This DN intends to bridge the gap between theory and practice for secure and resilient cyber-physical systems by tackling the problem at its root. It brings together domain experts from control theory, computer science, and major industrial stakeholders to boost the security and resilience of control systems by outlining a sustainable program for training the next generation of innovators in this critical domain. It pursues a holistic approach that combines specialized training (in both academia and industry), while identifying challenging characteristics and security flaws in existing legacy systems, and pinpointing design requirements and solutions in future (networked) control systems.
Validating a System Development Kit for edge federated learning (2023-2025)
Call: ‘Advanced and innovative digitalisation’, funded by the Sweden’s Innovation Agency (Vinnova)
Awarded to: Andreas Hellander (PI, Scaleout), Salman Toor (Scaleout), André Teixeira
The project´s primary aim is to increase our understanding of scalability and cyber security in federated machine learning specifically for cloud edge applications. We will also further develop and validate a system development kit for federated machine learning, FEDn, for large-scale applications in fleet intelligence.
“Byzantine-Robust Federated Learning with Learnable Aggregation Weights”.
J. Parsa, A. H. Daghestani, A. M. H. Teixeira, and M. Johansson. ICLR 2026 (Accepted), 2026 ABSBIB
Federated Learning (FL) enables clients to collaboratively train a global model without sharing their private data. However, the presence of malicious (Byzantine) clients poses significant challenges to the robustness of FL, particularly when data distributions across clients are heterogeneous. In this paper, we propose a novel Byzantine-robust FL optimization problem that incorporates adaptive weighting into the aggregation process. Unlike conventional approaches, our formulation treats aggregation weights as learnable parameters, jointly optimizing them alongside the global model parameters. To solve this optimization problem, we develop an alternating minimization algorithm with strong convergence guarantees under adversarial attack. We analyze the Byzantine resilience of the proposed objective. We evaluate the performance of our algorithm against state-of-the-art Byzantine-robust FL approaches across various datasets and attack scenarios. Experimental results demonstrate that our method consistently outperforms existing approaches, particularly in settings with highly heterogeneous data and a large proportion of malicious clients.
@inproceedings{Parsa_ICLR2026,author={Parsa, J. and Daghestani, A. H. and Teixeira, A. M. H. and Johansson, M.},title={Byzantine-Robust Federated Learning with Learnable Aggregation Weights},booktitle={ICLR 2026 (Accepted)},year={2026},}
Selected past projects
Secure and Resilient Control Systems (2020-2025)
Call: SSF Future Research Leaders 7, funded by the Swedish Foundation for Strategic Research (SSF)
Awarded to:André Teixeira (PI)
USLC Members: Sribalaji Anand, Anh Tung Nguyen, Lovisa Eriksson, Daniel Arnström, Ruslan Seifullaev
Reports of cyber-attacks on digitally controlled systems supporting modern societies, such as Stuxnet, have shown their devastating consequences to safety and human lives, and shed light on the attackers modus operandi first learn the system, then tamper the visible information so the attack is undetected, and meanwhile have significant impact on the physical system. It is of the utmost importance to be able to detect and mitigate such malicious cyber-attacks. Unfortunately, existing methods in control engineering consider impact on the physical system and detectability separately, and thus fail to accurately tackle cyber attacks that strategically mix high impact with low detectability. On the other hand, approaches from secure control assume adversaries with perfect knowledge, resulting in overly pessimistic, unrealistic conclusions. The project will produce approaches to analyze and mitigate cyber-attacks on control systems, through the following actions 1) to construct novel sensitivity metrics that jointly consider the impact and detectability of attacks under uncertainty; 2) to design optimal anomaly detectors, controllers, and security measure deployment that minimize the novel sensitivity metrics, and thus increase security; 3) to experimentally validate the developed scientific approaches in testbeds and numerical benchmarks. The developed science and tools will induce a paradigm change in robust control and fault detection, and allow for more effective handling of anomalies.
“Quantifying Security for Networked Control Systems: A Review”.
S. C. Anand, A. T. Nguyen, A. M. H. Teixeira, H. Sandberg, and K. H. Johansson. Annual Reviews in Control (Submitted) ABSBIB
Networked Control Systems (NCSs) are integral in critical infrastructures such as power grids, transportation networks, and production systems. Ensuring the resilient operation of these large-scale NCSs against cyber-attacks is crucial for societal well-being. Over the past two decades, extensive research has been focused on developing metrics to quantify the vulnerabilities of NCSs against attacks. Once the vulnerabilities are quantified, mitigation strategies can be employed to enhance system resilience. This article provides a comprehensive overview of methods developed for assessing NCS vulnerabilities and the corresponding mitigation strategies. Furthermore, we emphasize the importance of probabilistic risk metrics to model vulnerabilities under adversaries with imperfect process knowledge. The article concludes by outlining promising directions for future research.
@article{Anand_Review2026,author={Anand, S. C. and Nguyen, A. T. and Teixeira, A. M. H. and Sandberg, H. and Johansson, K. H.},journal={Annual Reviews in Control (Submitted)},title={Quantifying Security for Networked Control Systems: A Review},}
“Stealthy bias injection attack detection based on Kullback-Leibler divergence in stochastic linear systems”.
J. Dong and A. M. H. Teixeira. Automatica (submitted) ABSBIB
This paper studies the design of detection observers against stealthy bias injection attacks in stochastic linear systems under Gaussian noise, considering adversaries that exploit noise and inject crafted bias signals into a subset of sensors in a slow and coordinated manner, thereby achieving malicious objectives while remaining stealthy. To address such attacks, we formulate the observer design as a max-min optimization problem to enhance the detectability of worst-case BIAs, which attain a prescribed attack impact with the least detectability evaluated via Kullback-Leibler divergence. To reduce the computational complexity of the derived non-convex design problem, we consider the detectability of worst-case BIAs at three specific time instants: attack onset, one step after attack occurrence, and the steady state. We prove that the Kalman filter is optimal for maximizing the BIA detectability at the attack onset, regardless of the subset of attacked sensors. For the one-step and steady-state cases, the observer design problems are approximated by bi-convex optimization problems, which can be efficiently solved using alternating optimization and alternating direction method of multipliers. Moreover, more tractable linear matrix inequality relaxations are developed. Finally, the effectiveness of the proposed stealth-aware detection framework is demonstrated through an application to a thermal system.
@article{Dong_Automatica2026,author={Dong, J. and Teixeira, A. M. H.},journal={Automatica (submitted)},title={Stealthy bias injection attack detection based on Kullback-Leibler divergence in stochastic linear systems},}
“Scalable Design of Attack-Resilient Controllers for Positive Systems”.
A. Gurpegui, S. C. Anand, and A. M. H. Teixeira. IEEE Control Systems Letters (submitted) ABSBIB
This paper proposes a framework for secure and resilient controller design for positive systems against cyber-attacks. In particular, we consider a network-controlled system where an adversary injects false data into the actuator channels to increase the control cost (performance measure) while minimizing the attack effort (energy) and subject to state-dependent constraints. Using a minimax formulation, we analyze the worst-case performance loss caused by such adversaries, which is given by the solution of a difference equation, and an algebraic equation when the time horizon is infinite. We show that the optimal attack policy, among possible nonlinear policies, is linear. Despite the lack of explicit stealthiness constraints, we also show that when the measured output has an unstable zero which is not an unstable zero of the performance measure, the attacks can induce unbounded performance degradation. The proposed framework is also extended to systems with model uncertainty. Numerical examples illustrate the results and demonstrate how tools from positive systems and linear regulator theory can be used to mitigate cyber-attacks with low computational effort.
@article{Gurpegui_LCSS2026,author={Gurpegui, A. and Anand, S. C. and Teixeira, A. M. H.},journal={IEEE Control Systems Letters (submitted)},title={Scalable Design of Attack-Resilient Controllers for Positive Systems},}
“Impact analysis of hidden faults in nonlinear control systems using output-to-output gain”.
R. Seifullaev and A. M. H. Teixeira. IFAC World Congress (Submitted) BIB
@inproceedings{Seifullaev_IFACWC2026,author={Seifullaev, R. and Teixeira, A. M. H.},title={Impact analysis of hidden faults in nonlinear control systems using output-to-output gain},booktitle={IFAC World Congress (Submitted)},year={},}
“On the Boundedness of the Solution to the Output-to-output l2-gain Strategic Stealthy Attacks Problem”.
A. Gallo, A. T. Nguyen, G. Oliva, and A. M. H. Teixeira. IEEE Trans. Automatic Control (Submitted) ABSBIB
This paper investigates the output-to-output l2-gain problem in the context of strategic stealthy attacks on networked control systems. We derive necessary and sufficient conditions for the boundedness of the gain by leveraging duality, dissipativity, and applying the semidefinite version of the Farkas Lemma. The analysis yields a rigorous characterization of attack feasibility: we equivalently formulate the problem as a definite programming problem and we show that it admits a solution if and only if the non-minimum phase zeros of the detection subsystem are shared with the performance subsystem. This condition enables the precise assessment of an attacker’s ability to induce maximal disruption while evading detection. The proposed framework offers both theoretical insight and a tractable computational formulation that facilitates practical vulnerability analysis. The obtained results are validated through numerical examples.
@article{Gallo_TAC2025,author={Gallo, A. and Nguyen, A. T. and Oliva, G. and Teixeira, A. M. H.},journal={IEEE Trans. Automatic Control (Submitted)},number={},pages={},title={On the Boundedness of the Solution to the Output-to-output l2-gain Strategic Stealthy Attacks Problem},volume={},year={},}
“Secure Filtering against Spatio-Temporal False Data Attacks under Asynchronous Sampling”.
Z. Li, A. T. Nguyen, A. M. H. Teixeira, Y. Mo, and K. H. Johansson. IEEE Trans. Automatic Control (Submitted) ABSBIB
This paper addresses the secure state estimation problem for continuous linear time-invariant systems with non-periodic and asynchronous sampled measurements, where the sensors need to transmit not only measurements but also sampling time-stamps to the fusion center. This measurement and communication setup is well-suited for operating large-scale control systems and, at the same time, introduces new vulnerabilities that can be exploited by adversaries through (i) manipulation of measurements, (ii) manipulation of time-stamps, (iii) elimination of measurements, (iv) generation of completely new false measurements, or a combination of these attacks. To mitigate these attacks, we propose a decentralized estimation algorithm in which each sensor maintains its local state estimate asynchronously based on its measurements. The local states are synchronized through time prediction and fused after time-stamp alignment. In the absence of attacks, state estimates are proven to recover the optimal Kalman estimates by solving a weighted least square problem. In the presence of attacks, solving this weighted least square problem with the aid of \ell_1 regularization provides secure state estimates with uniformly bounded error under an observability redundancy assumption. The effectiveness of the proposed algorithm is demonstrated using a benchmark example of the IEEE 14-bus system.
@article{Li_TAC2025,author={Li, Z. and Nguyen, A. T. and Teixeira, A. M. H. and Mo, Y. and Johansson, K. H.},journal={IEEE Trans. Automatic Control (Submitted)},title={Secure Filtering against Spatio-Temporal False Data Attacks under Asynchronous Sampling},}
“Efficiently Computing the Cyclic Output-to-Output Gain”.
D. Arnström and A. M. H. Teixeira. System & Control Letters, vol. 213, p. 106430, 2026 ABSBIB
The cyclic output-to-output gain is a security metric for control systems. Commonly, it is computed by solving a semidefinite program, which scales badly and inhibits its use for large-scale systems. We propose a method for computing the cyclic output-to-output gain using Hamiltonian matrices, similar to existing methods for the H∞-norm. In contrast to existing methods for the H∞-norm, the proposed method considers generalized singular values rather than regular singular values. Moreover, to ensure that the Hamiltonian matrices exist, we introduce a regularized version of the cyclic output-to-output gain. Through numerical experiments, we show that the proposed method is more efficient, scalable, and reliable than semi-definite programming approaches.
@article{Arnstrom_SCL2025,author={Arnstr\"{o}m, D. and Teixeira, A. M. H.},journal={System \& Control Letters},volume={213},number={},pages={106430},title={Efficiently Computing the Cyclic Output-to-Output Gain},year={2026},doi={10.1016/j.sysconle.2026.106430},}
“An H2-norm approach to performance analysis of networked control systems under multiplicative routing transformations”.
