Anh Tung Nguyen

Sribalaji C. Anand, Anh Tung Nguyen, George J. Pappas

This paper addresses the problem of attack detection in cyber-physical systems without any knowledge of the plant model or its structure. A remotely located plant transmits sensor measurements to an operator over a network that is assumed to be under attack. We consider two classes of attacks: model-free replay attacks and model-based stealthy attacks. For the latter, we derive closed-form expressions for the optimal stealthy attack policy against a $χ^2$ detector, for both linear and nonlinear systems. We then propose a model-structure-free detector based on TimesFM, a time-series foundation model developed by Google Research, which serves as a surrogate residual generator operating in a zero-shot fashion. We show empirically that the TimesFM-based detector achieves a comparable or superior attack detection performance. The efficacy of the proposed approach is demonstrated numerically on the IEEE 14-bus power system. We also demonstrate that TimesFM predictions can serve as a substitute for corrupted measurements, a practical mitigation technique when classical redundancy assumptions fail.

Zishuo Li, Anh Tung Nguyen, André M. H. Teixeira et al.

This paper addresses the secure state estimation problem for continuous linear time-invariant systems with non-periodic and asynchronous sampled measurements, where the sensors need to transmit not only measurements but also sampling time-stamps to the fusion center. This measurement and communication setup is well-suited for operating large-scale control systems and, at the same time, introduces new vulnerabilities that can be exploited by adversaries through (i) manipulation of measurements, (ii) manipulation of time-stamps, (iii) elimination of measurements, (iv) generation of completely new false measurements, or a combination of these attacks. To mitigate these attacks, we propose a decentralized estimation algorithm in which each sensor maintains its local state estimate asynchronously based on its measurements. The local states are synchronized through time prediction and fused after time-stamp alignment. In the absence of attacks, state estimates are proven to recover the optimal Kalman estimates by solving a weighted least square problem. In the presence of attacks, solving this weighted least square problem with the aid of $\ell_1$ regularization provides secure state estimates with uniformly bounded error under an observability redundancy assumption. The effectiveness of the proposed algorithm is demonstrated using a benchmark example of the IEEE 14-bus system.

Anh Tung Nguyen, Andreas Hertzberg, André MH Teixeira

This paper addresses the security allocation problem within networked control systems, which consist of multiple interconnected control systems under the influence of two opposing agents: a defender and a malicious adversary. The adversary aims to maximize the worst-case attack impact on system performance while remaining undetected by launching stealthy data injection attacks on one or several interconnected control systems. Conversely, the defender's objective is to allocate security resources to detect and mitigate these worst-case attacks. A novel centrality-based approach is proposed to guide the allocation of security resources to the most connected or influential subsystems within the network. The methodology involves comparing the worst-case attack impact for both the optimal and centrality-based security allocation solutions. The results demonstrate that the centrality measure approach enables significantly faster allocation of security resources with acceptable levels of performance loss compared to the optimal solution, making it suitable for large-scale networks. The proposed method is validated through numerical examples using Erdos-Renyi graphs.