Biblio

Recently, the security of state estimation has been attracting significant research attention due to the need for trustworthy situation awareness in emerging (e.g., industrial) cyber-physical systems. In this paper, we investigate secure estimation based on Kalman filtering (SEKF) using partially homomorphically encrypted data. The encryption will enhance the confidentiality not only of data transmitted in the communication network, but also key system information required by the estimator. We use a multiplicative homomorphic encryption scheme, but with a modified decryption algorithm. SEKF is able to conceal comprehensive information (i.e., system parameters, measurements, and state estimates) aggregated at the sink node of the estimator, while retaining the effectiveness of normal Kalman filtering. Therefore, even if an attacker has gained unauthorized access to the estimator and associated communication channels, he will not be able to obtain sufficient knowledge of the system state to guide the attack, e.g., ensure its stealthiness. We present an implementation structure of the SEKF to reduce the communication overhead compared with traditional secure multiparty computation (SMC) methods. Finally, we demonstrate the effectiveness of the SEKF on an IEEE 9-bus power system.

Networked control systems improve the efficiency of cyber-physical plants both functionally, by the availability of data generated even in far-flung locations, and operationally, by the adoption of standard protocols. A side-effect, however, is that now the safety and stability of a local process and, in turn, of the entire plant are more vulnerable to malicious agents. Leveraging the communication infrastructure, the authors here present the design of networked control systems with built-in resilience. Specifically, the paper addresses attacks known as false data injections that originate within compromised sensors. In the proposed framework for closed-loop control, the feedback signal is constructed by weighted consensus of estimates of the process state gathered from other interconnected processes. Observers are introduced to generate the state estimates from the local data. Side-channel monitors are attached to each primary sensor in order to assess proper code execution. These monitors provide estimates of the trust assigned to each observer output and, more importantly, independent of it; these estimates serve as weights in the consensus algorithm. The authors tested the concept on a multi-sensor networked physical experiment with six primary sensors. The weighted consensus was demonstrated to yield a feedback signal within specified accuracy even if four of the six primary sensors were injecting false data.