R. Seifullaev and A. M. H. Teixeira. European Control Conference (Accepted), 2026 ABSBIB
This paper investigates the performance of networked control systems subject to multiplicative routing transformations that alter measurement pathways without directly injecting signals. Such transformations, arising from faults or adversarial actions, modify the feedback structure and can degrade performance while remaining stealthy. An H2-norm framework is proposed to quantify the impact of these transformations by evaluating the ratio between the steady-state energies of performance and residual outputs. Equivalent linear matrix inequality (LMI) formulations are derived for computational assessment, and analytical upper bounds are established to estimate the worst-case degradation. The results provide structural insight into how routing manipulations influence closed-loop behavior and reveal conditions for stealthy multiplicative attacks.
@inproceedings{Seifullaev_ECC2026,author={Seifullaev, R. and Teixeira, A. M. H.},title={An H2-norm approach to performance analysis of networked control systems under multiplicative routing transformations},booktitle={European Control Conference (Accepted)},year={2026},}
“Detecting Feedback-path Delay Injection Attacks Using Interacting Multiple Model Filtering”.
L. Eriksson, T. Wigren, D. Zachariah, and A. M. H. Teixeira. European Control Conference (Accepted), 2026 BIB
@inproceedings{Eriksson_ECC026,author={Eriksson, L. and Wigren, T. and Zachariah, D. and Teixeira, A. M. H.},title={Detecting Feedback-path Delay Injection Attacks Using Interacting Multiple Model Filtering},booktitle={European Control Conference (Accepted)},year={2026},}
“Fundamental limitations of sensitivity metrics for anomaly impact analysis in LTI systems”.
J. Dong, K. Zhang, A. T. Nguyen, and A. M. H. Teixeira. American Control Conference (Accepted), 2026 ABSBIB
This study establishes a connection between the output-to-output gain (OOG), a sensitivity metric quantifying the impact of stealthy attacks, and a novel input-to-input gain (IIG) introduced to evaluate fault sensitivity under disturbances, and investigates their fundamental performance limitations arising from the transmission zeros of the underlying dynamical system. Inspired by the OOG, which characterizes the maximum performance loss caused by stealthy attacks, the IIG is proposed as a new measure of robust fault sensitivity, and is defined as the maximum energy of undetectable faults for a given disturbance intensity. Then, using right (for OOG) and left (for IIG) co-prime factorizations, both metrics are expressed as the H-inf norm of a ratio of the numerator factors. This unified representation facilitates a systematic analysis of their fundamental limitations. Subsequently, by utilizing the Poisson integral relation, theoretical bounds for the IIG and OOG are derived, explicitly characterizing their fundamental limitations imposed by system \mboxnon-minimum phase (NMP) zeros. Finally, a numerical example is employed to validate the results.
@inproceedings{Dong_ACC2026,author={Dong, J. and Zhang, K. and Nguyen, A. T. and Teixeira, A. M. H.},title={Fundamental limitations of sensitivity metrics for anomaly impact analysis in LTI systems},booktitle={American Control Conference (Accepted)},year={2026},}
“Scalable and Optimal Security Allocation in Networks against Stealthy Injection Attacks”.
A. T. Nguyen, S. C. Anand, and A. M. H. Teixeira. IEEE Trans. Automatic Control (Accepted), 2026 ABSBIB
This paper addresses the security allocation problem in a networked control system under stealthy injection attacks. The networked system is comprised of interconnected subsystems which are represented by nodes in a digraph. An adversary compromises the system by injecting false data into several nodes with the aim of maximally disrupting the performance of the network while remaining stealthy to a defender. To minimize the impact of such stealthy attacks, the defender, with limited knowledge about attack policies and attack resources, allocates several sensors on nodes to impose the stealthiness constraint governing the attack policy. We provide an optimal security allocation algorithm to minimize the expected attack impact on the entire network. Furthermore, under a suitable local control design, the proposed security allocation algorithm can be executed in a scalable way. Finally, the obtained results are validated through several numerical examples.
@article{Nguyen_TAC2026,author={Nguyen, A. T. and Anand, S. C. and Teixeira, A. M. H.},journal={IEEE Trans. Automatic Control (Accepted)},title={Scalable and Optimal Security Allocation in Networks against Stealthy Injection Attacks},year={2026},doi={10.1109/TAC.2025.3639126},}
“Vulnerability Analysis against Stealthy Integrity Attacks for Nonlinear Systems”.
K. Zhang, A. Kasis, A. M. H. Teixeira, and B. Jiang. IEEE Conf. on Decision and Control (CDC), 2025 ABSBIB
This paper considers the vulnerability issues of a class of nonlinear systems to stealthy integrity attacks. To characterize the stealthiness of the attack, a forward-invariant set for the system output is introduced. Additionally, a safety set for the system state is established to evaluate the attack’s safety. Our analysis demonstrates that the nonlinear system is non-vulnerable to strictly stealthy integrity attacks if it is uniformly observable. When the uniform observability property is not satisfied, we show that the considered class of nonlinear systems is not vulnerable to stealthy integrity attacks when an output-to-state safe barrier function is admitted. Moreover, for nonlinear systems that are vulnerable to stealthy integrity attacks, we analytically show how these are parameterized. Our analytic results are validated with numerical simulations that demonstrate the applicability of the presented analysis.
@inproceedings{Zhang_CDC2025,author={Zhang, Kangkang and Kasis, Andreas and Teixeira, A. M. H. and Jiang, Bin},title={Vulnerability Analysis against Stealthy Integrity Attacks for Nonlinear Systems},booktitle={IEEE Conf. on Decision and Control (CDC)},year={2025},}
“Bilateral Cognitive Security Games in Networked Control Systems under Stealthy Injection Attacks”.
A. T. Nguyen, Q. Zhu, and A. M. H. Teixeira. IEEE Conf. on Decision and Control (CDC), 2025 ABSBIB
This paper studies a strategic security problem in networked control systems under stealthy false data injection attacks. The security problem is modeled as a bilateral cognitive security game between a defender and an adversary, each possessing cognitive reasoning abilities. The adversary with an adversarial cognitive ability strategically attacks some interconnections of the system with the aim of disrupting the network performance while remaining stealthy to the defender. Meanwhile, the defender with a defense cognitive ability strategically monitors some nodes to impose the stealthiness constraint with the purpose of minimizing the worst-case disruption caused by the adversary. Within the proposed bilateral cognitive security framework, the preferred cognitive levels of the two strategic agents are formulated in terms of two newly proposed concepts, cognitive mismatch and cognitive resonance. Moreover, we propose a method to compute the policies for the defender and the adversary with arbitrary cognitive abilities. A sufficient condition is established under which an increase in cognitive levels does not alter the policies for the defender and the adversary, ensuring convergence. The obtained results are validated through numerical simulations.
@inproceedings{Nguyen_CDC2025,author={Nguyen, A. T. and Zhu, Q. and Teixeira, A. M. H.},title={Bilateral Cognitive Security Games in Networked Control Systems under Stealthy Injection Attacks},booktitle={IEEE Conf. on Decision and Control (CDC)},year={2025},}
“Kullback-Leibler Divergence-Based Filter Design Against Bias Injection Attacks”.
F. E. Tosun, A. M. H. Teixeira, J. Dong, A. Ahlén, and S. Dey. European Journal of Control, p. 101427, 2025 ABSBIB
Cyber-physical systems (CPS) are increasingly deployed in safety-critical applications, making them prime targets for adversarial attacks. Timely detection and mitigation of such attacks are imperative for the safe operation of CPS. This paper proposes a novel residual generator design method for enhanced detection of bias injection attacks (BIAs) in linear CPS driven by white Gaussian noise. Specifically, we define a flexible attack impact metric based on the weighted norm of the injected bias and a detectability metric based on the Kullback-Leibler divergence. Using these two metrics, we characterize the worst-case BIAs as those that minimize detectability while maintaining a specified minimum impact. For residual generation filter synthesis, we formulate two optimization problems: one for maximizing the detectability of worst-case BIAs at the attack onset and the other at steady state. Since these two problems are inherently conflicting, we employ the ϵ-constraint method to obtain Pareto-optimal solutions that balance transient and steady-state detectability. The effectiveness of the proposed filter design method is demonstrated through numerical simulations, with a comparison against two state-of-the-art benchmarks: the Kalman filter and the H_/H2 filter.
@article{Tosun_EJC2025,author={Tosun, F. E. and Teixeira, A. M. H. and Dong, J. and Ahlén, A. and Dey, S.},journal={European Journal of Control},volume={},number={},pages={101427},title={Kullback-Leibler Divergence-Based Filter Design Against Bias Injection Attacks},year={2025},doi={10.1016/j.ejcon.2025.101427},}
“Security Metrics for Uncertain Interconnected Systems under Stealthy Data Injection Attacks”.
A. T. Nguyen, S. C. Anand, and A. M. H. Teixeira. 10th IFAC Conference on Networked Systems (NecSys), 2025 ABSBIB
This paper quantifies the security of uncertain interconnected systems under stealthy data injection attacks. In particular, we consider a large-scale system composed of a certain subsystem interconnected with an uncertain subsystem, where only the input-output channels are accessible. An adversary is assumed to inject false data to maximize the performance loss of the certain subsystem while remaining undetected. By abstracting the uncertain subsystem as a class of admissible systems satisfying an L2 gain constraint, the worst-case performance loss is obtained as the solution to a convex semi-definite program depending only on the certain subsystem dynamics and such an L2 gain constraint. This solution is proved to serve as an upper bound for the actual worst-case performance loss when the model of the entire system is fully certain. The results are demonstrated through numerical simulations of the power transmission grid spanning Sweden and Northern Denmark.
@inproceedings{Nguyen_NecSys2025,author={Nguyen, A. T. and Anand, S. C. and Teixeira, A. M. H.},title={Security Metrics for Uncertain Interconnected Systems under Stealthy Data Injection Attacks},booktitle={10th IFAC Conference on Networked Systems (NecSys)},year={2025},}
“Data-Driven and Stealthy Deactivation of Safety Filters”.
D. Arnström and A. M. H. Teixeira. Annual Learning for Dynamics & Control Conference (L4DC), 2025 ABSBIB
Safety filters ensure that control actions that are executed are always safe, no matter the controller in question. Previous work has proposed a simple and stealthy false-data injection attack for deactivating such safety filters. This attack injects false sensor measurements to bias state estimates toward the interior of a safety region, making the safety filter accept unsafe control actions. The attack does, however, require the adversary to know the dynamics of the system, the safety region used in the safety filter, and the observer gain. In this work we relax these requirements and show how a similar data-injection attack can be performed when the adversary only observes the input and output of the observer that is used by the safety filter, without any a priori knowledge about the system dynamics, safety region, or observer gain. In particular, the adversary uses the observed data to identify a state-space model that describes the observer dynamics, and then approximates a safety region in the identified embedding. We exemplify the data-driven attack on an inverted pendulum, where we show how the attack can make the system leave a safe set, even when a safety filter is supposed to stop this from happening.
@inproceedings{Arnstrom_L4DC2025,author={Arnstr\"{o}m, D. and Teixeira, A. M. H.},title={Data-Driven and Stealthy Deactivation of Safety Filters},booktitle={Annual Learning for Dynamics & Control Conference (L4DC)},year={2025},}
“Data-Driven Identification of Attack-free Sensors in Networked Control Systems”.
S. C. Anand, M. S. Chong, and A. M. H. Teixeira. European Control Conference, 2025 ABSBIB
This paper proposes a data-driven framework to identify the attack-free sensors in a networked control system when some of the sensors are corrupted by an adversary. An operator with access to offline input-output attack-free trajectories of the plant is considered. Then, a data-driven algorithm is proposed to identify the attack-free sensors when the plant is controlled online. We also provide necessary conditions, based on the properties of the plant, under which the algorithm is feasible. An extension of the algorithm is presented to identify the sensors completely online against certain classes of attacks. The efficacy of our algorithm is depicted through numerical examples.
@inproceedings{Anand_ECC2025,author={Anand, S. C. and Chong, M. S. and Teixeira, A. M. H.},title={Data-Driven Identification of Attack-free Sensors in Networked Control Systems},booktitle={European Control Conference},year={2025},}
“Switching Multiplicative Watermark design against Covert Attacks”.
A. J. Gallo, S. C. Anand, A. M. H. Teixeira, and R. M. G. Ferrari. Automatica, vol. 177, p. 112301, 2025 ABSBIB
Active techniques have been introduced to give better detectability performance for cyber-attack diagnosis in cyber–physical systems (CPS). In this paper, switching multiplicative watermarking is considered, whereby we propose an optimal design strategy to define switching filter parameters. Optimality is evaluated exploiting the so-called output-to-output gain of the closed-loop system, including some supposed attack dynamics. A worst-case scenario of a matched covert attack is assumed, presuming that an attacker with full knowledge of the closed-loop system injects a stealthy attack of bounded energy. Our algorithm, given watermark filter parameters at some time instant, provides optimal next-step parameters. Analysis of the algorithm is given, demonstrating its features, and demonstrating that through initialization of certain parameters outside of the algorithm, the parameters of the multiplicative watermarking can be randomized. Simulation shows how, by adopting our method for parameter design, the attacker’s impact on performance diminishes.
