A journal of IEEE and CAA , publishes high-quality papers in English on original theoretical/experimental research and development in all areas of automation
Volume 11 Issue 4
Apr.  2024

IEEE/CAA Journal of Automatica Sinica

  • JCR Impact Factor: 11.8, Top 4% (SCI Q1)
    CiteScore: 17.6, Top 3% (Q1)
    Google Scholar h5-index: 77, TOP 5
Turn off MathJax
Article Contents
J. Zhou, J. Shang, and  T. Chen,  “Cybersecurity landscape on remote state estimation: A comprehensive review,” IEEE/CAA J. Autom. Sinica, vol. 11, no. 4, pp. 851–865, Apr. 2024. doi: 10.1109/JAS.2024.124257
Citation: J. Zhou, J. Shang, and  T. Chen,  “Cybersecurity landscape on remote state estimation: A comprehensive review,” IEEE/CAA J. Autom. Sinica, vol. 11, no. 4, pp. 851–865, Apr. 2024. doi: 10.1109/JAS.2024.124257

Cybersecurity Landscape on Remote State Estimation: A Comprehensive Review

doi: 10.1109/JAS.2024.124257
Funds:  This work was supported by the Natural Sciences and Engineering Research Council (NSERC) of Canada
More Information
  • Cyber-physical systems (CPSs) have emerged as an essential area of research in the last decade, providing a new paradigm for the integration of computational and physical units in modern control systems. Remote state estimation (RSE) is an indispensable functional module of CPSs. Recently, it has been demonstrated that malicious agents can manipulate data packets transmitted through unreliable channels of RSE, leading to severe estimation performance degradation. This paper aims to present an overview of recent advances in cyber-attacks and defensive countermeasures, with a specific focus on integrity attacks against RSE. Firstly, two representative frameworks for the synthesis of optimal deception attacks with various performance metrics and stealthiness constraints are discussed, which provide a deeper insight into the vulnerabilities of RSE. Secondly, a detailed review of typical attack detection and resilient estimation algorithms is included, illustrating the latest defensive measures safeguarding RSE from adversaries. Thirdly, some prevalent attacks impairing the confidentiality and data availability of RSE are examined from both attackers’ and defenders’ perspectives. Finally, several challenges and open problems are presented to inspire further exploration and future research in this field.

     

  • loading
  • [1]
    Y. Liu, P. Ning, and M. K. Reiter, “False data injection attacks against state estimation in electric power grids,” ACM Trans. Inf. Syst. Secur., vol. 14, no. 1, p. 13, May 2011.
    [2]
    S. Amin, X. Litrico, S. Sastry, and A. M. Bayen, “Cyber security of water SCADA systems–Part I: Analysis and experimentation of stealthy deception attacks,” IEEE Trans. Control Syst. Technol., vol. 21, no. 5, pp. 1963–1970, Sept. 2013. doi: 10.1109/TCST.2012.2211873
    [3]
    M. Xie, D. Ding, X. Ge, Q.-L. Han, H. Dong, and Y. Song, “Distributed platooning control of automated vehicles subject to replay attacks based on proportional integral observers,” IEEE/CAA J. Autom. Sinica, 2022. DOI: 10.1109/JAS.2022.105941
    [4]
    N. Dey, A. S. Ashour, F. Shi, S. J. Fong, and J. M. R. S. Tavares, “Medical cyber-physical systems: A survey,” J. Med. Syst., vol. 42, no. 4, p. 74, Apr. 2018. doi: 10.1007/s10916-018-0921-x
    [5]
    R. Langner, “StuxNet: Dissecting a cyberwarfare weapon,” IEEE Secur. Priv., vol. 9, no. 3, pp. 49–51, May–Jun. 2011. doi: 10.1109/MSP.2011.67
    [6]
    G. Liang, S. R. Weller, J. Zhao, F. Luo, and Z. Y. Dong, “The 2015 Ukraine blackout: Implications for false data injection attacks,” IEEE Trans. Power Syst., vol. 32, no. 4, pp. 3317–3318, Jul. 2017. doi: 10.1109/TPWRS.2016.2631891
    [7]
    Z. Wang, B. Zhao, and R. S. Blum, “An overview of cybersecurity for natural gas networks: Attacks, attack assessment, and attack detection,” in Security in Cyber-Physical Systems: Foundations and Applications, A. I. Awad, S. Furnell, M. Paprzycki, and S. K. Sharma, Eds. Cham, Germany: Springer, 2021, pp. 255–285.
    [8]
    A. Teixeira, I. Shames, H. Sandberg, and K. H. Johansson, “A secure control framework for resource-limited adversaries,” Automatica, vol. 51, pp. 135–148, Jan. 2015. doi: 10.1016/j.automatica.2014.10.067
    [9]
    S. M. Dibaji, M. Pirani, D. B. Flamholz, A. M. Annaswamy, K. H. Johansson, and A. Chakrabortty, “A systems and control perspective of CPS security,” Annu. Rev. Control, vol. 47, pp. 394–411, Jan. 2019. doi: 10.1016/j.arcontrol.2019.04.011
    [10]
    Y. Suo, R. Chai, S. Chai, I. M. D. Farhan, Y. Xia, and G.-P. Liu, “Attack detection and secure state estimation of collectively observable cyber-physical systems under false data injection attacks,” IEEE Trans. Automat. Control, 2023. DOI: 10.1109/TAC.2023.3316160
    [11]
    Y. Li, S. Zhu, C. Chen, and X. Guan, “Optimal denial-of-service attack strategy on state estimation over infinite-time horizon,” IEEE Trans. Circuits Syst. II: Express Briefs, vol. 68, no. 8, pp. 2860–2864, Aug. 2021.
