Measuring robustness in cyber-physical systems under sensor attacks

IF 3.7 2区计算机科学 Q2 AUTOMATION & CONTROL SYSTEMS

Nonlinear Analysis-Hybrid Systems Pub Date : 2024-12-09 DOI:10.1016/j.nahs.2024.101559

Jian Xiang , Ruggero Lanotte , Simone Tini , Stephen Chong , Massimo Merro

{"title":"Measuring robustness in cyber-physical systems under sensor attacks","authors":"Jian Xiang , Ruggero Lanotte , Simone Tini , Stephen Chong , Massimo Merro","doi":"10.1016/j.nahs.2024.101559","DOIUrl":null,"url":null,"abstract":"<div><div>This paper contributes a formal framework for quantitative analysis of bounded sensor attacks on cyber–physical systems, using the formalism of differential dynamic logic. Given a precondition and postcondition of a system, we formalize two quantitative safety notions, quantitative forward and backward safety, which respectively express (1) how strong the strongest postcondition of the system is with respect to the specified postcondition, and (2) how strong the specified precondition is with respect to the weakest precondition of the system needed to ensure the specified postcondition holds. We introduce two notions, forward and backward robustness, to characterize the robustness of a system against sensor attacks as the loss of safety. To reason about robustness, we introduce two simulation distances, forward and backward simulation distances, which are defined based on the behavioral distances between the original system and the system with compromised sensors. Forward and backward distances, respectively, characterize upper bounds of the degree of forward and backward safety loss caused by the sensor attacks. We verify the two simulation distances by expressing them as modalities, i.e., formulas of differential dynamic logic, and develop an ad-hoc proof system to reason with such formulas. We showcase our formal notions and reasoning techniques on two non-trivial case studies: an autonomous vehicle that needs to avoid collision and a water tank system.</div></div>","PeriodicalId":49011,"journal":{"name":"Nonlinear Analysis-Hybrid Systems","volume":"56 ","pages":"Article 101559"},"PeriodicalIF":3.7000,"publicationDate":"2024-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Nonlinear Analysis-Hybrid Systems","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1751570X24000967","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"AUTOMATION & CONTROL SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

This paper contributes a formal framework for quantitative analysis of bounded sensor attacks on cyber–physical systems, using the formalism of differential dynamic logic. Given a precondition and postcondition of a system, we formalize two quantitative safety notions, quantitative forward and backward safety, which respectively express (1) how strong the strongest postcondition of the system is with respect to the specified postcondition, and (2) how strong the specified precondition is with respect to the weakest precondition of the system needed to ensure the specified postcondition holds. We introduce two notions, forward and backward robustness, to characterize the robustness of a system against sensor attacks as the loss of safety. To reason about robustness, we introduce two simulation distances, forward and backward simulation distances, which are defined based on the behavioral distances between the original system and the system with compromised sensors. Forward and backward distances, respectively, characterize upper bounds of the degree of forward and backward safety loss caused by the sensor attacks. We verify the two simulation distances by expressing them as modalities, i.e., formulas of differential dynamic logic, and develop an ad-hoc proof system to reason with such formulas. We showcase our formal notions and reasoning techniques on two non-trivial case studies: an autonomous vehicle that needs to avoid collision and a water tank system.

查看原文本刊更多论文

测量传感器攻击下网络物理系统的鲁棒性

本文利用微分动态逻辑的形式化，为定量分析网络物理系统的有界传感器攻击提供了形式化框架。给定一个系统的前置条件和后置条件，我们形式化了两个定量安全概念，即定量前向安全和后向安全，它们分别表示(1)系统的最强后置条件相对于指定后置条件有多强，以及(2)指定的前置条件相对于确保指定后置条件成立所需的系统的最弱前置条件有多强。我们引入了两个概念，前向和后向鲁棒性，以描述系统对传感器攻击的鲁棒性，即安全性的丧失。为了证明鲁棒性，我们引入了两种仿真距离，即前向和后向仿真距离，它们是基于原始系统与受损传感器系统之间的行为距离来定义的。向前和向后的距离分别表征了传感器攻击造成的向前和向后安全损失程度的上界。我们通过将这两个仿真距离表示为模态，即微分动态逻辑的公式来验证它们，并开发了一个专门的证明系统来用这些公式进行推理。我们在两个重要的案例研究中展示了我们的形式化概念和推理技术：需要避免碰撞的自动驾驶汽车和水箱系统。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Nonlinear Analysis-Hybrid Systems AUTOMATION & CONTROL SYSTEMS-MATHEMATICS, APPLIED

CiteScore

8.30

自引率

9.50%

发文量

审稿时长

>12 weeks

期刊介绍： Nonlinear Analysis: Hybrid Systems welcomes all important research and expository papers in any discipline. Papers that are principally concerned with the theory of hybrid systems should contain significant results indicating relevant applications. Papers that emphasize applications should consist of important real world models and illuminating techniques. Papers that interrelate various aspects of hybrid systems will be most welcome.