@article{Gallo_Automatica2025,author={Gallo, A. J. and Anand, S. C. and Teixeira, A. M. H. and Ferrari, R. M.G.},journal={Automatica},title={Switching Multiplicative Watermark design against Covert Attacks},volume={177},pages={112301},year={2025},doi={10.1016/j.automatica.2025.112301},}
“Kullback-Leibler Divergence-Based Observer Design Against Sensor Bias Injection Attacks in Single-Output Systems”.
F. E. Tosun, A. M. H. Teixeira, J. Dong, A. Ahlén, and S. Dey. IEEE Trans. Information Forensics and Security, vol. 20, pp. 2763–2777, 2025 ABSBIB
This paper considers observer-based anomaly detection of bias injection attacks (BIAs) on cyber-physical systems with linear dynamics and driven by Gaussian noise. Despite the perceived simplicity of this attack strategy, BIAs pose a significant risk to systems that have an integrator in their open-loop dynamics, as the residual generated by any linear observer will be identical under attack and normal operation at steadystate. Consequently, such attacks are detectable only for a limited duration during the transient phase. In this paper, we propose a principled way for designing a residual generation filter based on maximizing the Kullback-Liebler divergence (KLD) during the transients and steady-state. This approach significantly increases the signal-to-noise ratio against BIAs. The effectiveness of our method is demonstrated through numerical examples, comparing it to the Kalman filter and a robust multi-objective H−/H2 filter.
@article{Tosun_TIFS2025,author={Tosun, F. E. and Teixeira, A. M. H. and Dong, J. and Ahlén, A. and Dey, S.},journal={IEEE Trans. Information Forensics and Security},volume={20},number={},pages={2763-2777},title={Kullback-Leibler Divergence-Based Observer Design Against Sensor Bias Injection Attacks in Single-Output Systems},year={2025},doi={10.1109/TIFS.2025.3546167},}
“Security Allocation in Networked Control Systems under Stealthy Attacks”.
A. T. Nguyen, A. M. H. Teixeira, and A. Medvedev. IEEE Trans. Control of Network Systems, vol. 12, no. 1, pp. 216–227, Mar. 2025 ABSBIB
This paper considers the problem of security allocation in a networked control system under stealthy attacks in which the system is comprised of interconnected subsystems represented by vertices. A malicious adversary selects a single vertex on which to conduct a stealthy data injection attack to maximally disrupt the local performance while remaining undetected. On the other hand, a defender selects several vertices on which to allocate defense resources against the adversary. First, the objectives of the adversary and the defender with uncertain targets are formulated in probabilistic ways, resulting in an expected worst-case impact of stealthy attacks. Next, we provide a graph-theoretic necessary and sufficient condition under which the cost for the defender and the expected worst-case impact of stealthy attacks are bounded. This condition enables the defender to restrict the admissible actions to a subset of available vertex sets. Then, we cast the problem of security allocation in a Stackelberg game-theoretic framework. Finally, the contribution of this paper is highlighted by utilizing the proposed admissible actions of the defender in the context of large-scale networks. A numerical example of a 50-vertex networked control system is presented to validate the obtained results.
@article{Nguyen_TCNS2024,author={Nguyen, A. T. and Teixeira, A. M. H. and Medvedev, A.},journal={IEEE Trans. Control of Network Systems},title={Security Allocation in Networked Control Systems under Stealthy Attacks},volume={12},number={1},pages={216-227},doi={10.1109/TCNS.2024.3462546},month=mar,year={2025},}
“Centrality-based Security Allocation in Networked Control Systems”.
A. T. Nguyen, A. Hertzberg, and A. M. H. Teixeira. Critical Information Infrastructures Security, Cham, 2025, pp. 212–230 ABSBIB
This paper addresses the security allocation problem within networked control systems, which consist of multiple interconnected control systems under the influence of two opposing agents: a defender and a malicious adversary. The adversary aims to maximize the worst-case attack impact on system performance while remaining undetected by launching stealthy data injection attacks on one or several interconnected control systems. Conversely, the defender’s objective is to allocate security resources to detect and mitigate these worst-case attacks. A novel centrality-based approach is proposed to guide the allocation of security resources to the most connected or influential subsystems within the network. The methodology involves comparing the worst-case attack impact for both the optimal and centrality-based security allocation solutions. The results demonstrate that the centrality measure approach enables significantly faster allocation of security resources with acceptable levels of performance loss compared to the optimal solution, making it suitable for large-scale networks. The proposed method is validated through numerical examples using Erdös-Rényi graphs.
@inproceedings{Nguyen_CRITIS24,author={Nguyen, A. T. and Hertzberg, A. and Teixeira, A. M. H.},title={Centrality-based Security Allocation in Networked Control Systems},year={2025},editor={Oliva, Gabriele and Panzieri, Stefano and H{\"a}mmerli, Bernhard and Pascucci, Federica and Faramondi, Luca},booktitle={Critical Information Infrastructures Security},publisher={Springer Nature Switzerland},address={Cham},pages={212--230},note={Presented at the 19th International Conference on Critical Information Infrastructures Security},doi={10.1007/978-3-031-84260-3_13},}
“Scalable metrics to quantify security of large-scale systems”.
S. C. Anand, C. Grussler, and A. M. H. Teixeira. IEEE Conference on Decisions and Control, 2024 ABSBIB
This paper addresses the issue of data injection
attacks on the actuators of positive networked control systems.
We introduce an impact metric that quantifies the worst-case
performance loss caused by stealthy attacks. By leveraging the
properties of positive systems, we show that the impact metric
admits an equivalent linear program representation, offering
scalability advantages. Under mild assumptions, we prove the
existence of a solution for the linear program, thereby proving
that the impact metric admits a finite value. Furthermore, we
extend such scalable metrics for uncertain systems and provide
brief insights into cone positive systems.
@inproceedings{Anand_CDC024,author={Anand, S. C. and Grussler, C. and Teixeira, A. M. H.},title={Scalable metrics to quantify security of large-scale systems},year={2024},booktitle={IEEE Conference on Decisions and Control},doi={10.1109/CDC56724.2024.10886808},}
“Event-triggered control of nonlinear systems under deception and Denial-of-Service attacks”.
R. Seifullaev, A. M. H. Teixeira, and A. Ahlén. IEEE Conference on Decisions and Control, 2024 ABSBIB
We address the problem of event-triggered networked control of nonlinear systems under simultaneous deception and Denial-of-Service (DoS) attacks. By DoS attacks, we refer to disruptions in the communication channel that prevent sensor measurements from reaching the controller. When the system undergoes a deception attack, the controller receives a modified output, deviating from the sensor’s original measurement. We implement the input delay approach and the Lyapunov-Krasovskii technique to obtain sufficient conditions, expressed in terms of linear matrix inequalities (LMIs), that characterize the duration of the DoS interruptions under which input-to-state stability (ISS) of the closed-loop system is preserved. Furthermore, we explore scenarios involving simultaneous attacks, where the DoS is modeled as a stochastic Bernoulli process. The closed-loop system is then considered as a stochastic impulsive system. In a similar manner, we derive conditions to ensure mean-square ISS for this case. A numerical example illustrates the efficiency of the results.
@inproceedings{Seifullaev_CDC024,author={Seifullaev, R. and Teixeira, A. M. H. and Ahl\'{e}n, A.},booktitle={IEEE Conference on Decisions and Control},title={Event-triggered control of nonlinear systems under deception and Denial-of-Service attacks},year={2024},doi={10.1109/CDC56724.2024.10886155},}
“Stealthy Deactivation of Safety Filters”.
D. Arnström and A. M. H. Teixeira. European Control Conference, 2024 ABSBIB
Safety filters ensure that only safe control actions are executed. We propose a simple and stealthy false-data injection attack for deactivating such safety filters; in particular, we focus on deactivating safety filters that are based on control barrier functions. The attack injects false sensor measurements to bias state estimates to the interior of a safety region, which makes the safety filter accept unsafe control actions. To detect such attacks, we also propose a detector that detects biases manufactured by the proposed attack policy, which complements conventional detectors when safety filters are used. The proposed attack policy and detector are illustrated on a double integrator example.
@inproceedings{Arnstrom_ECC2024,author={Arnstr\"{o}m, D. and Teixeira, A. M. H.},booktitle={European Control Conference},title={Stealthy Deactivation of Safety Filters},year={2024},}
“Delay Attack and Detection in Feedback Linearized Control Systems”.
T. Wigren and A. M. H. Teixeira. European Control Conference, 2024 ABSBIB
Delay injection attacks on nonlinear control systems may trigger instability mechanisms like finite escape time dynamics. The paper guards against such attacks by showing how a recursive algorithm for identification of nonlinear dynamics and delay can simultaneously provide parameter estimates for controller tuning and detection of delay injection in the feedback path. The attack methodology is illustrated using a simulated feedback linearized automotive cruise controller where the attack is disguised, but anyway rapidly detected.
@inproceedings{Wigren_ECC2024,author={Wigren, T. and Teixeira, A. M. H.},booktitle={European Control Conference},title={Delay Attack and Detection in Feedback Linearized Control Systems},year={2024},}
“Convergence in delayed recursive identification of nonlinear systems”.
T. Wigren. European Control Conference, 2024 ABSBIB
Early detection of delay attacks on feedback control systems can be achieved by recursive identification of delay and dynamics. The paper contributes with an analysis of the convergence of a multiple-model based algorithm for joint recursive identification of fractional delay and continuous time nonlinear state space dynamics. It is proved that the true parameter vector is in the set of global convergence points, while reasons are given why a standard local stability analysis fails. A numerical example illustrates these results.
@inproceedings{Wigren_ECC2025,author={Wigren, T.},booktitle={European Control Conference},title={Convergence in delayed recursive identification of nonlinear systems},year={2024},}
“Kullback-Leibler Divergence-Based Detector Design Against Bias Injection Attacks in an Artificial Pancreas System”.
F. E. Tosun, A. M. H. Teixeira, A. Ahlén, and S. Dey. 12th IFAC Symposium on Fault Detection, Supervision and Safety for Technical Processes, 2024 ABSBIB
This paper considers constant bias injection attacks on the glucose sensor deployed in an artificial pancreas system that has an integrator. The main challenge with such apparently simple attacks is that, if the system is linear and has an integrator, they are only detectable for a limited duration. More formally, they are steady-state stealthy attacks. To address this issue, we propose a residual generation method to increase the detectability of these attacks based on the Kullback–Leibler divergence metric. Illustrative examples with numerical simulations are provided to demonstrate the effectiveness of the proposed method.
@inproceedings{Tosun_SAFEPROCESS2024,author={Tosun, F. E. and Teixeira, A. M. H. and Ahlén, A. and Dey, S.},booktitle={12th IFAC Symposium on Fault Detection, Supervision and Safety for Technical Processes},title={Kullback-Leibler Divergence-Based Detector Design Against Bias Injection Attacks in an Artificial Pancreas System},year={2024},doi={10.1016/j.ifacol.2024.07.269},}
“Quickest Detection of Bias Injection Attacks on the Glucose Sensor in the Artificial Pancreas Under Meal Disturbances”.
F. E. Tosun, A. M. H. Teixeira, M. Abdalmoaty, A. Ahlén, and S. Dey. Journal of Process Control, vol. 153, no. 103162, 2024 ABSBIB
Modern glucose sensors deployed in closed-loop insulin delivery systems, so-called artificial pancreas use wireless communication channels. While this allows a flexible system design, it also introduces vulnerability to cyberattacks. Timely detection and mitigation of attacks are imperative for device safety. However, large unknown meal disturbances are a crucial challenge in determining whether the sensor has been compromised or the sensor glucose trajectories are normal. We address this issue from a control-theoretic security perspective. In particular, a time-varying Kalman filter is employed to handle the sporadic meal intakes. The filter prediction error is then statistically evaluated to detect anomalies if present. We compare two state-of-the-art online anomaly detection algorithms, namely the χ^2 and CUSUM tests. We establish a robust optimal detection rule for unknown bias injections. Even if the optimality holds only for the restrictive case of constant bias injections, we show that the proposed model-based anomaly detection scheme is also effective for generic non-stealthy sensor deception attacks through numerical simulations
@article{Tosun_JPC2024,author={Tosun, F. E. and Teixeira, A. M. H. and Abdalmoaty, M. and Ahl\'{e}n, A. and Dey, S.},journal={Journal of Process Control},volume={153},number={103162},title={Quickest Detection of Bias Injection Attacks on the Glucose Sensor in the Artificial Pancreas Under Meal Disturbances},year={2024},doi={10.1016/j.jprocont.2024.103162},}
“Security Allocation in Networked Control Systems”.
