Secure State Estimation with Cumulative Message Authentication
With network-based attacks, such as Man-in-the-Middle (MitM) attacks, the attacker can inject false data to force a closed-loop system into any undesired state, unless even intermittently integrity of delivered sensor measurements is enforced. Yet, the use of standard cryptographic techniques that ensure data integrity, such as Message Authentication Codes (MACs), introduces significant communication and computation overhead. Thus, in this work we explore the use of cumulative MACs that significantly reduce network overhead. We consider systems with Kalman filter-based state estimators and sequential probability ratio test (SPRT) intrusion detectors. We show that strong estimation guarantees under MitM attacks can be obtained even with intermittent use of a single cumulative MAC that is added to appropriate sensor measurements transmitted over the network. We present a design-time methodology to evaluate the effects of any given cumulative integrity enforcement policy on reachable state-estimation errors for any type of stealthy attacks; this provides a base for design of cumulative enforcement policies with desired performance guarantees even in the presence of MitM attacks. Finally, we illustrate the effectiveness of our approach on an automated steering control.