Estimating the Impact of Cyber-Attack Strategies for Stochastic Control Systems
For control system security practitioners, this provides a computationally efficient method for risk assessment of cyber-attacks.
The paper proposes a framework for estimating the impact of various cyber-attacks on stochastic linear control systems, using two metrics: probability of critical states leaving a safety region and expected infinity norm of critical states. The first metric is reduced to convex optimization for exact solution, and a lower bound is derived for the second.
Risk assessment is an inevitable step in implementation of a cyber-defense strategy. An important part of this assessment is to reason about the impact of possible attacks. In this paper, we propose a framework for estimating the impact of cyber-attacks in stochastic linear control systems. The framework can be used to estimate the impact of denial of service, rerouting, sign alternation, replay, false data injection, and bias injection attacks. For the stealthiness constraint, we adopt the Kullback-Leibler divergence between residual sequences during the attack. Two impact metrics are considered: (1) The probability that some of the critical states leave a safety region; and (2) The expected value of the infinity norm of the critical states. For the first metric, we prove that the impact estimation problem can be reduced to a set of convex optimization problems. Thus, the exact solution can be found efficiently. For the second metric, we derive an efficient to calculate lower bound. Finally, we demonstrate how the framework can be used for risk assessment on an example.