Skip to main content
eScholarship
Open Access Publications from the University of California

UC Riverside

UC Riverside Electronic Theses and Dissertations bannerUC Riverside

Security of Interconnected Stochastic Dynamical Systems

Abstract

Modern dynamical systems are large and inevitably comprise dierent subsystems

that are often integrated with cyber (computation and communication) components. The

applications of these systems are far reaching, ranging from power and water networks, to

telecommunication and transportation systems etc. Recently, researchers and hackers have

shown that these systems are vulnerable to attacks targeting their physical infrastructure

or the signals exchanged between the physical and cyber layers. Given the interconnected

nature of dynamical systems, and the fact that each subsystem usually has only partial

knowledge or measurements of other interconnected units, the security question arises as

to whether sophisticated attackers can hide their action to the individual subsystems while

inducing system-wide critical perturbations.

This thesis addresses problems concerning security of interconnected systems that

are subject to random (stochastic) disturbances. Our contribution is twofold. First, we

investigate whether, and to what extent, coordination among different subsystems and

knowledge of the global system dynamics is necessary to detect attacks in interconnected systems. We consider centralized and decentralized detectors, which dier primarily in

their knowledge of the system model, and characterize the performance of the two detectors

and show that, depending on the system and attack parameters, each of the detectors can

outperform the other. Hence, it may be possible for the decentralized detector to outperform

its centralized counterpart, despite having less information about the system dynamics. We

provide an explanation for this counter-intuitive result and illustrate our results through

simulations. Second, we study an attack design problem for interconnected systems where

the attacker compromises a subsystem at each time, based on a pre-computed probabilistic

rule. The goal of the attacker is to degrade the system performance, which is measured based

on a quadratic function of the system state, while remaining undetected from a centralized

detector. We show that selectively compromising dierent subsystems over time increases

the severity of the attacks with respect to compromising a fixed subsystem at each time.

We study another related security problem for network systems, where changes

in the statistical properties of an input driving certain network nodes has to be detected

by remotely located sensors. To detect the changes, we associate a maximum-a-posteriori

detector for a given set of sensors, and study its detection performance as function of the

network topology, and the graphical distance between the input and sensor locations. We

derive conditions under which the detection performance obtained when sensors are located

on a network cut is not worse (resp. not better) than the performance obtained by measuring

all nodes of the subnetwork induced by the cut and not containing the input nodes. Our

results provide insights into the sensor placement from a detection-theoretic point of view.

Main Content
For improved accessibility of PDF content, download the file to your device.
Current View