    [12]
    G. K. Befekadu, V. Gupta, and P. J. Antsaklis, “Risk-sensitive control under Markov modulated denial-of-service (DoS) attack strategies,” IEEE Trans. Automat. Control, vol. 60, no. 12, pp. 3299–3304, Dec. 2015. doi: 10.1109/TAC.2015.2416926
    [13]
    R. Zhang and P. Venkitasubramaniam, “Stealthy control signal attacks in linear quadratic Gaussian control systems: Detectability reward tradeoff,” IEEE Trans. Inf. Forensics Secur., vol. 12, no. 7, pp. 1555–1570, Jul. 2017. doi: 10.1109/TIFS.2017.2668220
    [14]
    C.-Z. Bai, V. Gupta, and F. Pasqualetti, “On Kalman filtering with compromised sensors: Attack stealthiness and performance bounds,” IEEE Trans. Automat. Control, vol. 62, no. 12, pp. 6641–6648, Dec. 2017. doi: 10.1109/TAC.2017.2714903
    [15]
    Y. Mo and B. Sinopoli, “False data injection attacks in control systems,” in Proc. 1st Workshop on Secure Control Systems, Stockholm, Sweden, 2010, pp. 1–6.
    [16]
    T. M. Hoang, H. Q. Ngo, T. Q. Duong, H. D. Tuan, and A. Marshall, “Cell-free massive MIMO networks: Optimal power control against active eavesdropping,” IEEE Trans. Commun., vol. 66, no. 10, pp. 4724–4737, Oct. 2018. doi: 10.1109/TCOMM.2018.2837132
    [17]
    H. Fang, L. Xu, Y. Zou, X. Wang, and K. K. R. Choo, “Three-stage Stackelberg game for defending against full-duplex active eavesdropping attacks in cooperative communication,” IEEE Trans. Veh. Technol., vol. 67, no. 11, pp. 10788–10799, Nov. 2018. doi: 10.1109/TVT.2018.2868900
    [18]
    Y. Z. Lun, A. D’Innocenzo, I. Malavolta, and M. D. Di Benedetto, “Cyber-physical systems security: A systematic mapping study,” arXiv preprint arXiv: 1605.09641, 2016.
    [19]
    T. Macaulay and B. L. Singer, Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS. Boca Raton, USA: CRC Press, 2012.
    [20]
    F. Pasqualetti, F. Dörfler, and F. Bullo, “Attack detection and identification in cyber-physical systems,” IEEE Trans. Automat. Control, vol. 58, no. 11, pp. 2715–2729, Nov. 2013. doi: 10.1109/TAC.2013.2266831
    [21]
    M. B. Salem, S. Hershkop, and S. J. Stolfo, “A survey of insider attack detection research,” in Insider Attack and Cyber Security: Beyond the Hacker, S. J. Stolfo, S. M. Bellovin, A. D. Keromytis, S. Hershkop, S. W. Smith, and S. Sinclair, Eds. New York, USA: Springer, 2008, pp. 69–90.
    [22]
    Z. Guo, D. Shi, K. H. Johansson, and L. Shi, “Optimal linear cyber-attack on remote state estimation,” IEEE Trans. Control Netw. Syst., vol. 4, no. 1, pp. 4–13, Mar. 2017. doi: 10.1109/TCNS.2016.2570003
    [23]
    J. Zhou, Y. Luo, Y. Liu, and W. Yang, “Eavesdropping strategies for remote state estimation under communication constraints,” IEEE Trans. Inf. Forensics Secur., vol. 18, pp. 2250–2261, Apr. 2023. doi: 10.1109/TIFS.2023.3265343
    [24]
    S. X. Ding, Model-Based Fault Diagnosis Techniques: Design Schemes, Algorithms, and Tools. Berlin, Germany: Springer, 2008.
    [25]
    Y. Liu and G.-H. Yang, “Event-triggered distributed state estimation for cyber-physical systems under DoS attacks,” IEEE Trans. Cybern., vol. 52, no. 5, pp. 3620–3631, May 2022. doi: 10.1109/TCYB.2020.3015507
    [26]
    X. Zhao, L. Liu, M. V. Basin, and Z. Fei, “Event-triggered reverse attacks on remote state estimation,” IEEE Trans. Automat. Control, 2023. DOI: 10.1109/TAC.2023.3273811
    [27]
    P. Cheng, Z. Yang, J. Chen, Y. Qi, and L. Shi, “An event-based stealthy attack on remote state estimation,” IEEE Trans. Automat. Control, vol. 65, no. 10, pp. 4348–4355, Oct. 2020. doi: 10.1109/TAC.2019.2956021
    [28]
    H. Song, H. Yao, P. Shi, D. Zhang, and L. Yu, “Distributed secure state estimation of multi-sensor systems subject to two-channel hybrid attacks,” IEEE Trans. Signal Inf. Process. Netw., vol. 8, pp. 1049–1058, 2022.
    [29]
    W. Yang, Y. Zhang, G. Chen, C. Yang, and L. Shi, “Distributed filtering under false data injection attacks,” Automatica, vol. 102, pp. 34–44, Apr. 2019. doi: 10.1016/j.automatica.2018.12.027
    [30]
    M. Niu, G. Wen, Y. Lv, and G. Chen, “Innovation-based stealthy attack against distributed state estimation over sensor networks,” Automatica, vol. 152, p. 110962, Jun. 2023. doi: 10.1016/j.automatica.2023.110962
    [31]
    Y. Li, L. Shi, and T. Chen, “Detection against linear deception attacks on multi-sensor remote state estimation,” IEEE Trans. Control Netw. Syst., vol. 5, no. 3, pp. 846–856, Sept. 2018. doi: 10.1109/TCNS.2017.2648508
    [32]
    Y. Li, Y. Yang, Z. Zhao, J. Zhou, and D. E. Quevedo, “Deception attacks on remote estimation with disclosure and disruption resources,” IEEE Trans. Automat. Control, vol. 68, no. 7, pp. 4096–4112, Jul. 2023.
