Masking attack for sampled-data systems via input redundancy

Abstract

This study discovers a new vulnerability of cyber-physical systems to malicious attack. It arises when the physical plant, that is modelled as a continuous-time LTI system, is controlled by a digital controller with periodic sampling and actuation. In the sampled-data framework, most anomaly detectors monitor the plant's output only at discrete time instants. Consequently, abnormal behaviour between sampling instants cannot be detected if output behaves normally at every sampling instant. This implies that if an actuator attack drives the plant's state to pass through the kernel of the output matrix at each sensing time, then the attack compromises the system while remaining stealthy. It is shown that this type of attack always exists when the sampled-data system has an input redundancy, i.e. the number of inputs being larger than that of outputs and/or the sampling rate of the actuators being higher than that of the sensors. Simulation results for the X-38 vehicle and other numerical examples illustrate this new attack strategy may result in disastrous consequences.