A. T. Nguyen.
Licentiate thesis, Uppsala University, Uppsala, Sweden, 2023 ABSBIB
Sustained use of critical infrastructure, such as electrical power and water distribution networks, requires efficient management and control. Facilitated by the advancements in computational devices and non-proprietary communication technology, such as the Internet, the efficient operation of critical infrastructure relies on network decomposition into interconnected subsystems, thus forming networked control systems. However, the use of public and pervasive communication channels leaves these systems vulnerable to cyber attacks. Consequently, the critical infrastructure is put at risk of suffering operation disruption and even physical damage that would inflict financial costs as well as pose a hazard to human health. Therefore, security is crucial to the sustained efficient operation of critical infrastructure.
This thesis develops a framework for evaluating and improving the security of networked control systems in the face of cyber attacks. The considered security problem involves two strategic agents, namely a malicious adversary and a defender, pursuing their specific and conflicting goals. The defender aims to efficiently allocate defense resources with the purpose of detecting malicious activities. Meanwhile, the malicious adversary simultaneously conducts cyber attacks and remains stealthy to the defender. We tackle the security problem by proposing a game-theoretic framework and characterizing its main components: the payoff function, the action space, and the available information for each agent. Especially, the payoff function is characterized based on the output-to-output gain security metric that fully explores the worst-case attack impact. Then, we investigate the properties of the game and how to efficiently compute its equilibrium. Given the combinatorial nature of the defender’s actions, one important challenge is to alleviate the computational burden. To overcome this challenge, the thesis contributes several system- and graph-theoretic conditions that enable the defender to shrink the action space, efficiently allocating the defense resources. The effectiveness of the proposed framework is validated through numerical examples.
@phdthesis{Nguyen_Lic2023,author={Nguyen, Anh Tung},title={Security Allocation in Networked Control Systems},school={Uppsala University},year={2023},address={Uppsala, Sweden},month=oct,type={Licentiate thesis},}
“Risk Assessment of Stealthy Attacks on Uncertain Control Systems”.
S. C. Anand, A. M. H. Teixeira, and A. Ahlén. IEEE Trans. Automatic Control, vol. 69, no. 5, pp. 3214–3221, May 2024 ABSBIB
In this article, we address the problem of risk assessment of stealthy attacks on uncertain control systems. Considering data injection attacks that aim at maximizing impact while remaining undetected, we use the recently proposed output-to-output gain to characterize the risk associated with the impact of attacks under a limited system knowledge attacker. The risk is formulated using a well-established risk metric, namely the maximum expected loss. Under this setups, the risk assessment problem corresponds to an untractable infinite non-convex optimization problem. To address this limitation, we adopt the framework of scenario-based optimization to approximate the infinite non-convex optimization problem by a sampled non-convex optimization problem. Then, based on the framework of dissipative system theory and S-procedure, the sampled non-convex risk assessment problem is formulated as an equivalent convex semi-definite program. Additionally, we derive the necessary and sufficient conditions for the risk to be bounded. Finally, we illustrate the results through numerical simulation of a hydro-turbine power system.
@article{Anand_TAC2024,author={Anand, S. C. and Teixeira, A. M. H. and Ahl\'{e}n, A.},journal={IEEE Trans. Automatic Control},number={5},pages={3214--3221},title={Risk Assessment of Stealthy Attacks on Uncertain Control Systems},volume={69},month=may,year={2024},doi={10.1109/TAC.2023.3318194},}
“Risk-based Security Measure Allocation Against Actuator Attacks”.
S. C. Anand and A. M. H. Teixeira. IEEE Open Journal of Control Systems, vol. 2, pp. 297–309, 2023 ABSBIB
This article considers the problem of risk-optimal allocation of security measures when the actuators of an uncertain control system are under attack. We consider an adversary injecting false data into the actuator channels. The attack impact is characterized by the maximum performance loss caused by a stealthy adversary with bounded energy. Since the impact is a random variable, due to system uncertainty, we use Conditional Value-at-Risk (CVaR) to characterize the risk associated with the attack. We then consider the problem of allocating the security measures which minimize the risk. We assume that there are only a limited number of security measures available. Under this constraint, we observe that the allocation problem is a mixed-integer optimization problem. Thus we use relaxation techniques to approximate the security allocation problem into a Semi-Definite Program (SDP). We also compare our allocation method (i) across different risk measures: the worst-case measure, the average (nominal) measure, and (ii) across different search algorithms: the exhaustive and the greedy search algorithms. We depict the efficacy of our approach through numerical examples.
@article{Anand_IEEEOJCSys2023,author={Anand, S. C. and Teixeira, A. M. H.},journal={IEEE Open Journal of Control Systems},number={},pages={297--309},title={Risk-based Security Measure Allocation Against Actuator Attacks},volume={2},year={2023},doi={10.1109/OJCSYS.2023.3305831},}
“On the trade-offs between accuracy, privacy, and resilience in average consensus algorithms”.
G. Ramos, A. M. H. Teixeira, and S. Pequito. IEEE Conference on Decisions and Control, 2023 BIB
@inproceedings{Ramos_CDC2023,author={Ramos, G. and Teixeira, A. M. H. and Pequito, S.},booktitle={IEEE Conference on Decisions and Control},title={On the trade-offs between accuracy, privacy, and resilience in average consensus algorithms},year={2023},}
“Robust Sequential Detection of Non-stealthy Sensor Deception Attacks in an Artificial Pancreas System”.
F. E. Tosun and A. M. H. Teixeira. IEEE Conference on Decisions and Control, 2023 BIB
@inproceedings{Tosun_CDC2023,address={},author={Tosun, F. E. and Teixeira, A. M. H.},booktitle={IEEE Conference on Decisions and Control},title={Robust Sequential Detection of Non-stealthy Sensor Deception Attacks in an Artificial Pancreas System},year={2023},}
“Secure State Estimation with Asynchronous Measurements against Malicious Measurement-data and Time-stamp Manipulation”.
Z. Li, A. T. Nguyen, A. M. H. Teixeira, Y. Mo, and K. H. Johansson. IEEE Conference on Decisions and Control, 2023 ABSBIB
This paper proposes a secure state estimation scheme with non-periodic asynchronous measurements for linear continuous-time systems under false data attacks on the measurement transmit channel. After sampling the output of the system, a sensor transmits the measurement information in a triple composed of sensor index, time-stamp, and measurement value to the fusion center via vulnerable communication channels. The malicious attacker can corrupt a subset of the sensors through (i) manipulating the time-stamp and measurement value; (ii) blocking transmitted measurement triples; or (iii) injecting fake measurement triples. To deal with such attacks, we propose the design of local estimators based on observability space decomposition, where each local estimator updates the local state and sends it to the fusion center after sampling a measurement. Whenever there is a local update, the fusion center combines all the local states and generates a secure state estimate by adopting the median operator. We prove that local estimators of benign sensors are unbiased with stable covariance. Moreover, the fused central estimation error has bounded expectation and covariance against at most p corrupted sensors as long as the system is 2p-sparse observable. The efficacy of the proposed scheme is demonstrated through an application on a benchmark example of the IEEE 14-bus system.
@inproceedings{Li_CDC2023,address={},author={Li, Z. and Nguyen, A. T. and Teixeira, A. M. H. and Mo, Y. and Johansson, K. H.},booktitle={IEEE Conference on Decisions and Control},title={Secure State Estimation with Asynchronous Measurements against Malicious Measurement-data and Time-stamp Manipulation},year={2023},}
“Feedback Path Delay Attacks and Detection”.
T. Wigren and A. M. H. Teixeira. IEEE Conference on Decisions and Control, 2023 BIB
@inproceedings{Wigren_CDC2023,address={},author={Wigren, T. and Teixeira, A. M. H.},booktitle={IEEE Conference on Decisions and Control},title={Feedback Path Delay Attacks and Detection},year={2023},}
“Quickest Detection of Deception Attacks on Cyber-Physical Systems with a Parsimonious Watermarking Policy”.
A. Naha, A. M. H. Teixeira, A. Ahlén, and S. Dey. Automatica, vol. 155, p. 111147, 2023 ABSBIB
The addition of a physical watermarking signal to the control input increases the detection probability of data deception attacks at the expense of increased control cost. In this paper, we propose a parsimonious policy to reduce the average number of watermarking events when the attack is not present, which in turn reduces the control cost. We model the system as a stochastic optimal control problem and apply the dynamic programming to minimize the average detection delay (ADD) for fixed upper bounds on false alarm rate (FAR) and increased control cost. The optimal solution results in a two threshold policy on the posterior probability of attack, which is derived from the Shiryaev statistics for sequential change detection assuming the change point is a random variable with a geometric distribution. We derive approximate expressions of ADD and FAR applying the non-linear renewal theory. The relationship between the average number of watermarking added before the attack and the increase in control cost is also derived. We design the optimal watermarking that maximizes the Kullback-Leibler divergence for a fixed increase in the control cost. Simulation studies are performed to illustrate and validate the theoretical results.
@article{Naha_AUTOMATICA2023,author={Naha, A. and Teixeira, A. M. H. and Ahl\'{e}n, A. and Dey, S.},journal={Automatica},number={},pages={111147},title={Quickest Detection of Deception Attacks on Cyber-Physical Systems with a Parsimonious Watermarking Policy},volume={155},year={2023},doi={10.1016/j.automatica.2023.111147},}
“Quickest Physical Watermarking-Based Detection of Measurement Replacement Attacks in Networked Control Systems”.
A. Naha, A. M. H. Teixeira, A. Ahlén, and S. Dey. European Journal of Control, vol. 71, p. 100804, 2023 ABSBIB
In this paper, we propose and analyze an attack detection scheme for securing the physical layer of a networked control system (NCS) with a wireless sensor network against attacks where the adversary replaces the true observations with stationary false data. An independent and identically distributed watermarking signal is added to the optimal linear quadratic Gaussian (LQG) control inputs, and a cumulative sum (CUSUM) test is carried out using the joint distribution of the innovation signal and the watermarking signal for quickest attack detection. We derive the expressions of the supremum of the average detection delay (SADD) for a multi-input and multi-output (MIMO) system under the optimal and sub-optimal CUSUM tests. The SADD is asymptotically inversely proportional to the expected KullbackLeibler divergence (KLD) under certain conditions. The expressions for the MIMO case are simplified for multi-input and single-output systems and explored further to distil design insights. We provide insights into the design of an optimal watermarking signal to maximize KLD for a given fixed increase in LQG control cost when there is no attack. Furthermore, we investigate how the attacker and the control system designer can accomplish their respective objectives by changing the relative power of the attack signal and the watermarking signal. Simulations and numerical studies are carried out to validate the theoretical results.
@article{Naha_EJC2023,author={Naha, A. and Teixeira, A. M. H. and Ahl\'{e}n, A. and Dey, S.},journal={European Journal of Control},number={},pages={100804},title={Quickest Physical Watermarking-Based Detection of Measurement Replacement Attacks in Networked Control Systems},volume={71},year={2023},doi={10.1016/j.ejcon.2023.100804},}
“Privacy and Security in Network Controlled Systems via Dynamic Masking”.
M. Abdalmoaty, S. C. Anand, and A. M. H. Teixeira. IFAC World Congress, 2023 ABSVIDBIB
In this paper, we propose a new architecture to enhance the privacy and security of networked control systems against malicious adversaries. We consider an adversary which first learns the system dynamics (privacy) using system identification techniques, and then performs a data injection attack (security). In particular, we consider an adversary conducting zero-dynamics attacks (ZDA) which maximizes the performance cost of the system whilst staying undetected. However, using the proposed architecture, we show that it is possible to (i) introduce significant bias in the system estimates of the adversary: thus providing privacy of the system parameters, and (ii) efficiently detect attacks when the adversary performs a ZDA using the identified system: thus providing security. Through numerical simulations, we illustrate the efficacy of the proposed architecture.
@inproceedings{AbdalmoatyIFAC2023,address={},author={Abdalmoaty, M. and Anand, S. C. and Teixeira, A. M. H.},booktitle={IFAC World Congress},title={Privacy and Security in Network Controlled Systems via Dynamic Masking},year={2023},video={https://youtu.be/uuz5ppriWLk},}
“Optimal Detector Placement in Networked Control Systems under Cyber-attacks with Applications to Power Networks”.