    [33]
    J. Liu, W. Suo, L. Zha, E. Tian, and X. Xie, “Security distributed state estimation for nonlinear networked systems against DoS attacks,” Int. J. Robust Nonlinear Control, vol. 30, no. 3, pp. 1156–1180, Feb. 2020. doi: 10.1002/rnc.4815
    [34]
    J. Liu, T. Yin, M. Shen, X. Xie, and J. Cao, “State estimation for cyber-physical systems with limited communication resources, sensor saturation and denial-of-service attacks,” ISA Trans., vol. 104, pp. 101–114, Sept. 2020. doi: 10.1016/j.isatra.2018.12.032
    [35]
    J. Zhou, J. Shang, and T. Chen, “On information fusion in optimal linear FDI attacks against remote state estimation,” IEEE Trans. Control Netw. Syst., vol. 10, no. 4, pp. 2085–2096, Dec. 2023. doi: 10.1109/TCNS.2023.3260041
    [36]
    Y. Li, L. Shi, P. Cheng, J. Chen, and D. E. Quevedo, “Jamming attacks on remote state estimation in cyber-physical systems: A game-theoretic approach,” IEEE Trans. Automat. Control, vol. 60, no. 10, pp. 2831–2836, Oct. 2015. doi: 10.1109/TAC.2015.2461851
    [37]
    Y. Li, D. E. Quevedo, S. Dey, and L. Shi, “SINR-based DoS attack on remote state estimation: A game-theoretic approach,” IEEE Trans. Control Netw. Syst., vol. 4, no. 3, pp. 632–642, Sept. 2017. doi: 10.1109/TCNS.2016.2549640
    [38]
    S. Gao, H. Zhang, Z. Wang, C. Huang, and H. Yan, “Optimal injection attack strategy for cyber-physical systems under resource constraint: A game approach,” IEEE Trans. Control Netw. Syst., vol. 10, no. 2, pp. 636–646, Jun. 2023. doi: 10.1109/TCNS.2022.3203909
    [39]
    W. Duo, M. C. Zhou, and A. Abusorrah, “A survey of cyber attacks on cyber physical systems: Recent advances and challenges,” IEEE/CAA J. Autom. Sinica, vol. 9, no. 5, pp. 784–800, May 2022. doi: 10.1109/JAS.2022.105548
    [40]
    K. Dehghanpour, Z. Wang, J. Wang, Y. Yuan, and F. Bu, “A survey on state estimation techniques and challenges in smart distribution systems,” IEEE Trans. Smart Grid, vol. 10, no. 2, pp. 2312–2322, Mar. 2019. doi: 10.1109/TSG.2018.2870600
    [41]
    M. S. Mahmoud, M. M. Hamdan, and U. A. Baroudi, “Modeling and control of cyber-physical systems subject to cyber attacks: A survey of recent advances and challenges,” Neurocomputing, vol. 338, pp. 101–115, Apr. 2019. doi: 10.1016/j.neucom.2019.01.099
    [42]
    S. Tan, J. M. Guerrero, P. Xie, R. Han, and J. C. Vasquez, “Brief survey on attack detection methods for cyber-physical systems,” IEEE Syst. J., vol. 14, no. 4, pp. 5329–5339, Dec. 2020. doi: 10.1109/JSYST.2020.2991258
    [43]
    D. Zhang, Q.-G. Wang, G. Feng, Y. Shi, and A. V. Vasilakos, “A survey on attack detection, estimation and control of industrial cyber-physical systems,” ISA Trans., vol. 116, pp. 1–16, Oct. 2021. doi: 10.1016/j.isatra.2021.01.036
    [44]
    D. Ding, Q.-L. Han, X. Ge, and J. Wang, “Secure state estimation and control of cyber-physical systems: A survey,” IEEE Trans. Syst. Man Cybern. Syst., vol. 51, no. 1, pp. 176–190, Jan. 2021. doi: 10.1109/TSMC.2020.3041121
    [45]
    D. Zhang, G. Feng, Y. Shi, and D. Srinivasan, “Physical safety and cyber security analysis of multi-agent systems: A survey of recent advances,” IEEE/CAA J. Autom. Sinica, vol. 8, no. 2, pp. 319–333, Feb. 2021. doi: 10.1109/JAS.2021.1003820
    [46]
    C. N. Hadjicostis, S. Lafortune, F. Lin, and R. Su, “Cybersecurity and supervisory control: A tutorial on robust state estimation, attack synthesis, and resilient control,” in Proc. 61st Conf. Decision and Control, Cancun, Mexico, 2022, pp. 3020–3040.
    [47]
    C. E. Shannon, “Communication theory of secrecy systems,” Bell Syst. Tech. J., vol. 28, no. 4, pp. 656–715, Oct. 1949. doi: 10.1002/j.1538-7305.1949.tb00928.x
    [48]
    Y.-G. Li and G.-H. Yang, “Optimal stealthy innovation-based attacks with historical data in cyber-physical systems,” IEEE Trans. Syst. Man Cybern. Syst., vol. 51, no. 6, pp. 3401–3411, Jun. 2021. doi: 10.1109/TSMC.2019.2924976
    [49]
    J. Shang and T. Chen, “Optimal stealthy integrity attacks on remote state estimation: The maximum utilization of historical data,” Automatica, vol. 128, p. 109555, Jun. 2021. doi: 10.1016/j.automatica.2021.109555
    [50]
    Y.-G. Li and G.-H. Yang, “Optimal stealthy false data injection attacks in cyber-physical systems,” Inf. Sci., vol. 481, pp. 474–490, May 2019. doi: 10.1016/j.ins.2019.01.001
    [51]
    Z. Guo, D. Shi, K. H. Johansson, and L. Shi, “Worst-case innovation-based integrity attacks with side information on remote state estimation,” IEEE Trans. Control Netw. Syst., vol. 6, no. 1, pp. 48–59, Mar. 2019. doi: 10.1109/TCNS.2018.2793664
    [52]
    Z. Guo, D. Shi, K. H. Johansson, and L. Shi, “Worst-case stealthy innovation-based linear attack on remote state estimation,” Automatica, vol. 89, pp. 117–124, Mar. 2018. doi: 10.1016/j.automatica.2017.11.018
    [53]
    Y.-G. Li and G.-H. Yang, “Optimal innovation-based deception attacks with side information against remote state estimation in cyber-physical systems,” Neurocomputing, vol. 500, pp. 461–470, Aug. 2022. doi: 10.1016/j.neucom.2022.05.085
    [54]
    J. Shang, H. Yu, and T. Chen, “Worst-case stealthy innovation-based linear attacks on remote state estimation under Kullback-Leibler divergence,” IEEE Trans. Automat. Control, vol. 67, no. 11, pp. 6082–6089, Nov. 2022. doi: 10.1109/TAC.2021.3125430
    [55]
    X.-X. Ren, G.-H. Yang, and X.-G. Zhang, “Optimal stealthy attack with historical data on cyber-physical systems,” Automatica, vol. 151, p. 110895, May 2023. doi: 10.1016/j.automatica.2023.110895
    [56]
    J. Zhou, J. Shang, and T. Chen, “Optimal deception attacks against remote state estimation: An information-based approach,” IEEE Trans. Automat. Control, vol. 68, no. 7, pp. 3947–3962, Jul. 2023.
