Detection and Identification of Sensor Attacks Using Data
Takumi Shinohara, Karl H. Johansson, Henrik Sandberg
TL;DR
The paper tackles detecting and identifying sensor attacks from data alone in a model-free setting, where outputs may be malicious and system matrices are unknown. It develops two data-driven frameworks: (1) under known $l$-sparse observability, it leverages rank tests on Hankel-type data matrices to detect and pinpoint attacked sensors; (2) with partially clean output data, it exploits a clean interval and minimum excitability horizon to achieve detection/identification via rank and SVD-based residuals. Theoretical results provide sufficient rank conditions and constructive algorithms, validated by simulations on a three-inertia system showing success where ROBPCA fails. The work advances data-driven secure state estimation by enabling detection and removal of compromised data to enable subsequent control tasks.
Abstract
In this paper, we investigate data-driven attack detection and identification in a model-free setting. Unlike existing studies, we consider the case where the available output data include malicious false-data injections. We aim to detect and identify such attacks solely from the compromised data. We address this problem in two scenarios: (1) when the system operator is aware of the system's sparse observability condition, and (2) when the data are partially clean (i.e., attack-free). In both scenarios, we derive conditions and algorithms for detecting and identifying attacks using only the compromised data. Finally, we demonstrate the effectiveness of the proposed framework via numerical simulations on a three-inertia system.