A. T. Nguyen, S. C. Anand, A. M. H. Teixeira, and A. Medvedev. IFAC World Congress, 2023 ABSBIB
This paper proposes a game-theoretic method to address the problem of optimal detector placement in a networked control system under cyber-attacks. The networked control system is composed of interconnected agents where each agent is regulated by its local controller over unprotected communication, which leaves the system vulnerable to malicious cyber-attacks. To guarantee a given local performance, the defender optimally selects a single agent on which to place a detector at its local controller with the purpose of detecting cyber-attacks. On the other hand, an adversary optimally chooses a single agent on which to conduct a cyber-attack on its input with the aim of maximally worsening the local performance while remaining stealthy to the defender. First, we present a necessary and sufficient condition to ensure that the maximal attack impact on the local performance is bounded, which restricts the possible actions of the defender to a subset of available agents. Then, by considering the maximal attack impact on the local performance as a game payoff, we cast the problem of finding optimal actions of the defender and the adversary as a zero-sum game. Finally, with the possible action sets of the defender and the adversary, an algorithm is devoted to determining the Nash equilibria of the zero-sum game that yield the optimal detector placement. The proposed method is illustrated on an IEEE benchmark for power systems.
@inproceedings{NguyenIFAC2023,address={},author={Nguyen, A. T. and Anand, S. C. and Teixeira, A. M. H. and Medvedev, A.},booktitle={IFAC World Congress},title={Optimal Detector Placement in Networked Control Systems under Cyber-attacks with Applications to Power Networks},year={2023},}
“On-line Identification of Delay Attacks in Networked Servo Control”.
T. Wigren and A. M. H. Teixeira. IFAC World Congress, 2023 ABSBIB
The paper discusses attacks on networked control loops by increased delay, and shows how existing round trip jitter may disguise such attacks. The attackers objective need not be de-stabilization, the paper argues that making settling time requirements fail can be sufficient. To defend against such attacks, the paper proposes the use of joint recursive prediction error identification of the round trip delay and the networked closed loop dynamics. The proposed identification algorithm allows general defense, since it is designed for delayed nonlinear dynamics in state space form. Simulations show that the method is able to detect a delay attack on a printed circuit board component mounting servo loop, long before the attack reaches full effect.
@inproceedings{WigrenIFAC2023,address={},author={Wigren, T. and Teixeira, A. M. H.},booktitle={IFAC World Congress},title={On-line Identification of Delay Attacks in Networked Servo Control},year={2023},}
“An Online Kullback-Leibler Divergence-Based Stealthy Attack against Cyber-Physical Systems”.
Q. Zhang, K. Liu, A. M. H. Teixeira, Y. Li, S. Chai, and Y. Xia. IEEE Trans. Automatic Control, vol. 68, no. 6, pp. 3672–3679, 2023 ABSBIB
This article investigates the design of online stealthy attacks with the aim of moving the system’s state to a desired target. Different from the design of offline attacks, which is only based on the system’s model, to design the online attack, the attacker also estimates the system’s state with the intercepted data at each instant and computes the optimal attack accordingly. To ensure stealthiness, the Kullback-Leibler divergence between the innovations with and without attacks at each instant should be smaller than a threshold. We show that the attacker should solve a convex optimization problem at each instant to compute the mean and covariance of the attack. The feasibility of the attack policy is also discussed. Furthermore, for the strictly stealthy case with zero threshold, the analytic expression of the unique optimal attack is given. Finally, a numerical example of the longitudinal flight control system is adopted to illustrate the effectiveness of the proposed attack.
@article{Zhang_TAC2023,author={Zhang, Q. and Liu, K. and Teixeira, A. M. H. and Li, Y. and Chai, S. and Xia, Y.},journal={IEEE Trans. Automatic Control},number={6},pages={3672--3679},title={An Online Kullback-Leibler Divergence-Based Stealthy Attack against Cyber-Physical Systems},volume={68},year={2023},doi={10.1109/TAC.2022.3192201},}
“Sequential detection of Replay attacks”.
A. Naha, A. M. H. Teixeira, A. Ahlén, and S. Dey. IEEE Trans. Automatic Control, vol. 68, no. 3, pp. 1941–1948, 2023 ABSBIB
One of the most studied forms of attacks on the cyber-physical systems is the replay attack. The statistical similarities of the replayed signal and the true observations make the replay attack difficult to detect. In this paper, we address the problem of replay attack detection by adding watermarking to the control inputs and then perform resilient detection using cumulative sum (CUSUM) test on the joint statistics of the innovation signal and the watermarking signal, whereas existing work considers only the marginal distribution of the innovation signal. We derive the expression of the Kullback-Liebler divergence (KLD) between the two joint distributions before and after the replay attack, which is, asymptotically, inversely proportional to the detection delay. We perform a structural analysis of the derived KLD expression and suggest a technique to improve the KLD for the systems with relative degree greater than one. A scheme to find the optimal watermarking signal variance for a fixed increase in the control cost to maximize the KLD under the CUSUM test is presented. We provide various numerical simulation results to support our theory. The proposed method is also compared with a state-ofthe-art method based on the Neyman-Pearson detector, illustrating
the smaller detection delay of the proposed sequential detector.
@article{NahaTAC2022,author={Naha, A. and Teixeira, A. M. H. and Ahl\'{e}n, A. and Dey, S.},journal={IEEE Trans. Automatic Control},number={3},pages={1941--1948},title={Sequential detection of Replay attacks},volume={68},year={2023},doi={10.1109/TAC.2022.3174004},}
“A Zero-Sum Game Framework for Optimal Sensor Placement in Uncertain Networked Control Systems under Cyber-Attacks”.
A. T. Nguyen, S. C. Anand, and A. M. H. Teixeira. IEEE Conference on Decision and Control (CDC), 2022 ABSBIB
This paper proposes a game-theoretic approach to address the problem of optimal sensor placement against an adversary in uncertain networked control systems. The problem is formulated as a zero-sum game with two players, namely a malicious adversary and a detector. Given a protected performance vertex, we consider a detector, with uncertain system knowledge, that selects another vertex on which to place a sensor and monitors its output with the aim of detecting the presence of the adversary. On the other hand, the adversary, also with uncertain system knowledge, chooses a single vertex and conducts a cyber-attack on its input. The purpose of the adversary is to drive the attack vertex as to maximally disrupt the protected performance vertex while remaining undetected by the detector. As our first contribution, the game payoff of the above-defined zero-sum game is formulated in terms of the Value-at-Risk of the adversary’s impact. However, this game payoff corresponds to an intractable optimization problem. To tackle the problem, we adopt the scenario approach to approximately compute the game payoff. Then, the optimal monitor selection is determined by analyzing the equilibrium of the zero-sum game. The proposed approach is illustrated via a numerical example of a 10-vertex networked control system.
@inproceedings{NguyenCDC2022,address={},author={Nguyen, A. T. and Anand, S. C. and Teixeira, A. M. H.},booktitle={IEEE Conference on Decision and Control (CDC)},title={A Zero-Sum Game Framework for Optimal Sensor Placement in Uncertain Networked Control Systems under Cyber-Attacks},year={2022},doi={10.1109/CDC51059.2022.9992468},}
“Structural analyses of a parsimonious watermarking policy
for data deception attack detection in networked control systems”.
A. Naha, A. M. H. Teixeira, A. Ahlén, and S. Dey. IEEE Conference on Decisions and Control (CDC), 2022 ABSBIB
In this paper, we perform structural analyses of a parsimonious watermarking policy, which minimizes the average detection delay (ADD) to detect data deception attacks on networked control systems (NCS) for a fixed upper bound on the false alarm rate (FAR). The addition of physical watermarking to the control input of a NCS increases the probability of attack detections with an increase in the control cost. Therefore, we formulate the problem of data deception attack detection for NCS with the facility to add physical watermarking as a stochastic optimal control problem. Then we solve the problem by applying dynamic programming value iterations and find a parsimonious watermarking policy that decides to add watermarking and detects attacks based on the estimated posterior probability of attack. We analyze the optimal policy structure and find that it can be a one, two or three threshold policy depending on a few parameter values. Simulation studies show that the optimal policy for a practical range of parameter values is a two-threshold policy on the posterior probability of attack. Derivation of a threshold-based policy from the structural analysis of the value iteration method reduces the computational complexity during the runtime implementation and offers better structural insights. Furthermore, such an analysis provides a guideline for selecting the parameter values to meet the design requirements.
@inproceedings{NahaCDC2022,address={},author={Naha, A. and Teixeira, A. M. H. and Ahl\'{e}n, A. and Dey, S.},booktitle={IEEE Conference on Decisions and Control (CDC)},title={Structural analyses of a parsimonious watermarking policy
for data deception attack detection in networked control systems},year={2022},doi={10.1109/CDC51059.2022.9993201},}
“Risk assessment and optimal allocation of security measures under stealthy false data injection attacks”.
S. C. Anand, A. M. H. Teixeira, and A. Ahlén. IEEE Conference on Control Technology and Applications (CCTA), 2022 ABSBIB
This paper firstly addresses the problem of risk assessment under false data injection attacks on uncertain control systems. We consider an adversary with complete system knowledge, injecting stealthy false data into an uncertain control system. We then use the Value-at-Risk to characterize the risk associated with the attack impact caused by the adversary. The worst-case attack impact is characterized by the recently proposed output-to-output gain. We observe that the risk assessment problem corresponds to an infinite non-convex robust optimization problem. To this end, we use dissipative system theory and the scenario approach to approximate the risk-assessment problem into a convex problem and also provide probabilistic certificates on approximation. Secondly, we con-sider the problem of security measure allocation. We consider an operator with a constraint on the security budget. Under this constraint, we propose an algorithm to optimally allocate the security measures using the calculated risk such that the resulting Value-at-risk is minimized. Finally, we illustrate the results through a numerical example. The numerical example also illustrates that the security allocation using the Value-at-risk, and the impact on the nominal system may have different outcomes: thereby depicting the benefit of using risk metrics.
@inproceedings{AnandCCTA2022,address={},author={Anand, S. C. and Teixeira, A. M. H. and Ahl\'{e}n, A.},booktitle={IEEE Conference on Control Technology and Applications (CCTA)},title={Risk assessment and optimal allocation of security measures under stealthy false data injection attacks},year={2022},doi={10.1109/CCTA49430.2022.9966025},}
“A Single-Adversary-Single-Detector Zero-Sum Game in Networked Control Systems”.
A. T. Nguyen, A. M. H. Teixeira, and A. Medvedev. IFAC Conference on Networked Systems (NecSys), 2022 ABSBIB
This paper proposes a game-theoretic approach to address the problem of optimal sensor placement for detecting cyber-attacks in networked control systems. The problem is formulated as a zero-sum game with two players, namely a malicious adversary and a detector. Given a protected target vertex, the detector places a sensor at a single vertex to monitor the system and detect the presence of the adversary. On the other hand, the adversary selects a single vertex through which to conduct a cyber-attack that maximally disrupts the target vertex while remaining undetected by the detector. As our first contribution, for a given pair of attack and monitor vertices and a known target vertex, the game payoff function is defined as the output-to-output gain of the respective system. Then, the paper characterizes the set of feasible actions by the detector that ensures bounded values of the game payoff. Finally, an algebraic sufficient condition is proposed to examine whether a given vertex belongs to the set of feasible monitor vertices. The optimal sensor placement is then determined by computing the mixed-strategy Nash equilibrium of the zero-sum game through linear programming. The approach is illustrated via a numerical example of a 10-vertex networked control system with a given target vertex.
@inproceedings{NguyenNecsys2022,address={},author={Nguyen, A. T. and Teixeira, A. M. H. and Medvedev, A.},booktitle={IFAC Conference on Networked Systems (NecSys)},title={A Single-Adversary-Single-Detector Zero-Sum Game in Networked Control Systems},year={2022},doi={10.1016/j.ifacol.2022.07.234},}
“Detection of Bias Injection Attacks on the Glucose Sensor in the Artificial Pancreas Under Meal Disturbances”.
F. E. Tosun, A. M. H. Teixeira, A. Ahlén, and S. Dey. American Control Conference, Atlanta, Georgia, USA, 2022 ABSBIB
The artificial pancreas is an emerging concept of closed-loop insulin delivery that aims to tightly regulate the blood glucose levels in patients with type 1 diabetes. This paper considers bias injection attacks on the glucose sensor deployed in an artificial pancreas. Modern glucose sensors transmit measurements through wireless communication that are vulnerable to cyber-attacks, which must be timely detected and mitigated. To this end, we propose a model-based anomaly detection scheme using a Kalman filter and a χ 2 test. One key challenge is to distinguish cyber-attacks from large unknown disturbances arising from meal intake. This challenge is addressed by an online meal estimator, and a novel time-varying detection threshold. More precisely, we show that the ordinary least squares is the optimal unbiased estimator of the meal size under certain modelling assumptions. Moreover, we derive a novel time-varying threshold for the χ 2 detector to avoid false alarms during meal ingestion. The results are validated by means of numerical simulations.