    [57]
    J. Zhou, J. Shang, and T. Chen, “Optimal deception attacks on remote state estimators equipped with interval anomaly detectors,” Automatica, vol. 148, p. 110723, Feb. 2023. doi: 10.1016/j.automatica.2022.110723
    [58]
    J. Zhou, J. Shang, and T. Chen, “Deception attacks on Kalman filtering with interval estimation performance loss,” IFAC-PapersOnLine, vol. 55, no. 35, pp. 7–12, Nov. 2022. doi: 10.1016/j.ifacol.2022.11.282
    [59]
    H. Guo, J. Sun, and Z.-H. Pang, “Stealthy false data injection attacks with resource constraints against multi-sensor estimation systems,” ISA Trans., vol. 127, pp. 32–40, Aug. 2022. doi: 10.1016/j.isatra.2022.02.045
    [60]
    H. Guo, J. Sun, and Z.-H. Pang, “Residual-based false data injection attacks against multi-sensor estimation systems,” IEEE/CAA J. Autom. Sinica, vol. 10, no. 5, pp. 1181–1191, May 2023. doi: 10.1109/JAS.2023.123441
    [61]
    F. Li and Y. Tang, “False data injection attack for cyber-physical systems with resource constraint,” IEEE Trans. Cybern., vol. 50, no. 2, pp. 729–738, Feb. 2020. doi: 10.1109/TCYB.2018.2871951
    [62]
    X. Ren, J. Wu, S. Dey, and L. Shi, “Attack allocation on remote state estimation in multi-systems: Structural results and asymptotic solution,” Automatica, vol. 87, pp. 184–194, Jan. 2018. doi: 10.1016/j.automatica.2017.09.021
    [63]
    H. Xu, Y. Yang, J. Shang, J. Fu, and Y. Li, “Integrity attacks on remote estimation with spatial-temporal information sources,” Automatica, vol. 155, p. 111172, Sept. 2023. doi: 10.1016/j.automatica.2023.111172
    [64]
    J. Shang, H. Yu, and T. Chen, “Worst-case stealthy attacks on stochastic event-based state estimation,” IEEE Trans. Automat. Control, vol. 67, no. 4, pp. 2052–2059, Apr. 2022. doi: 10.1109/TAC.2021.3071948
    [65]
    H. Guo, J. Sun, Z.-H. Pang, and G.-P. Liu, “Event-based optimal stealthy false data-injection attacks against remote state estimation systems,” IEEE Trans. Cybern., vol. 53, no. 10, pp. 6714–6724, Oct. 2023. doi: 10.1109/TCYB.2023.3255583
    [66]
    C.-Z. Bai, F. Pasqualetti, and V. Gupta, “Data-injection attacks in stochastic control systems: Detectability and performance tradeoffs,” Automatica, vol. 82, pp. 251–260, Aug. 2017. doi: 10.1016/j.automatica.2017.04.047
    [67]
    Y.-G. Li and G.-H. Yang, “Worst-case ϵ-stealthy false data injection attacks in cyber-physical systems,” Inf. Sci., vol. 515, pp. 352–364, Apr. 2020. doi: 10.1016/j.ins.2019.12.029
    [68]
    Y.-G. Li and G.-H. Yang, “Optimal deception attacks against remote state estimation in cyber-physical systems,” J. Frank. Inst., vol. 357, no. 3, pp. 1832–1852, Feb. 2020. doi: 10.1016/j.jfranklin.2019.11.001
    [69]
    L. Hu, Z. Wang, Q.-L. Han, and X. Liu, “State estimation under false data injection attacks: Security analysis and system protection,” Automatica, vol. 87, pp. 176–183, Jan. 2018. doi: 10.1016/j.automatica.2017.09.028
    [70]
    T.-Y. Zhang and D. Ye, “False data injection attacks with complete stealthiness in cyber-physical systems: A self-generated approach,” Automatica, vol. 120, p. 109117, Oct. 2020. doi: 10.1016/j.automatica.2020.109117
    [71]
    H. Shim, J. Back, Y. Eun, G. Park, and J. Kim, “Zero-dynamics attack, variations, and countermeasures,” in Security and Resilience of Control Systems: Theory and Applications, H. Ishii and Q. Zhu, Eds. Cham, Germany: Springer, 2022, pp. 31–61.
