Data-Driven Attack Detection for Linear Systems
It addresses attack detection for linear systems in a model-free setting, which is incremental by extending security analysis to data-driven approaches without system identification.
This paper tackles the problem of detecting attacks in linear systems without prior knowledge of system dynamics, attack strategies, or locations, deriving fundamental security limitations based solely on observed data. It shows that data-driven and model-based techniques share the same limitations when data is sufficiently informative, and provides a data-driven detection monitor.
This paper studies the attack detection problem in a data-driven and model-free setting, for deterministic systems with linear and time-invariant dynamics. Differently from existing studies that leverage knowledge of the system dynamics to derive security bounds and monitoring schemes, we focus on the case where the system dynamics, as well as the attack strategy and attack location, are unknown. We derive fundamental security limitations as a function of only the observed data and without estimating the system dynamics (in fact, no assumption is made on the identifiability of the system). In particular, (i) we derive detection limitations as a function of the informativity and length of the observed data, (ii) provide a data-driven characterization of undetectable attacks, and (iii) construct a data-driven detection monitor. Surprisingly, and in accordance with recent studies on data-driven control, our results show that model-based and data-driven security techniques share the same fundamental limitations, provided that the collected data remains sufficiently informative.