报告题目：On the Performance Analysis of Reset Attack and Time Synchronization Attack in Cyber-Physical Systems
Bio: Yuqing Ni was born in Jiangsu, China, in 1994. She received the B.Eng. degree (Hons.) from the College of Control Science and Engineering, Zhejiang University, Hangzhou, China, in 2016. She is currently pursuing the Ph.D. degree in Electronic and Computer Engineering at the Hong Kong University of Science and Technology. Her research interests include cyber-physical system security and privacy, state estimation and hypothesis testing.
Abstract: Cyber-physical systems (CPSs) integrate physical processes, communication networks, computational elements and control systems, which has many applications including power grids, water and gas supply systems, and habitat and environment monitoring. The vulnerability of the cyber-components, however, exposes physical processes to many cyber threats and malicious attacks. Some recent works on security issues in remote state estimation in the context of cyber-physical systems will be presented.
First, from the attacker’s perspective, we investigate the impact of reset attacks. For the basic reset attack which only injects a constant to the state estimate without knowing the system parameters, we provide a sufficient and necessary condition under which the adversary cannot destabilize the systems. For advanced reset attacks, depending on the goals of the adversary, we further categorize advanced reset attacks into Type-I advanced reset attack, where the adversary aims to drive the system estimation error to infinity, and Type-II advanced reset attack, where the adversary aims to drive the system state to some other target states. A sufficient and necessary condition is presented for the existence of Type-I advanced reset attack. A closed-form optimal Type-II advanced reset attack is obtained by dynamic programming.
Second, from the system’s perspective, a countermeasure to time synchronization attacks against multi-system scheduling in a remote state estimation scenario is proposed by constructing shift invariant transmission policies, where a number of sensors monitor different linear dynamical processes and schedule their transmissions through a shared collision channel. Since we can show that by randomly injecting relative time offsets on the sensors, the malicious attacker is able to make the expected estimation error covariance of the overall system diverge without any system knowledge, this countermeasure is significant to the resilience of the estimation. The lower and upper bounds for system estimation performance is characterized when shift invariant transmission policies are adopted.