    [72]
    Q. Zhang, K. Liu, Z. Pang, Y. Xia, and T. Liu, “Reachability analysis of cyber-physical systems under stealthy attacks,” IEEE Trans. Cybern., vol. 52, no. 6, pp. 4926–4934, Jun. 2022. doi: 10.1109/TCYB.2020.3025307
    [73]
    C. Kwon, W. Liu, and I. Hwang, “Security analysis for cyber-physical systems against stealthy deception attacks,” in Proc. American Control Conf., Washington, USA, 2013, pp. 3344–3349.
    [74]
    Y. Mo and B. Sinopoli, “On the performance degradation of cyber-physical systems under stealthy integrity attacks,” IEEE Trans. Automat. Control, vol. 61, no. 9, pp. 2618–2624, Sept. 2016. doi: 10.1109/TAC.2015.2498708
    [75]
    C. Murguia, I. Shames, J. Ruths, and D. Nešić, “Security metrics and synthesis of secure control systems,” Automatica, vol. 115, p. 108757, May 2020. doi: 10.1016/j.automatica.2019.108757
    [76]
    H. Wang, K. Liu, D. Han, and Y. Xia, “Vulnerability analysis of distributed state estimation under joint deception attacks,” Automatica, vol. 157, p. 111274, Nov. 2023. doi: 10.1016/j.automatica.2023.111274
    [77]
    T. Chen, L. Wang, Z. Liu, W. Wang, and H. Su, “Optimal stealthy attack to remote estimator for estimation error regulation,” in Proc. American Control Conf., San Diego, USA, 2023, pp. 1998–2003.
    [78]
    D. Cheng, J. Shang, and T. Chen, “Finite-horizon strictly stealthy deterministic attacks on cyber-physical systems,” IEEE Control Syst. Lett., vol. 6, pp. 1640–1645, 2022. doi: 10.1109/LCSYS.2021.3130077
    [79]
    H. Liu, Y. Ni, L. Xie, and K. H. Johansson, “How vulnerable is innovation-based remote state estimation: Fundamental limits under linear attacks,” Automatica, vol. 136, p. 110079, Feb. 2022. doi: 10.1016/j.automatica.2021.110079
    [80]
    Y. Ni, Z. Guo, Y. Mo, and L. Shi, “On the performance analysis of reset attack in cyber-physical systems,” IEEE Trans. Automat. Control, vol. 65, no. 1, pp. 419–425, Jan. 2020. doi: 10.1109/TAC.2019.2914655
    [81]
    X.-L. Wang, G.-H. Yang, and D. Zhang, “Optimal stealth attack strategy design for linear cyber-physical systems,” IEEE Trans. Cybern., vol. 52, no. 1, pp. 472–480, Jan. 2022. doi: 10.1109/TCYB.2020.2975042
    [82]
    H. Fawzi, P. Tabuada, and S. Diggavi, “Secure estimation and control for cyber-physical systems under adversarial attacks,” IEEE Trans. Automat. Control, vol. 59, no. 6, pp. 1454–1467, Jun. 2014. doi: 10.1109/TAC.2014.2303233
    [83]
    Y. H. Chang, Q. Hu, and C. J. Tomlin, “Secure estimation based Kalman filter for cyber-physical systems against sensor attacks,” Automatica, vol. 95, pp. 399–412, Sept. 2018. doi: 10.1016/j.automatica.2018.06.010
    [84]
    Y. Mo, S. Weerakkody, and B. Sinopoli, “Physical authentication of control systems: Designing watermarked control inputs to detect counterfeit sensor outputs,” IEEE Control Syst. Mag., vol. 35, no. 1, pp. 93–109, Feb. 2015.
    [85]
    Y. Mo, R. Chabukswar, and B. Sinopoli, “Detecting integrity attacks on SCADA systems,” IEEE Trans. Control Syst. Technol., vol. 22, no. 4, pp. 1396–1407, Jul. 2014. doi: 10.1109/TCST.2013.2280899
    [86]
    S. Weerakkody, Y. Mo, and B. Sinopoli, “Detecting integrity attacks on control systems using robust physical watermarking,” in Proc. 53rd IEEE Conf. Decision and Control, Los Angeles, USA, 2014, pp. 3757–3764.
    [87]
    C. Wang, J. Huang, D. Wang, and F. Li, “A secure strategy for a cyber physical system with multi-sensor under linear deception attack,” J. Frank. Inst., vol. 358, no. 13, pp. 6666–6683, Sept. 2021. doi: 10.1016/j.jfranklin.2021.06.029
    [88]
    C. M. Ahmed, V. R. Palleti, and V. K. Mishra, “A practical physical watermarking approach to detect replay attacks in a CPS,” J. Process Control, vol. 116, pp. 136–146, Aug. 2022. doi: 10.1016/j.jprocont.2022.06.002
    [89]
    M. Porter, P. Hespanhol, A. Aswani, M. Johnson-Roberson, and R. Vasudevan, “Detecting generalized replay attacks via time-varying dynamic watermarking,” IEEE Trans. Automat. Control, vol. 66, no. 8, pp. 3502–3517, Aug. 2021. doi: 10.1109/TAC.2020.3022756
    [90]
    H. Liu, Y. Mo, J. Yan, L. Xie, and K. H. Johansson, “An online approach to physical watermark design,” IEEE Trans. Automat. Control, vol. 65, no. 9, pp. 3895–3902, Sept. 2020. doi: 10.1109/TAC.2020.2971994
    [91]
    F. Miao, Q. Zhu, M. Pajic, and G. J. Pappas, “Coding schemes for securing cyber-physical systems against stealthy data injection attacks,” IEEE Trans. Control Netw. Syst., vol. 4, no. 1, pp. 106–117, Mar. 2017. doi: 10.1109/TCNS.2016.2573039
    [92]
    J. Shang, M. Chen, and T. Chen, “Optimal linear encryption against stealthy attacks on remote state estimation,” IEEE Trans. Automat. Control, vol. 66, no. 8, pp. 3592–3607, Aug. 2021. doi: 10.1109/TAC.2020.3024143
    [93]
    J. Shang, J. Zhou, and T. Chen, “Single-dimensional encryption against innovation-based stealthy attacks on remote state estimation,” Automatica, vol. 136, p. 110015, Feb. 2022. doi: 10.1016/j.automatica.2021.110015
    [94]
    J. Tian, R. Tan, X. Guan, Z. Xu, and T. Liu, “Moving target defense approach to detecting StuxNet-like attacks,” IEEE Trans. Smart Grid, vol. 11, no. 1, pp. 291–300, Jan. 2020. doi: 10.1109/TSG.2019.2921245
    [95]
    S. Weerakkody and B. Sinopoli, “Detecting integrity attacks on control systems using a moving target approach,” in Proc. 54th IEEE Conf. Decision and Control, Osaka, Japan, 2015, pp. 5820–5826.
