Hopf transformation to linearize value functions. The work reveals equivalences between the minimax KL control problem, risk-sensitive control, and two-player zero-sum stochastic differential games under structural assumptions, and provides algorithms for both attack synthesis and mitigation. Numerical experiments on unicycle navigation and cruise control demonstrate that an attacker can covertly degrade performance while remaining undetected, while a risk-aware controller can adapt policies to prevent crashes; the approach is scalable to nonlinear CPS and compatible with digital-twin paradigms. These results offer a practical, simulator-driven framework for designing robust defenses against stealthy CPS attacks with potential impact on security-critical applications.

Abstract

This paper studies the synthesis and mitigation of stealthy attacks in nonlinear cyber-physical systems (CPS). To quantify stealthiness, we employ the Kullback-Leibler (KL) divergence, a measure rooted in hypothesis testing and detection theory, which captures the trade-off between an attacker's desire to remain stealthy and her goal of degrading system performance. First, we synthesize the worst-case stealthy attack in nonlinear CPS using the path integral approach. Second, we consider how a controller can mitigate the impact of such stealthy attacks by formulating a minimax KL control problem, yielding a zero-sum game between the attacker and the controller. Again, we leverage a path integral-based solution that computes saddle-point policies for both players through Monte Carlo simulations. We validate our approach using unicycle navigation and cruise control problems, demonstrating how an attacker can covertly drive the system into unsafe regions, and how the controller can adapt her policy to combat the worst-case attacks.

Path Integral Methods for Synthesizing and Preventing Stealthy Attacks in Nonlinear Cyber-Physical Systems

TL;DR

The paper addresses stealthy attacks in nonlinear cyber-physical systems by quantifying stealth via the KL divergence and formulating two problems: (i) synthesis of worst-case stealthy attacks with a fixed controller and (ii) a minimax KL control framework to counteract such attacks. It develops a path-integral control framework enabling simulator-based, real-time computation of attack policies and saddle-point defenses without explicit system models, leveraging Monte Carlo sampling and the Cole–Hopf transformation to linearize value functions. The work reveals equivalences between the minimax KL control problem, risk-sensitive control, and two-player zero-sum stochastic differential games under structural assumptions, and provides algorithms for both attack synthesis and mitigation. Numerical experiments on unicycle navigation and cruise control demonstrate that an attacker can covertly degrade performance while remaining undetected, while a risk-aware controller can adapt policies to prevent crashes; the approach is scalable to nonlinear CPS and compatible with digital-twin paradigms. These results offer a practical, simulator-driven framework for designing robust defenses against stealthy CPS attacks with potential impact on security-critical applications.

Abstract

This paper studies the synthesis and mitigation of stealthy attacks in nonlinear cyber-physical systems (CPS). To quantify stealthiness, we employ the Kullback-Leibler (KL) divergence, a measure rooted in hypothesis testing and detection theory, which captures the trade-off between an attacker's desire to remain stealthy and her goal of degrading system performance. First, we synthesize the worst-case stealthy attack in nonlinear CPS using the path integral approach. Second, we consider how a controller can mitigate the impact of such stealthy attacks by formulating a minimax KL control problem, yielding a zero-sum game between the attacker and the controller. Again, we leverage a path integral-based solution that computes saddle-point policies for both players through Monte Carlo simulations. We validate our approach using unicycle navigation and cruise control problems, demonstrating how an attacker can covertly drive the system into unsafe regions, and how the controller can adapt her policy to combat the worst-case attacks.

Paper Structure

This paper contains 23 sections, 73 equations, 7 figures.

Table of Contents

  1. Introduction
  2. Preliminaries
  3. Notation
  4. System Setup
  5. Controller
  6. Attacker
  7. KL Divergence as a Stealthiness Measure
  8. Problem Formulation
  9. Stealthy Attack Synthesis
  10. Attack Risk Mitigation
  11. Stealthy Attack Synthesis via Path Integral Approach
  12. Attack Risk Mitigation
  13. Connections with Risk-Sensitive Control and Two-Player Zero-Sum Stochastic Differential Game
  14. Risk-Sensitive Control via Path Integral Approach
  15. Two-Player Zero-Sum Stochastic Differential Game via Path Integral Approach
  16. ...and 8 more sections

Figures (7)

  • Figure 1: Attacker vs controller/detector.
  • Figure 2: Error bounds and achievable region (shown in yellow).
  • Figure 3: Connections between minimax KL control, risk-sensitive control, and two-player stochastic differential game
  • Figure 4: A unicycle navigation problem. $100$ sample paths generated without the attacker and with the attacker for two values of $\lambda$ are shown. The probability of crashed paths $P^{\text{crash}}$ are noted below each case.
  • Figure 5: Cruise control problem. A magenta dot on the left shows the start position, and the finish line is shown on the right (centered Y-intersection of the flag). $100$ sample paths generated without the attacker and with the attacker for two values of $\lambda$ are shown. The probability of crashed paths $P^{\text{crash}}$ are noted below each case.
  • ...and 2 more figures

Theorems & Definitions (4)

  • proof
  • proof
  • proof
  • proof