@inproceedings{Tosun_ACC2022,address={Atlanta, Georgia, USA},author={Tosun, F. E. and Teixeira, A. M. H. and Ahl\'{e}n, A. and Dey, S.},booktitle={American Control Conference},title={Detection of Bias Injection Attacks on the Glucose Sensor in the Artificial Pancreas Under Meal Disturbances},year={2022},doi={10.23919/ACC53348.2022.9867556},}
“Sequential Detection of Replay Attacks with a Parsimonious Watermarking Policy”.
A. Naha, A. M. H. Teixeira, A. Ahlén, and S. Dey. American Control Conference, Atlanta, Georgia, USA, 2022 ABSBIB
In this paper, we have proposed a technique for Bayesian sequential detection of replay attacks on networked control systems with a constraint on the average number of watermarking (ANW) events used during normal system operations. Such a constraint limits the increase in the control cost due to watermarking. To determine the optimal sequence regarding the addition or otherwise of watermarking signals, first, we formulate an infinite horizon stochastic optimal control problem with a termination state. Then applying the value iteration approach, we find an optional policy that minimizes the average detection delay (ADD) for fixed upper bounds on the false alarm rate (FAR) and ANW. The optimal policy turns out to be a two thresholds policy on the posterior probability of attack. We derive approximate expressions of ADD and FAR as functions of the two derived thresholds and a few other parameters. A simulation study on a single-input single-output system illustrates that the proposed method improves the control cost considerably at the expense of small increases in ADD. We also perform simulation studies to validate the derived theoretical results.
@inproceedings{Naha_ACC2022,address={Atlanta, Georgia, USA},author={Naha, A. and Teixeira, A. M. H. and Ahl\'{e}n, A. and Dey, S.},booktitle={American Control Conference},title={Sequential Detection of Replay Attacks with a Parsimonious Watermarking Policy},year={2022},doi={10.23919/ACC53348.2022.9867703},}
“Risk-averse controller design against data injection attacks on actuators for uncertain control systems”.
S. C. Anand and A. M. H. Teixeira. American Control Conference, Atlanta, Georgia, USA, 2022 ABSBIB
In this paper, we consider the optimal controller design problem against data injection attacks on actuators for an uncertain control system. We consider attacks that aim at maximizing the attack impact while remaining stealthy in the finite horizon. To this end, we use the Conditional Value-at-Risk to characterize the risk associated with the impact of attacks. The worst-case attack impact is characterized using the recently proposed output-to-output ℓ 2 -gain (OOG). We formulate the design problem and observe that it is non-convex and hard to solve. Using the framework of scenario-based optimization and a convex proxy for the OOG, we propose a convex optimization problem that approximately solves the design problem with probabilistic certificates. Finally, we illustrate the results through a numerical example.
@inproceedings{Anand_ACC2022,address={Atlanta, Georgia, USA},author={Anand, S. C. and Teixeira, A. M. H.},booktitle={American Control Conference},title={Risk-averse controller design against data injection attacks on actuators for uncertain control systems},year={2022},doi={10.23919/ACC53348.2022.9867257},}
“Design of multiplicative watermarking against covert attacks”.
A. J. Gallo, S. C. Anand, A. M. H. Teixeira, and R. M. G. Ferrari. IEEE Conf. Decision and Control, Austin, Texas, USA, 2021 BIB
@inproceedings{Gallo_CDC2021,address={Austin, Texas, USA},author={Gallo, A. J. and Anand, S. C. and Teixeira, A. M. H. and Ferrari, R. M. G.},booktitle={IEEE Conf. Decision and Control},title={Design of multiplicative watermarking against covert attacks},year={2021},doi={10.1109/CDC45484.2021.9683075},}
“Stealthy Cyber-Attack Design Using Dynamic Programming”.
S. C. Anand and A. M. H. Teixeira. IEEE Conf. Decision and Control, Austin, Texas, USA, 2021 BIB
@inproceedings{Anand_CDC2021,address={Austin, Texas, USA},author={Anand, S. C. and Teixeira, A. M. H.},booktitle={IEEE Conf. Decision and Control},title={Stealthy Cyber-Attack Design Using Dynamic Programming},year={2021},doi={10.1109/CDC45484.2021.9683451},}
“Deception Attack Detection Using Reduced Watermarking”.
A. Naha, A. M. H. Teixeira, A. Ahlén, and S. Dey. Eur. Control Conf., Rotterdam, The Netherlands, 2021 BIB
@inproceedings{Naha_ECC2021,address={Rotterdam, The Netherlands},author={Naha, A. and Teixeira, A. M. H. and Ahl\'{e}n, A. and Dey, S.},booktitle={Eur. Control Conf.},title={Deception Attack Detection Using Reduced Watermarking},year={2021},doi={10.23919/ECC54610.2021.9654843},}
“Introduction to the Book”.
R. M. G. Ferrari and A. M. H. Teixeira.
in Safety, Security and Privacy for Cyber-Physical Systems, R. M. G. Ferrari and A. M. H. Teixeira, Eds. Cham: Springer International Publishing, 2021, pp. 1–8 BIB
@incollection{FerrariTeixeira_Springer2021,author={Ferrari, Riccardo M. G. and Teixeira, Andr{\'e} M. H.},editor={Ferrari, Riccardo M.G. and Teixeira, Andr{\'e} M. H.},title={Introduction to the Book},booktitle={Safety, Security and Privacy for Cyber-Physical Systems},year={2021},publisher={Springer International Publishing},address={Cham},pages={1--8},isbn={978-3-030-65048-3},doi={10.1007/978-3-030-65048-3_1},}
“Security Metrics for Control Systems”.
A. M. H. Teixeira.
in Safety, Security and Privacy for Cyber-Physical Systems, R. M. G. Ferrari and A. M. H. Teixeira, Eds. Cham: Springer International Publishing, 2021, pp. 1–8 BIB
@incollection{Teixeira_Springer2021,author={Teixeira, Andr{\'e} M. H.},editor={Ferrari, Riccardo M.G. and Teixeira, Andr{\'e} M. H.},title={Security Metrics for Control Systems},booktitle={Safety, Security and Privacy for Cyber-Physical Systems},year={2021},publisher={Springer International Publishing},address={Cham},pages={1--8},isbn={978-3-030-65048-3},doi={10.1007/978-3-030-65048-3_6},}
“Detection of Cyber-Attacks: A Multiplicative Watermarking Scheme”.
R. M. G. Ferrari and A. M. H. Teixeira.
in Safety, Security and Privacy for Cyber-Physical Systems, R. M. G. Ferrari and A. M. H. Teixeira, Eds. Cham: Springer International Publishing, 2021, pp. 1–8 BIB
@incollection{Ferrari_Springer2021,author={Ferrari, Riccardo M. G. and Teixeira, Andr{\'e} M. H.},editor={Ferrari, Riccardo M.G. and Teixeira, Andr{\'e} M. H.},title={Detection of Cyber-Attacks: A Multiplicative Watermarking Scheme},booktitle={Safety, Security and Privacy for Cyber-Physical Systems},year={2021},publisher={Springer International Publishing},address={Cham},pages={1--8},isbn={978-3-030-65048-3},doi={10.1007/978-3-030-65048-3_9},}
“Privatized Distributed Anomaly Detection for Large-Scale Nonlinear Uncertain Systems”.
V. Rostampour, R. M. G. Ferrari, A. M. H. Teixeira, and T. Keviczky. IEEE Trans. Automatic Control, vol. 66, no. 11, pp. 5299–5313, 2021 BIB
@article{Rostampour_TAC2020,author={Rostampour, V. and Ferrari, R. M.G. and Teixeira, A. M. H. and Keviczky, T.},journal={IEEE Trans. Automatic Control},number={11},pages={5299--5313},title={Privatized Distributed Anomaly Detection for Large-Scale Nonlinear Uncertain Systems},volume={66},year={2021},doi={10.1109/TAC.2020.3040251},}
“A Switching Multiplicative Watermarking Scheme for Detection of Stealthy Cyber-Attacks”.
R. Ferrari and A. M. H. Teixeira. IEEE Trans. Automatic Control, vol. 66, no. 6, pp. 2558–2573, 2020 BIB
@article{Ferrari_TAC2020,author={Ferrari, R. and Teixeira, A. M. H.},journal={IEEE Trans. Automatic Control},number={6},pages={2558--2573},title={A Switching Multiplicative Watermarking Scheme for Detection of Stealthy Cyber-Attacks},volume={66},year={2020},}
ADSec - Analysis and Design of Secure and Resilient Control Systems (2019-2023)
Call: VR Starting Grant, funded by the Swedish Research Council (Vetenskapsrådet)
Reports on cyber-attacks, such as Stuxnet, have shown their devastating consequences on digitally controlled systems supporting modern societies. It is therefore of the utmost importance for control systems to be able to early detect and mitigate malicious cyber-attacks, which aim at having a significant impact on the system while remaining undetected. Unfortunately, existing techniques in control theory consider impact and detectability separately, and thus fail to accurately tackle malicious cyber-attacks. The aim of this project is to develop novel security metrics that jointly consider the impact and detectability of attacks, and that support the analysis and design of anomaly detectors and controllers for improved security and resilience.
“Risk Assessment of Stealthy Attacks on Uncertain Control Systems”.
S. C. Anand, A. M. H. Teixeira, and A. Ahlén. IEEE Trans. Automatic Control, vol. 69, no. 5, pp. 3214–3221, May 2024 ABSBIB
In this article, we address the problem of risk assessment of stealthy attacks on uncertain control systems. Considering data injection attacks that aim at maximizing impact while remaining undetected, we use the recently proposed output-to-output gain to characterize the risk associated with the impact of attacks under a limited system knowledge attacker. The risk is formulated using a well-established risk metric, namely the maximum expected loss. Under this setups, the risk assessment problem corresponds to an untractable infinite non-convex optimization problem. To address this limitation, we adopt the framework of scenario-based optimization to approximate the infinite non-convex optimization problem by a sampled non-convex optimization problem. Then, based on the framework of dissipative system theory and S-procedure, the sampled non-convex risk assessment problem is formulated as an equivalent convex semi-definite program. Additionally, we derive the necessary and sufficient conditions for the risk to be bounded. Finally, we illustrate the results through numerical simulation of a hydro-turbine power system.
@article{Anand_TAC2024,author={Anand, S. C. and Teixeira, A. M. H. and Ahl\'{e}n, A.},journal={IEEE Trans. Automatic Control},number={5},pages={3214--3221},title={Risk Assessment of Stealthy Attacks on Uncertain Control Systems},volume={69},month=may,year={2024},doi={10.1109/TAC.2023.3318194},}
“Risk-based Security Measure Allocation Against Actuator Attacks”.
S. C. Anand and A. M. H. Teixeira. IEEE Open Journal of Control Systems, vol. 2, pp. 297–309, 2023 ABSBIB
This article considers the problem of risk-optimal allocation of security measures when the actuators of an uncertain control system are under attack. We consider an adversary injecting false data into the actuator channels. The attack impact is characterized by the maximum performance loss caused by a stealthy adversary with bounded energy. Since the impact is a random variable, due to system uncertainty, we use Conditional Value-at-Risk (CVaR) to characterize the risk associated with the attack. We then consider the problem of allocating the security measures which minimize the risk. We assume that there are only a limited number of security measures available. Under this constraint, we observe that the allocation problem is a mixed-integer optimization problem. Thus we use relaxation techniques to approximate the security allocation problem into a Semi-Definite Program (SDP). We also compare our allocation method (i) across different risk measures: the worst-case measure, the average (nominal) measure, and (ii) across different search algorithms: the exhaustive and the greedy search algorithms. We depict the efficacy of our approach through numerical examples.
@article{Anand_IEEEOJCSys2023,author={Anand, S. C. and Teixeira, A. M. H.},journal={IEEE Open Journal of Control Systems},number={},pages={297--309},title={Risk-based Security Measure Allocation Against Actuator Attacks},volume={2},year={2023},doi={10.1109/OJCSYS.2023.3305831},}
“Feedback Path Delay Attacks and Detection”.