    [96]
    P. Griffioen, S. Weerakkody, and B. Sinopoli, “A moving target defense for securing cyber-physical systems,” IEEE Trans. Automat. Control, vol. 66, no. 5, pp. 2016–2031, May 2021. doi: 10.1109/TAC.2020.3005686
    [97]
    A. Kanellopoulos and K. G. Vamvoudakis, “A moving target defense control framework for cyber-physical systems,” IEEE Trans. Automat. Control, vol. 65, no. 3, pp. 1029–1043, Mar. 2020. doi: 10.1109/TAC.2019.2915746
    [98]
    K. Manandhar, X. Cao, F. Hu, and Y. Liu, “Detection of faults and attacks including false data injection attack in smart grid using Kalman filter,” IEEE Trans. Control Netw. Syst., vol. 1, no. 4, pp. 370–379, Dec. 2014. doi: 10.1109/TCNS.2014.2357531
    [99]
    R. Tunga, C. Murguia, and J. Ruths, “Tuning windowed chi-squared detectors for sensor attacks,” in Proc. Annu. American Control Conf., Milwaukee, USA, 2018, pp. 1752–1757.
    [100]
    D. Ye and T.-Y. Zhang, “Summation detector for false data-injection attack in cyber-physical systems,” IEEE Trans. Cybern., vol. 50, no. 6, pp. 2338–2345, Jun. 2020. doi: 10.1109/TCYB.2019.2915124
    [101]
    Z. Guo, D. Shi, D. E. Quevedo, and L. Shi, “Secure state estimation against integrity attacks: A Gaussian mixture model approach,” IEEE Trans. Signal Process., vol. 67, no. 1, pp. 194–207, Jan. 2019. doi: 10.1109/TSP.2018.2879037
    [102]
    D. B. Rawat and C. Bajracharya, “Detection of false data injection attacks in smart grid communication systems,” IEEE Signal Process. Lett., vol. 22, no. 10, pp. 1652–1656, Oct. 2015. doi: 10.1109/LSP.2015.2421935
    [103]
    X. Ge, Q.-L. Han, M. Zhong, and X.-M. Zhang, “Distributed Krein space-based attack detection over sensor networks under deception attacks,” Automatica, vol. 109, p. 108557, Nov. 2019. doi: 10.1016/j.automatica.2019.108557
    [104]
    X. Ge, Q.-L. Han, X.-M. Zhang, D. Ding, and F. Yang, “Resilient and secure remote monitoring for a class of cyber-physical systems against attacks,” Inf. Sci., vol. 512, pp. 1592–1605, Feb. 2020. doi: 10.1016/j.ins.2019.10.057
    [105]
    W.-A. Zhang, L. Yu, and D. He, “Sequential fusion estimation for sensor networks with deceptive attacks,” IEEE Trans. Aerosp. Electron. Syst., vol. 56, no. 3, pp. 1829–1843, Jun. 2020. doi: 10.1109/TAES.2019.2936750
    [106]
    A. Chattopadhyay and U. Mitra, “Security against false data-injection attack in cyber-physical systems,” IEEE Trans. Control Netw. Syst., vol. 7, no. 2, pp. 1015–1027, Jun. 2020. doi: 10.1109/TCNS.2019.2927594
    [107]
    L. An and G.-H. Yang, “Distributed secure state estimation for cyber-physical systems under sensor attacks,” Automatica, vol. 107, pp. 526–538, Sept. 2019. doi: 10.1016/j.automatica.2019.06.019
    [108]
    Z. Zhao, Y. Xu, Y. Li, Z. Zhen, Y. Yang, and Y. Shi, “Data-driven attack detection and identification for cyber-physical systems under sparse sensor attacks,” IEEE Trans. Automat. Control, vol. 68, no. 10, pp. 6330–6337, Oct. 2023. doi: 10.1109/TAC.2022.3230360
    [109]
    D. Shi, Z. Guo, K. H. Johansson, and L. Shi, “Causality countermeasures for anomaly detection in cyber-physical systems,” IEEE Trans. Automat. Control, vol. 63, no. 2, pp. 386–401, Feb. 2018. doi: 10.1109/TAC.2017.2714646
    [110]
    Y. Li, D. Shi, and T. Chen, “False data injection attacks on networked control systems: A Stackelberg game analysis,” IEEE Trans. Automat. Control, vol. 63, no. 10, pp. 3503–3509, Oct. 2018. doi: 10.1109/TAC.2018.2798817
    [111]
    W. Yang, D. Li, H. Zhang, Y. Tang, and W. X. Zheng, “An encoding mechanism for secrecy of remote state estimation,” Automatica, vol. 120, p. 109116, Oct. 2020. doi: 10.1016/j.automatica.2020.109116
    [112]
    F. Tao and D. Ye, “Secure state estimation against eavesdropping attacks based on time-varying coding and noise-adding,” IEEE Trans. Netw. Sci. Eng., vol. 11, no. 1, pp. 174–184, Jan.-Feb. 2024. doi: 10.1109/TNSE.2023.3293106
    [113]
    L. Zou, Z. Wang, B. Shen, H. Dong, and G. Lu, “Encrypted finite-horizon energy-to-peak state estimation for time-varying systems under eavesdropping attacks: Tackling secrecy capacity,” IEEE/CAA J. Autom. Sinica, vol. 10, no. 4, pp. 985–996, Apr. 2023. doi: 10.1109/JAS.2023.123393
    [114]
    J. Shang and T. Chen, “Linear encryption against eavesdropping on remote state estimation,” IEEE Trans. Automat. Control, vol. 68, no. 7, pp. 4413–4419, Jul. 2023.
