Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Peak Bounds for the Estimation Error under Sensor Attacks

Axel Stafström, Daniel Arnström, Adam Miksits, David Umsonst

TL;DR

The paper addresses estimation-error bounding for linear plants under norm-bounded disturbances and sensor attacks by employing induced peak-to-peak norms to compare nominal and attacked bounds. It introduces attack-robustness as a property where the attacked-error bound does not exceed the nominal bound and provides a sufficient condition that is independent of the attack strategy. To mitigate potential degradation, it proposes an observer-design framework based on $ H_{ fty}$ optimization to jointly bound nominal and attacked errors, yielding a Pareto frontier controlled by a scalarization parameter and compatible with offline design. The detector-threshold interplay is analyzed, showing how allowing some false alarms can improve safety guarantees under attack. Numeric experiments with robust-CBF safety filters and a range of random systems validate the approach and demonstrate improved resistance to sensor attacks and actionable guidance on threshold selection.

Abstract

This paper investigates bounds on the estimation error of a linear system affected by norm-bounded disturbances and full sensor attacks. The system is equipped with a detector that evaluates the norm of the innovation signal to detect faults, and the attacker wants to avoid detection. We utilize induced $L_\infty$ system norms, also called \emph{peak-to-peak} norms, to compare the estimation error bounds under nominal operations and under attack. This leads to a sufficient condition for when the bound on the estimation error is smaller during an attack than during nominal operation. This condition is independent of the attack strategy and depends only on the attacker's desire to remain undetected and (indirectly) the observer gain. Therefore, we investigate both an observer design method, that seeks to reduce the error bound under attack while keeping the nominal error bound low, and detector threshold tuning. As a numerical illustration, we show how a sensor attack can deactivate a robust safety filter based on control barrier functions if the attacked error bound is larger than the nominal one. We also statistically evaluate our observer design method and the effect of the detector threshold.

Peak Bounds for the Estimation Error under Sensor Attacks

TL;DR

The paper addresses estimation-error bounding for linear plants under norm-bounded disturbances and sensor attacks by employing induced peak-to-peak norms to compare nominal and attacked bounds. It introduces attack-robustness as a property where the attacked-error bound does not exceed the nominal bound and provides a sufficient condition that is independent of the attack strategy. To mitigate potential degradation, it proposes an observer-design framework based on optimization to jointly bound nominal and attacked errors, yielding a Pareto frontier controlled by a scalarization parameter and compatible with offline design. The detector-threshold interplay is analyzed, showing how allowing some false alarms can improve safety guarantees under attack. Numeric experiments with robust-CBF safety filters and a range of random systems validate the approach and demonstrate improved resistance to sensor attacks and actionable guidance on threshold selection.

Abstract

This paper investigates bounds on the estimation error of a linear system affected by norm-bounded disturbances and full sensor attacks. The system is equipped with a detector that evaluates the norm of the innovation signal to detect faults, and the attacker wants to avoid detection. We utilize induced system norms, also called \emph{peak-to-peak} norms, to compare the estimation error bounds under nominal operations and under attack. This leads to a sufficient condition for when the bound on the estimation error is smaller during an attack than during nominal operation. This condition is independent of the attack strategy and depends only on the attacker's desire to remain undetected and (indirectly) the observer gain. Therefore, we investigate both an observer design method, that seeks to reduce the error bound under attack while keeping the nominal error bound low, and detector threshold tuning. As a numerical illustration, we show how a sensor attack can deactivate a robust safety filter based on control barrier functions if the attacked error bound is larger than the nominal one. We also statistically evaluate our observer design method and the effect of the detector threshold.
Paper Structure (10 sections, 4 theorems, 26 equations, 3 figures, 1 table)

This paper contains 10 sections, 4 theorems, 26 equations, 3 figures, 1 table.

Table of Contents

  1. Introduction
  2. System norms
  3. Problem Formulation
  4. Analysis of the attacked error bound
  5. Attack-robust observer design
  6. Numerical Experiments
  7. Illustrative examples
  8. Observer design
  9. Influence of the detector threshold
  10. Conclusions

Key Result

Lemma 1

Let $f$, $g$, and $h$ be impulse responses of appropriate dimensions, $\left\lVert f\right\rVert_{1,q}<\infty$, $\left\lVert g\right\rVert_{1,q}<\infty$, ${\left\lVert h\right\rVert_{1,q}<\infty}$, and $x(t)$ be a signal of appropriate dimension with ${\left\lvert x(t)\right\rvert_q<\infty}$, where

Figures (3)

  • Figure 1: Trajectories for the system under nominal conditions and under attack. The red line shows the boundary of the safe set and the dotted lines show the boundaries of the sets where the robust CBFs assume the true state to be.
  • Figure 2: Error bounds for Kalman filters and observers designed according to \ref{['eq:FloatingDiffOptimisation']} for 100 randomly generated systems.
  • Figure 3: Empirical median false alarm rate based on 1000 randomly generated systems equipped with a Kalman observer or our observer with $\beta=100$. The shaded area indicates the $90\%$ confidence interval of the empirical false alarm rates.

Theorems & Definitions (12)

  • Definition 1: $L_\infty$ norm
  • Definition 2
  • Lemma 1
  • Definition 3
  • Proposition 1
  • proof
  • Remark 1
  • Theorem 1
  • proof
  • Corollary 1
  • ...and 2 more