Data-injection Attacks Using Historical Inputs and Outputs

Abstract

Data-driven, model-free control has become popular in recent years, due to their ease of implementation and minimal information requirement about the system. In this paper, we investigate whether the same methods could be used by an adversary to synthesize undetectable data-injection attacks on cyber-physical systems using Willems’ Fundamental Lemma. We show that if the adversary is able to upper bound the order of a linear, time-invariant system and read all its inputs and outputs, then the adversary will be able to generate undetectable attack signals in the form of covert attacks. Additionally, we provide conditions on the disclosed data set that enable the adversary to generate zero dynamics attacks. These conditions give operators insights into when enough information about the system has been revealed for an adversary to conduct an undetectable attack. Finally, the different attack strategies are verified through a numerical example.