Secure State Estimation with Cumulative Message Authentication

Conference Paper

With network-based attacks, such as Man-in-the-Middle (MitM) attacks, the attacker can inject false data to force a closed-loop system into any undesired state, unless even intermittently integrity of delivered sensor measurements is enforced. Yet, the use of standard cryptographic techniques that ensure data integrity, such as Message Authentication Codes (MACs), introduces significant communication and computation overhead. Thus, in this work we explore the use of cumulative MACs that significantly reduce network overhead. We consider systems with Kalman filter-based state estimators and sequential probability ratio test (SPRT) intrusion detectors. We show that strong estimation guarantees under MitM attacks can be obtained even with intermittent use of a single cumulative MAC that is added to appropriate sensor measurements transmitted over the network. We present a design-time methodology to evaluate the effects of any given cumulative integrity enforcement policy on reachable state-estimation errors for any type of stealthy attacks; this provides a base for design of cumulative enforcement policies with desired performance guarantees even in the presence of MitM attacks. Finally, we illustrate the effectiveness of our approach on an automated steering control.

Full Text

Duke Authors

Cited Authors

  • Jovanov, I; Pajic, M

Published Date

  • July 2, 2018

Published In

Volume / Issue

  • 2018-December /

Start / End Page

  • 2074 - 2079

Electronic International Standard Serial Number (EISSN)

  • 2576-2370

International Standard Serial Number (ISSN)

  • 0743-1546

International Standard Book Number 13 (ISBN-13)

  • 9781538613955

Digital Object Identifier (DOI)

  • 10.1109/CDC.2018.8619250

Citation Source

  • Scopus