Tampering attack detection for remote interval observer

Abstract

In cyber–physical systems (CPSs), secure estimation observes the states of a physical plant remotely with potentially attacked data. Most attacks in CPSs are carefully designed such that they can not only ruin the estimation but also bypass the detector. These attacked estimations would corrupt decision-making and control, leading to decreased production efficiency and even equipment damage. Therefore, detecting these attacks is of great importance. It is noted that one of the reasons that these attacks can be successfully launched is that attackers can inject arbitrary false data into the communication channel at any time step, which makes it possible that the transmission data is tampered with by any designed attack sequences. In this paper, a modified data transmission mechanism is deployed to limit the attacker’s ability, and attack detectors are designed for detecting tampering attacks. Specifically, first of all, a one-bit event-triggered mechanism is deployed to binarize the transmitted data. Secondly, a primary detector is deployed to detect non-binary data received by the observer, and hence the attacker’s ability is greatly reduced. Thirdly, a main detector is designed, which definitely detects tampering attacks that can bypass the primary detector.The necessary and sufficient conditions for definite attack detection are given, with which the gain of interval observable and the threshold of the event-trigger mechanism are designed. Finally, simulation results are presented to verify the analysis.