    [115]
    H. Yuan, Y. Xia, and H. Yang, “Resilient state estimation of cyber-physical system with multichannel transmission under DoS attack,” IEEE Trans. Syst. Man Cybern. Syst., vol. 51, no. 11, pp. 6926–6937, Nov. 2021. doi: 10.1109/TSMC.2020.2964586
    [116]
    K. Ding, Y. Li, D. E. Quevedo, S. Dey, and L. Shi, “A multi-channel transmission schedule for remote state estimation under DoS attacks,” Automatica, vol. 78, pp. 194–201, Apr. 2017. doi: 10.1016/j.automatica.2016.12.020
    [117]
    K. Ding, X. Ren, D. E. Quevedo, S. Dey, and L. Shi, “DoS attacks on remote state estimation with asymmetric information,” IEEE Trans. Control Netw. Syst., vol. 6, no. 2, pp. 653–666, Jun. 2019. doi: 10.1109/TCNS.2018.2867157
    [118]
    R.-R. Liu, F. Hao, and H. Yu, “Optimal DoS attack scheduling for multi-sensor remote state estimation over interference channels,” J. Frank. Inst., vol. 358, no. 9, pp. 5136–5162, Jun. 2021. doi: 10.1016/j.jfranklin.2021.04.014
    [119]
    Y.-C. Sun and G.-H. Yang, “Event-triggered remote state estimation for cyber-physical systems under malicious DoS attacks,” Inf. Sci., vol. 602, pp. 43–56, Jul. 2022. doi: 10.1016/j.ins.2022.04.033
    [120]
    H. Song, D. Ding, H. Dong, and X. Yi, “Distributed filtering based on Cauchy-kernel-based maximum correntropy subject to randomly occurring cyber-attacks,” Automatica, vol. 135, p. 110004, Jan. 2022. doi: 10.1016/j.automatica.2021.110004
    [121]
    Y. Qu and K. Pang, “State estimation for a class of artificial neural networks subject to mixed attacks: A set-membership method,” Neurocomputing, vol. 411, pp. 239–246, Oct. 2020. doi: 10.1016/j.neucom.2020.06.020
    [122]
    H. Lin, J. Lam, and Z. Wang, “Secure state estimation for systems under mixed cyber-attacks: Security and performance analysis,” Inf. Sci., vol. 546, pp. 943–960, Feb. 2021. doi: 10.1016/j.ins.2020.08.124
    [123]
    Y. Guan and X. Ge, “Distributed attack detection and secure estimation of networked cyber-physical systems against false data injection attacks and jamming attacks,” IEEE Trans. Signal Inf. Process. Netw., vol. 4, no. 1, pp. 48–59, Mar. 2018.
    [124]
    H. Zhang, P. Cheng, L. Shi, and J. Chen, “Optimal DoS attack policy against remote state estimation,” in Proc. 52nd IEEE Conf. Decision and Control, Firenze, Italy, 2013, pp. 5444–5449.
    [125]
    H. Zhang, P. Cheng, L. Shi, and J. Chen, “Optimal denial-of-service attack scheduling with energy constraint,” IEEE Trans. Automat. Control, vol. 60, no. 11, pp. 3023–3028, Nov. 2015. doi: 10.1109/TAC.2015.2409905
    [126]
    C. Yang, W. Yang, and H. Shi, “DoS attack in centralised sensor network against state estimation,” IET Control Theory Appl., vol. 12, no. 9, pp. 1244–1253, Jun. 2018. doi: 10.1049/iet-cta.2017.0819
    [127]
    J. Qin, M. Li, J. Wang, L. Shi, Y. Kang, and W. X. Zheng, “Optimal denial-of-service attack energy management against state estimation over an SINR-based network,” Automatica, vol. 119, p. 109090, Sept. 2020. doi: 10.1016/j.automatica.2020.109090
    [128]
    H. Zhang, Y. Qi, J. Wu, L. Fu, and L. He, “DoS attack energy management against remote state estimation,” IEEE Trans. Control Netw. Syst., vol. 5, no. 1, pp. 383–394, Mar. 2018. doi: 10.1109/TCNS.2016.2614099
    [129]
    H. Zhang, Y. Qi, H. Zhou, J. Zhang, and J. Sun, “Testing and defending methods against DoS attack in state estimation,” Asian J. Control, vol. 19, no. 4, pp. 1295–1305, Jul. 2017. doi: 10.1002/asjc.1441
    [130]
    B. Sinopoli, L. Schenato, M. Franceschetti, K. Poolla, M. I. Jordan, and S. S. Sastry, “Kalman filtering with intermittent observations,” IEEE Trans. Automat. Control, vol. 49, no. 9, pp. 1453–1464, Sept. 2004. doi: 10.1109/TAC.2004.834121
    [131]
    L. Peng, L. Shi, X. Cao, and C. Sun, “Optimal attack energy allocation against remote state estimation,” IEEE Trans. Automat. Control, vol. 63, no. 7, pp. 2199–2205, Jul. 2018. doi: 10.1109/TAC.2017.2775344
    [132]
    R. Liu, F. Hao, and H. Yu, “Optimal SINR-based DoS attack scheduling for remote state estimation via adaptive dynamic programming approach,” IEEE Trans. Syst. Man Cybern. Syst., vol. 51, no. 12, pp. 7622–7632, Dec. 2021. doi: 10.1109/TSMC.2020.2981478
    [133]
    J. Chen, C. Dou, L. Xiao, and Z. Wang, “Fusion state estimation for power systems under DoS attacks: A switched system approach,” IEEE Trans. Syst. Man Cybern. Syst., vol. 49, no. 8, pp. 1679–1687, Aug. 2019. doi: 10.1109/TSMC.2019.2895912
    [134]
    M. Naghnaeian and Y. Xuan, “Optimal state estimation under the denial-of-service attack: An operator approach,” in Proc. American Control Conf., Denver, USA, 2020, pp. 5334–5339.
