学术文献库

Recent high-profile incidents have exposed security risks in control systems. Particularly important and safety-critical modules for security analysis are estimation and control (E&C). Prior works have analyzed the security of E&C for linear, time-invariant systems; however, there are few analyses of nonlinear systems despite their broad use. In an effort to facilitate identifying vulnerabilities in control systems, in this work we establish a class of optimal attacks on nonlinear E&C. Specifically, we define two attack objectives and illustrate that realizing the optimal attacks against the widely-adopted extended Kalman filter with industry-standard $χ^2$ anomaly detection is equivalent to solving convex quadratically-constrained quadratic programs. Given an appropriate information model for the attacker (i.e.,~a specified amount of attacker knowledge), we provide practical relaxations on the optimal attacks to allow for their computation at runtime. We also show that the difference between the optimal and relaxed attacks is bounded. Finally, we illustrate the use of the introduced attack designs on a case-study.