T. Wigren and A. M. H. Teixeira. IEEE Conference on Decisions and Control, 2023 BIB
@inproceedings{Wigren_CDC2023,address={},author={Wigren, T. and Teixeira, A. M. H.},booktitle={IEEE Conference on Decisions and Control},title={Feedback Path Delay Attacks and Detection},year={2023},}
“Quickest Detection of Deception Attacks on Cyber-Physical Systems with a Parsimonious Watermarking Policy”.
A. Naha, A. M. H. Teixeira, A. Ahlén, and S. Dey. Automatica, vol. 155, p. 111147, 2023 ABSBIB
The addition of a physical watermarking signal to the control input increases the detection probability of data deception attacks at the expense of increased control cost. In this paper, we propose a parsimonious policy to reduce the average number of watermarking events when the attack is not present, which in turn reduces the control cost. We model the system as a stochastic optimal control problem and apply the dynamic programming to minimize the average detection delay (ADD) for fixed upper bounds on false alarm rate (FAR) and increased control cost. The optimal solution results in a two threshold policy on the posterior probability of attack, which is derived from the Shiryaev statistics for sequential change detection assuming the change point is a random variable with a geometric distribution. We derive approximate expressions of ADD and FAR applying the non-linear renewal theory. The relationship between the average number of watermarking added before the attack and the increase in control cost is also derived. We design the optimal watermarking that maximizes the Kullback-Leibler divergence for a fixed increase in the control cost. Simulation studies are performed to illustrate and validate the theoretical results.
@article{Naha_AUTOMATICA2023,author={Naha, A. and Teixeira, A. M. H. and Ahl\'{e}n, A. and Dey, S.},journal={Automatica},number={},pages={111147},title={Quickest Detection of Deception Attacks on Cyber-Physical Systems with a Parsimonious Watermarking Policy},volume={155},year={2023},doi={10.1016/j.automatica.2023.111147},}
“Quickest Physical Watermarking-Based Detection of Measurement Replacement Attacks in Networked Control Systems”.
A. Naha, A. M. H. Teixeira, A. Ahlén, and S. Dey. European Journal of Control, vol. 71, p. 100804, 2023 ABSBIB
In this paper, we propose and analyze an attack detection scheme for securing the physical layer of a networked control system (NCS) with a wireless sensor network against attacks where the adversary replaces the true observations with stationary false data. An independent and identically distributed watermarking signal is added to the optimal linear quadratic Gaussian (LQG) control inputs, and a cumulative sum (CUSUM) test is carried out using the joint distribution of the innovation signal and the watermarking signal for quickest attack detection. We derive the expressions of the supremum of the average detection delay (SADD) for a multi-input and multi-output (MIMO) system under the optimal and sub-optimal CUSUM tests. The SADD is asymptotically inversely proportional to the expected KullbackLeibler divergence (KLD) under certain conditions. The expressions for the MIMO case are simplified for multi-input and single-output systems and explored further to distil design insights. We provide insights into the design of an optimal watermarking signal to maximize KLD for a given fixed increase in LQG control cost when there is no attack. Furthermore, we investigate how the attacker and the control system designer can accomplish their respective objectives by changing the relative power of the attack signal and the watermarking signal. Simulations and numerical studies are carried out to validate the theoretical results.
@article{Naha_EJC2023,author={Naha, A. and Teixeira, A. M. H. and Ahl\'{e}n, A. and Dey, S.},journal={European Journal of Control},number={},pages={100804},title={Quickest Physical Watermarking-Based Detection of Measurement Replacement Attacks in Networked Control Systems},volume={71},year={2023},doi={10.1016/j.ejcon.2023.100804},}
“Privacy and Security in Network Controlled Systems via Dynamic Masking”.
M. Abdalmoaty, S. C. Anand, and A. M. H. Teixeira. IFAC World Congress, 2023 ABSVIDBIB
In this paper, we propose a new architecture to enhance the privacy and security of networked control systems against malicious adversaries. We consider an adversary which first learns the system dynamics (privacy) using system identification techniques, and then performs a data injection attack (security). In particular, we consider an adversary conducting zero-dynamics attacks (ZDA) which maximizes the performance cost of the system whilst staying undetected. However, using the proposed architecture, we show that it is possible to (i) introduce significant bias in the system estimates of the adversary: thus providing privacy of the system parameters, and (ii) efficiently detect attacks when the adversary performs a ZDA using the identified system: thus providing security. Through numerical simulations, we illustrate the efficacy of the proposed architecture.
@inproceedings{AbdalmoatyIFAC2023,address={},author={Abdalmoaty, M. and Anand, S. C. and Teixeira, A. M. H.},booktitle={IFAC World Congress},title={Privacy and Security in Network Controlled Systems via Dynamic Masking},year={2023},video={https://youtu.be/uuz5ppriWLk},}
“On-line Identification of Delay Attacks in Networked Servo Control”.
T. Wigren and A. M. H. Teixeira. IFAC World Congress, 2023 ABSBIB
The paper discusses attacks on networked control loops by increased delay, and shows how existing round trip jitter may disguise such attacks. The attackers objective need not be de-stabilization, the paper argues that making settling time requirements fail can be sufficient. To defend against such attacks, the paper proposes the use of joint recursive prediction error identification of the round trip delay and the networked closed loop dynamics. The proposed identification algorithm allows general defense, since it is designed for delayed nonlinear dynamics in state space form. Simulations show that the method is able to detect a delay attack on a printed circuit board component mounting servo loop, long before the attack reaches full effect.
@inproceedings{WigrenIFAC2023,address={},author={Wigren, T. and Teixeira, A. M. H.},booktitle={IFAC World Congress},title={On-line Identification of Delay Attacks in Networked Servo Control},year={2023},}
“An Online Kullback-Leibler Divergence-Based Stealthy Attack against Cyber-Physical Systems”.
Q. Zhang, K. Liu, A. M. H. Teixeira, Y. Li, S. Chai, and Y. Xia. IEEE Trans. Automatic Control, vol. 68, no. 6, pp. 3672–3679, 2023 ABSBIB
This article investigates the design of online stealthy attacks with the aim of moving the system’s state to a desired target. Different from the design of offline attacks, which is only based on the system’s model, to design the online attack, the attacker also estimates the system’s state with the intercepted data at each instant and computes the optimal attack accordingly. To ensure stealthiness, the Kullback-Leibler divergence between the innovations with and without attacks at each instant should be smaller than a threshold. We show that the attacker should solve a convex optimization problem at each instant to compute the mean and covariance of the attack. The feasibility of the attack policy is also discussed. Furthermore, for the strictly stealthy case with zero threshold, the analytic expression of the unique optimal attack is given. Finally, a numerical example of the longitudinal flight control system is adopted to illustrate the effectiveness of the proposed attack.
@article{Zhang_TAC2023,author={Zhang, Q. and Liu, K. and Teixeira, A. M. H. and Li, Y. and Chai, S. and Xia, Y.},journal={IEEE Trans. Automatic Control},number={6},pages={3672--3679},title={An Online Kullback-Leibler Divergence-Based Stealthy Attack against Cyber-Physical Systems},volume={68},year={2023},doi={10.1109/TAC.2022.3192201},}
“Sequential detection of Replay attacks”.
A. Naha, A. M. H. Teixeira, A. Ahlén, and S. Dey. IEEE Trans. Automatic Control, vol. 68, no. 3, pp. 1941–1948, 2023 ABSBIB
One of the most studied forms of attacks on the cyber-physical systems is the replay attack. The statistical similarities of the replayed signal and the true observations make the replay attack difficult to detect. In this paper, we address the problem of replay attack detection by adding watermarking to the control inputs and then perform resilient detection using cumulative sum (CUSUM) test on the joint statistics of the innovation signal and the watermarking signal, whereas existing work considers only the marginal distribution of the innovation signal. We derive the expression of the Kullback-Liebler divergence (KLD) between the two joint distributions before and after the replay attack, which is, asymptotically, inversely proportional to the detection delay. We perform a structural analysis of the derived KLD expression and suggest a technique to improve the KLD for the systems with relative degree greater than one. A scheme to find the optimal watermarking signal variance for a fixed increase in the control cost to maximize the KLD under the CUSUM test is presented. We provide various numerical simulation results to support our theory. The proposed method is also compared with a state-ofthe-art method based on the Neyman-Pearson detector, illustrating
the smaller detection delay of the proposed sequential detector.
@article{NahaTAC2022,author={Naha, A. and Teixeira, A. M. H. and Ahl\'{e}n, A. and Dey, S.},journal={IEEE Trans. Automatic Control},number={3},pages={1941--1948},title={Sequential detection of Replay attacks},volume={68},year={2023},doi={10.1109/TAC.2022.3174004},}
“Structural analyses of a parsimonious watermarking policy
for data deception attack detection in networked control systems”.
A. Naha, A. M. H. Teixeira, A. Ahlén, and S. Dey. IEEE Conference on Decisions and Control (CDC), 2022 ABSBIB
In this paper, we perform structural analyses of a parsimonious watermarking policy, which minimizes the average detection delay (ADD) to detect data deception attacks on networked control systems (NCS) for a fixed upper bound on the false alarm rate (FAR). The addition of physical watermarking to the control input of a NCS increases the probability of attack detections with an increase in the control cost. Therefore, we formulate the problem of data deception attack detection for NCS with the facility to add physical watermarking as a stochastic optimal control problem. Then we solve the problem by applying dynamic programming value iterations and find a parsimonious watermarking policy that decides to add watermarking and detects attacks based on the estimated posterior probability of attack. We analyze the optimal policy structure and find that it can be a one, two or three threshold policy depending on a few parameter values. Simulation studies show that the optimal policy for a practical range of parameter values is a two-threshold policy on the posterior probability of attack. Derivation of a threshold-based policy from the structural analysis of the value iteration method reduces the computational complexity during the runtime implementation and offers better structural insights. Furthermore, such an analysis provides a guideline for selecting the parameter values to meet the design requirements.
@inproceedings{NahaCDC2022,address={},author={Naha, A. and Teixeira, A. M. H. and Ahl\'{e}n, A. and Dey, S.},booktitle={IEEE Conference on Decisions and Control (CDC)},title={Structural analyses of a parsimonious watermarking policy
for data deception attack detection in networked control systems},year={2022},doi={10.1109/CDC51059.2022.9993201},}
“Risk assessment and optimal allocation of security measures under stealthy false data injection attacks”.
S. C. Anand, A. M. H. Teixeira, and A. Ahlén. IEEE Conference on Control Technology and Applications (CCTA), 2022 ABSBIB
This paper firstly addresses the problem of risk assessment under false data injection attacks on uncertain control systems. We consider an adversary with complete system knowledge, injecting stealthy false data into an uncertain control system. We then use the Value-at-Risk to characterize the risk associated with the attack impact caused by the adversary. The worst-case attack impact is characterized by the recently proposed output-to-output gain. We observe that the risk assessment problem corresponds to an infinite non-convex robust optimization problem. To this end, we use dissipative system theory and the scenario approach to approximate the risk-assessment problem into a convex problem and also provide probabilistic certificates on approximation. Secondly, we con-sider the problem of security measure allocation. We consider an operator with a constraint on the security budget. Under this constraint, we propose an algorithm to optimally allocate the security measures using the calculated risk such that the resulting Value-at-risk is minimized. Finally, we illustrate the results through a numerical example. The numerical example also illustrates that the security allocation using the Value-at-risk, and the impact on the nominal system may have different outcomes: thereby depicting the benefit of using risk metrics.
@inproceedings{AnandCCTA2022,address={},author={Anand, S. C. and Teixeira, A. M. H. and Ahl\'{e}n, A.},booktitle={IEEE Conference on Control Technology and Applications (CCTA)},title={Risk assessment and optimal allocation of security measures under stealthy false data injection attacks},year={2022},doi={10.1109/CCTA49430.2022.9966025},}
“A Single-Adversary-Single-Detector Zero-Sum Game in Networked Control Systems”.
A. T. Nguyen, A. M. H. Teixeira, and A. Medvedev. IFAC Conference on Networked Systems (NecSys), 2022 ABSBIB
This paper proposes a game-theoretic approach to address the problem of optimal sensor placement for detecting cyber-attacks in networked control systems. The problem is formulated as a zero-sum game with two players, namely a malicious adversary and a detector. Given a protected target vertex, the detector places a sensor at a single vertex to monitor the system and detect the presence of the adversary. On the other hand, the adversary selects a single vertex through which to conduct a cyber-attack that maximally disrupts the target vertex while remaining undetected by the detector. As our first contribution, for a given pair of attack and monitor vertices and a known target vertex, the game payoff function is defined as the output-to-output gain of the respective system. Then, the paper characterizes the set of feasible actions by the detector that ensures bounded values of the game payoff. Finally, an algebraic sufficient condition is proposed to examine whether a given vertex belongs to the set of feasible monitor vertices. The optimal sensor placement is then determined by computing the mixed-strategy Nash equilibrium of the zero-sum game through linear programming. The approach is illustrated via a numerical example of a 10-vertex networked control system with a given target vertex.
