Secure State Estimation for Cyber-Physical Systems Against Active Eavesdropping Attacks: A Stochastic Encryption-Based Method

IF 6.4 2区计算机科学 Q1 AUTOMATION & CONTROL SYSTEMS IEEE Transactions on Automation Science and Engineering Pub Date : 2024-09-20 DOI:10.1109/TASE.2024.3457903

Fei Tao;Dan Ye

{"title":"Secure State Estimation for Cyber-Physical Systems Against Active Eavesdropping Attacks: A Stochastic Encryption-Based Method","authors":"Fei Tao;Dan Ye","doi":"10.1109/TASE.2024.3457903","DOIUrl":null,"url":null,"abstract":"This article is concerned with the problem of remote state estimation for cyber-physical systems (CPSs) in the presence of an active eavesdropper. To prevent information leakage, a novel stochastic encryption scheme is proposed to protect the data transmitted via packet loss channel. The scheme can guarantee the user’s privacy and force the estimation error of the eavesdropper to diverge by using a predefined scheduling sequence to transmit raw data or an encrypted version randomly. In this case, two types of data are considered: raw measurements and local estimates. Aiming at these two transmission scenarios, the expected estimation error recursions with respect to encryption mechanisms, channel parameters, and the system dynamics are derived in the minimum mean error estimation sense. Further, we show the conditions that require the expected estimation error covariance of the user to be bounded, while the active eavesdropper’s expected estimation error grows unbounded by mathematical induction and matrix theory methods. Finally, an application example is illustrated to verify the performance of the encryption scheme. Note to Practitioners—This paper addresses the secure state estimation for a class of CPSs in the presence of eavesdropping attacks, which plays a vital role in many critical infrastructures, such as unmanned aerial vehicle (UAV) and smart grids. The system’s confidential information is transmitted over the wireless channel to a remote estimator that is likely to be overheard by a malicious eavesdropper. Most existing privacy protection methods not only constrain the capabilities of eavesdroppers, such as packet reception rate, but also have limited ability to disrupt the estimated performance of eavesdroppers. Besides, few studies have been conducted on the impact of active eavesdroppers who may have a higher packet reception rate. To overcome these difficulties, based on control-theoretic approaches, we propose two alternative encryption schemes for two different transmission scenarios. Note that our scheme can guarantee that the user’s estimation error is bounded, while the estimation error of the eavesdropper goes to unbounded. Accordingly, the privacy and estimation performance of the system can be ensured by our encryption scheme, and the encryption schemes can be conveniently applied to practical systems.","PeriodicalId":51060,"journal":{"name":"IEEE Transactions on Automation Science and Engineering","volume":"22 ","pages":"6998-7007"},"PeriodicalIF":6.4000,"publicationDate":"2024-09-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Automation Science and Engineering","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10684984/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"AUTOMATION & CONTROL SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

This article is concerned with the problem of remote state estimation for cyber-physical systems (CPSs) in the presence of an active eavesdropper. To prevent information leakage, a novel stochastic encryption scheme is proposed to protect the data transmitted via packet loss channel. The scheme can guarantee the user’s privacy and force the estimation error of the eavesdropper to diverge by using a predefined scheduling sequence to transmit raw data or an encrypted version randomly. In this case, two types of data are considered: raw measurements and local estimates. Aiming at these two transmission scenarios, the expected estimation error recursions with respect to encryption mechanisms, channel parameters, and the system dynamics are derived in the minimum mean error estimation sense. Further, we show the conditions that require the expected estimation error covariance of the user to be bounded, while the active eavesdropper’s expected estimation error grows unbounded by mathematical induction and matrix theory methods. Finally, an application example is illustrated to verify the performance of the encryption scheme. Note to Practitioners—This paper addresses the secure state estimation for a class of CPSs in the presence of eavesdropping attacks, which plays a vital role in many critical infrastructures, such as unmanned aerial vehicle (UAV) and smart grids. The system’s confidential information is transmitted over the wireless channel to a remote estimator that is likely to be overheard by a malicious eavesdropper. Most existing privacy protection methods not only constrain the capabilities of eavesdroppers, such as packet reception rate, but also have limited ability to disrupt the estimated performance of eavesdroppers. Besides, few studies have been conducted on the impact of active eavesdroppers who may have a higher packet reception rate. To overcome these difficulties, based on control-theoretic approaches, we propose two alternative encryption schemes for two different transmission scenarios. Note that our scheme can guarantee that the user’s estimation error is bounded, while the estimation error of the eavesdropper goes to unbounded. Accordingly, the privacy and estimation performance of the system can be ensured by our encryption scheme, and the encryption schemes can be conveniently applied to practical systems.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

防范主动窃听攻击的网络物理系统安全状态估计：基于随机加密的方法

本文研究了存在主动窃听者的网络物理系统（cps）的远程状态估计问题。为了防止信息泄露，提出了一种新的随机加密方案来保护通过丢包通道传输的数据。该方案通过预先设定的调度顺序随机传输原始数据或加密版本，保证了用户的隐私性，并强制窃听者的估计误差发散。在这种情况下，考虑两种类型的数据：原始测量和局部估计。针对这两种传输场景，在最小平均误差估计意义下，推导了关于加密机制、信道参数和系统动力学的期望估计误差递归。进一步，利用数学归纳法和矩阵理论方法，给出了用户期望估计误差协方差无界，而主动窃听者期望估计误差无界的条件。最后，通过一个应用实例验证了该加密方案的性能。从业人员注意事项：本文讨论了一类cps在存在窃听攻击时的安全状态估计，窃听攻击在许多关键基础设施中起着至关重要的作用，例如无人机（UAV）和智能电网。系统的机密信息通过无线信道传输到远程估计器，远程估计器很可能被恶意窃听者窃听到。大多数现有的隐私保护方法不仅限制了窃听者的能力，如数据包接收速率，而且对窃听者的估计性能的破坏能力有限。此外，主动窃听者可能具有更高的数据包接收率，但对其影响的研究很少。为了克服这些困难，基于控制理论的方法，我们针对两种不同的传输场景提出了两种备选加密方案。注意，我们的方案可以保证用户的估计误差是有界的，而窃听者的估计误差是无界的。因此，我们的加密方案可以保证系统的隐私性和估计性能，并且可以方便地应用于实际系统。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Transactions on Automation Science and Engineering 工程技术-自动化与控制系统

CiteScore

12.50

自引率

14.30%

发文量

404

审稿时长

3.0 months

期刊介绍： The IEEE Transactions on Automation Science and Engineering (T-ASE) publishes fundamental papers on Automation, emphasizing scientific results that advance efficiency, quality, productivity, and reliability. T-ASE encourages interdisciplinary approaches from computer science, control systems, electrical engineering, mathematics, mechanical engineering, operations research, and other fields. T-ASE welcomes results relevant to industries such as agriculture, biotechnology, healthcare, home automation, maintenance, manufacturing, pharmaceuticals, retail, security, service, supply chains, and transportation. T-ASE addresses a research community willing to integrate knowledge across disciplines and industries. For this purpose, each paper includes a Note to Practitioners that summarizes how its results can be applied or how they might be extended to apply in practice.