    [135]
    K. Ding, X. Ren, A. S. Leong, D. E. Quevedo, and L. Shi, “Remote state estimation in the presence of an active eavesdropper,” IEEE Trans. Automat. Control, vol. 66, no. 1, pp. 229–244, Jan. 2021. doi: 10.1109/TAC.2020.2980730
    [136]
    Y. Han, L. Duan, and R. Zhang, “Jamming-assisted eavesdropping over parallel fading channels,” IEEE Trans. Inf. Forensics Secur., vol. 14, no. 9, pp. 2486–2499, Sept. 2019. doi: 10.1109/TIFS.2019.2901821
    [137]
    B. Li, Y. Yao, H. Zhang, and Y. Lv, “Energy efficiency of proactive cooperative eavesdropping over multiple suspicious communication links,” IEEE Trans. Veh. Technol., vol. 68, no. 1, pp. 420–430, Jan. 2019. doi: 10.1109/TVT.2018.2880768
    [138]
    A. Tsiamis, K. Gatsis, and G. J. Pappas, “State estimation with secrecy against eavesdroppers,” IFAC-PapersOnLine, vol. 50, no. 1, pp. 8385–8392, Jul. 2017. doi: 10.1016/j.ifacol.2017.08.1563
    [139]
    A. S. Leong, D. E. Quevedo, D. Dolz, and S. Dey, “Transmission scheduling for remote state estimation over packet dropping links in the presence of an eavesdropper,” IEEE Trans. Automat. Control, vol. 64, no. 9, pp. 3732–3739, Sept. 2019. doi: 10.1109/TAC.2018.2883246
    [140]
    L. Wang, X. Cao, B. Sun, H. Zhang, and C. Sun, “Optimal schedule of secure transmissions for remote state estimation against eavesdropping,” IEEE Trans. Industr. Inform., vol. 17, no. 3, pp. 1987–1997, Mar. 2021. doi: 10.1109/TII.2020.2995385
    [141]
    L. Wang, X. Cao, H. Zhang, C. Sun, and W. X. Zheng, “Transmission scheduling for privacy-optimal encryption against eavesdropping attacks on remote state estimation,” Automatica, vol. 137, p. 110145, Mar. 2022. doi: 10.1016/j.automatica.2021.110145
    [142]
    L. Sun, D. Ding, H. Dong, and X. Bai, “Privacy-preserving distributed economic dispatch for microgrids based on state decomposition with added noises,” IEEE Trans. Smart Grid, 2023. DOI: 10.1109/TSG.2023.3324138
    [143]
    X. Huang, D. Zhai, and J. Dong, “Adaptive integral sliding-mode control strategy of data-driven cyber-physical systems against a class of actuator attacks,” IET Control Theory Appl., vol. 12, no. 10, pp. 1440–1447, Jul. 2018. doi: 10.1049/iet-cta.2017.1278
    [144]
    A.-Y. Lu and G.-H. Yang, “False data injection attacks against state estimation without knowledge of estimators,” IEEE Trans. Automat. Control, vol. 67, no. 9, pp. 4529–4540, Sept. 2022. doi: 10.1109/TAC.2022.3161259
    [145]
    J. Kim, L. Tong, and R. J. Thomas, “Subspace methods for data attack on state estimation: A data driven approach,” IEEE Trans. Signal Process., vol. 63, no. 5, pp. 1102–1114, Mar. 2015. doi: 10.1109/TSP.2014.2385670
    [146]
    S. Gao, H. Zhang, Z. Wang, C. Huang, and H. Yan, “Data-driven injection attack strategy for linear cyber-physical systems: An input-output data-based approach,” IEEE Trans. Netw. Sci. Eng., vol. 10, no. 6, pp. 4082–4095, Nov.-Dec. 2023.
    [147]
    Y. Yuan and Y. Mo, “Security for cyber-physical systems: Secure control against known-plaintext attack,” Sci. China Technol. Sci., vol. 63, no. 9, pp. 1637–1646, Sept. 2020. doi: 10.1007/s11431-020-1621-y
    [148]
    F. Hou and J. Sun, “Fasle data injection attacks in cyber-physical systems based on inaccurate model,” in Proc. 43rd Annu. Conf. Industrial Electronics Society, Beijing, China, 2017, pp. 5791–5796.
    [149]
    P. Duan, G. Lv, Z. Duan, and Y. Lv, “Resilient state estimation for complex dynamic networks with system model perturbation,” IEEE Trans. Control Netw. Syst., vol. 8, no. 1, pp. 135–146, Mar. 2021. doi: 10.1109/TCNS.2020.3035759
    [150]
    W. Hu, S. L. Shah, and T. Chen, “Framework for a smart data analytics platform towards process monitoring and alarm management,” Comput. Chem. Eng., vol. 114, pp. 225–244, Jun. 2018. doi: 10.1016/j.compchemeng.2017.10.010

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Figures(3)  / Tables(3)

    Article Metrics

    Article views (201) PDF downloads(61) Cited by()

    Highlights

    • An overview of recent advances in cyber-attacks and defensive countermeasures is presented, with a specific focus on integrity attacks against RSE
    • A detailed review of typical attack detection and resilient estimation algorithms is included, illustrating the latest defensive measures safeguarding RSE from adversaries
    • Some prevalent attacks impairing the confidentiality and data availability of RSE are examined from both attackers’ and defenders’ perspectives

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return