@inproceedings{NguyenNecsys2022,address={},author={Nguyen, A. T. and Teixeira, A. M. H. and Medvedev, A.},booktitle={IFAC Conference on Networked Systems (NecSys)},title={A Single-Adversary-Single-Detector Zero-Sum Game in Networked Control Systems},year={2022},doi={10.1016/j.ifacol.2022.07.234},}
“Detection of Bias Injection Attacks on the Glucose Sensor in the Artificial Pancreas Under Meal Disturbances”.
F. E. Tosun, A. M. H. Teixeira, A. Ahlén, and S. Dey. American Control Conference, Atlanta, Georgia, USA, 2022 ABSBIB
The artificial pancreas is an emerging concept of closed-loop insulin delivery that aims to tightly regulate the blood glucose levels in patients with type 1 diabetes. This paper considers bias injection attacks on the glucose sensor deployed in an artificial pancreas. Modern glucose sensors transmit measurements through wireless communication that are vulnerable to cyber-attacks, which must be timely detected and mitigated. To this end, we propose a model-based anomaly detection scheme using a Kalman filter and a χ 2 test. One key challenge is to distinguish cyber-attacks from large unknown disturbances arising from meal intake. This challenge is addressed by an online meal estimator, and a novel time-varying detection threshold. More precisely, we show that the ordinary least squares is the optimal unbiased estimator of the meal size under certain modelling assumptions. Moreover, we derive a novel time-varying threshold for the χ 2 detector to avoid false alarms during meal ingestion. The results are validated by means of numerical simulations.
@inproceedings{Tosun_ACC2022,address={Atlanta, Georgia, USA},author={Tosun, F. E. and Teixeira, A. M. H. and Ahl\'{e}n, A. and Dey, S.},booktitle={American Control Conference},title={Detection of Bias Injection Attacks on the Glucose Sensor in the Artificial Pancreas Under Meal Disturbances},year={2022},doi={10.23919/ACC53348.2022.9867556},}
“Sequential Detection of Replay Attacks with a Parsimonious Watermarking Policy”.
A. Naha, A. M. H. Teixeira, A. Ahlén, and S. Dey. American Control Conference, Atlanta, Georgia, USA, 2022 ABSBIB
In this paper, we have proposed a technique for Bayesian sequential detection of replay attacks on networked control systems with a constraint on the average number of watermarking (ANW) events used during normal system operations. Such a constraint limits the increase in the control cost due to watermarking. To determine the optimal sequence regarding the addition or otherwise of watermarking signals, first, we formulate an infinite horizon stochastic optimal control problem with a termination state. Then applying the value iteration approach, we find an optional policy that minimizes the average detection delay (ADD) for fixed upper bounds on the false alarm rate (FAR) and ANW. The optimal policy turns out to be a two thresholds policy on the posterior probability of attack. We derive approximate expressions of ADD and FAR as functions of the two derived thresholds and a few other parameters. A simulation study on a single-input single-output system illustrates that the proposed method improves the control cost considerably at the expense of small increases in ADD. We also perform simulation studies to validate the derived theoretical results.
@inproceedings{Naha_ACC2022,address={Atlanta, Georgia, USA},author={Naha, A. and Teixeira, A. M. H. and Ahl\'{e}n, A. and Dey, S.},booktitle={American Control Conference},title={Sequential Detection of Replay Attacks with a Parsimonious Watermarking Policy},year={2022},doi={10.23919/ACC53348.2022.9867703},}
“Risk-averse controller design against data injection attacks on actuators for uncertain control systems”.
S. C. Anand and A. M. H. Teixeira. American Control Conference, Atlanta, Georgia, USA, 2022 ABSBIB
In this paper, we consider the optimal controller design problem against data injection attacks on actuators for an uncertain control system. We consider attacks that aim at maximizing the attack impact while remaining stealthy in the finite horizon. To this end, we use the Conditional Value-at-Risk to characterize the risk associated with the impact of attacks. The worst-case attack impact is characterized using the recently proposed output-to-output ℓ 2 -gain (OOG). We formulate the design problem and observe that it is non-convex and hard to solve. Using the framework of scenario-based optimization and a convex proxy for the OOG, we propose a convex optimization problem that approximately solves the design problem with probabilistic certificates. Finally, we illustrate the results through a numerical example.
@inproceedings{Anand_ACC2022,address={Atlanta, Georgia, USA},author={Anand, S. C. and Teixeira, A. M. H.},booktitle={American Control Conference},title={Risk-averse controller design against data injection attacks on actuators for uncertain control systems},year={2022},doi={10.23919/ACC53348.2022.9867257},}
“Design of multiplicative watermarking against covert attacks”.
A. J. Gallo, S. C. Anand, A. M. H. Teixeira, and R. M. G. Ferrari. IEEE Conf. Decision and Control, Austin, Texas, USA, 2021 BIB
@inproceedings{Gallo_CDC2021,address={Austin, Texas, USA},author={Gallo, A. J. and Anand, S. C. and Teixeira, A. M. H. and Ferrari, R. M. G.},booktitle={IEEE Conf. Decision and Control},title={Design of multiplicative watermarking against covert attacks},year={2021},doi={10.1109/CDC45484.2021.9683075},}
“Stealthy Cyber-Attack Design Using Dynamic Programming”.
S. C. Anand and A. M. H. Teixeira. IEEE Conf. Decision and Control, Austin, Texas, USA, 2021 BIB
@inproceedings{Anand_CDC2021,address={Austin, Texas, USA},author={Anand, S. C. and Teixeira, A. M. H.},booktitle={IEEE Conf. Decision and Control},title={Stealthy Cyber-Attack Design Using Dynamic Programming},year={2021},doi={10.1109/CDC45484.2021.9683451},}
“Deception Attack Detection Using Reduced Watermarking”.
A. Naha, A. M. H. Teixeira, A. Ahlén, and S. Dey. Eur. Control Conf., Rotterdam, The Netherlands, 2021 BIB
@inproceedings{Naha_ECC2021,address={Rotterdam, The Netherlands},author={Naha, A. and Teixeira, A. M. H. and Ahl\'{e}n, A. and Dey, S.},booktitle={Eur. Control Conf.},title={Deception Attack Detection Using Reduced Watermarking},year={2021},doi={10.23919/ECC54610.2021.9654843},}
“Introduction to the Book”.
R. M. G. Ferrari and A. M. H. Teixeira.
in Safety, Security and Privacy for Cyber-Physical Systems, R. M. G. Ferrari and A. M. H. Teixeira, Eds. Cham: Springer International Publishing, 2021, pp. 1–8 BIB
@incollection{FerrariTeixeira_Springer2021,author={Ferrari, Riccardo M. G. and Teixeira, Andr{\'e} M. H.},editor={Ferrari, Riccardo M.G. and Teixeira, Andr{\'e} M. H.},title={Introduction to the Book},booktitle={Safety, Security and Privacy for Cyber-Physical Systems},year={2021},publisher={Springer International Publishing},address={Cham},pages={1--8},isbn={978-3-030-65048-3},doi={10.1007/978-3-030-65048-3_1},}
“Security Metrics for Control Systems”.
A. M. H. Teixeira.
in Safety, Security and Privacy for Cyber-Physical Systems, R. M. G. Ferrari and A. M. H. Teixeira, Eds. Cham: Springer International Publishing, 2021, pp. 1–8 BIB
@incollection{Teixeira_Springer2021,author={Teixeira, Andr{\'e} M. H.},editor={Ferrari, Riccardo M.G. and Teixeira, Andr{\'e} M. H.},title={Security Metrics for Control Systems},booktitle={Safety, Security and Privacy for Cyber-Physical Systems},year={2021},publisher={Springer International Publishing},address={Cham},pages={1--8},isbn={978-3-030-65048-3},doi={10.1007/978-3-030-65048-3_6},}
“Detection of Cyber-Attacks: A Multiplicative Watermarking Scheme”.
R. M. G. Ferrari and A. M. H. Teixeira.
in Safety, Security and Privacy for Cyber-Physical Systems, R. M. G. Ferrari and A. M. H. Teixeira, Eds. Cham: Springer International Publishing, 2021, pp. 1–8 BIB
@incollection{Ferrari_Springer2021,author={Ferrari, Riccardo M. G. and Teixeira, Andr{\'e} M. H.},editor={Ferrari, Riccardo M.G. and Teixeira, Andr{\'e} M. H.},title={Detection of Cyber-Attacks: A Multiplicative Watermarking Scheme},booktitle={Safety, Security and Privacy for Cyber-Physical Systems},year={2021},publisher={Springer International Publishing},address={Cham},pages={1--8},isbn={978-3-030-65048-3},doi={10.1007/978-3-030-65048-3_9},}
“Privatized Distributed Anomaly Detection for Large-Scale Nonlinear Uncertain Systems”.
V. Rostampour, R. M. G. Ferrari, A. M. H. Teixeira, and T. Keviczky. IEEE Trans. Automatic Control, vol. 66, no. 11, pp. 5299–5313, 2021 BIB
@article{Rostampour_TAC2020,author={Rostampour, V. and Ferrari, R. M.G. and Teixeira, A. M. H. and Keviczky, T.},journal={IEEE Trans. Automatic Control},number={11},pages={5299--5313},title={Privatized Distributed Anomaly Detection for Large-Scale Nonlinear Uncertain Systems},volume={66},year={2021},doi={10.1109/TAC.2020.3040251},}
“A Switching Multiplicative Watermarking Scheme for Detection of Stealthy Cyber-Attacks”.
R. Ferrari and A. M. H. Teixeira. IEEE Trans. Automatic Control, vol. 66, no. 6, pp. 2558–2573, 2020 BIB
@article{Ferrari_TAC2020,author={Ferrari, R. and Teixeira, A. M. H.},journal={IEEE Trans. Automatic Control},number={6},pages={2558--2573},title={A Switching Multiplicative Watermarking Scheme for Detection of Stealthy Cyber-Attacks},volume={66},year={2020},}
“Actuator Security Indices Based on Perfect Undetectability: Computation, Robustness, and Sensor Placement”.
J. Milosevic, A. M. H. Teixeira, H. Sandberg, and K. H. Johansson. IEEE Trans. Automatic Control, vol. 65, no. 9, pp. 3816–3831, 2020 BIB
@article{Milosevic_TAC2020,author={Milosevic, J. and Teixeira, A. M. H. and Sandberg, H. and Johansson, K. H.},doi={10.1109/TAC.2020.2981392},journal={IEEE Trans. Automatic Control},number={9},pages={3816--3831},title={Actuator Security Indices Based on Perfect Undetectability: Computation, Robustness, and Sensor Placement},volume={65},year={2020},}
“Effects of Jamming Attacks on a Control System With Energy Harvesting”.
S. Knorn and A. M. H. Teixeira. IEEE Control Systems Letters, vol. 3, no. 4, pp. 829–834, 2019 BIB
@article{Knorn_CSL2019,author={Knorn, S. and Teixeira, A. M. H.},journal={IEEE Control Systems Letters},number={4},pages={829--834},title={Effects of Jamming Attacks on a Control System With Energy Harvesting},volume={3},year={2019},}
“Joint controller and detector design against
data injection attacks on actuators”.
S. C. Anand and A. M. H. Teixeira. IFAC World Congress, Berlin, Germany, 2020 BIB
@inproceedings{Anand_2020,address={Berlin, Germany},author={Anand, S. C. and Teixeira, A M H},booktitle={IFAC World Congress},title={Joint controller and detector design against
data injection attacks on actuators},year={2020},}
“Optimal stealthy attacks on actuators for strictly proper systems”.
A. M. H. Teixeira. IEEE Conf. Decision and Control, Nice, France, 2019 BIB
@inproceedings{Teixeira_CDC2019,address={Nice, France},author={Teixeira, A. M. H.},booktitle={IEEE Conf. Decision and Control},title={Optimal stealthy attacks on actuators for strictly proper systems},year={2019},}
“A Tutorial Introduction to Security and Privacy for Cyber-Physical Systems”.
M. S. Chong, H. Sandberg, and A. M. H. Teixeira. Eur. Control Conf., Napoles, Italy, 2019 BIB
@inproceedings{Chong_ECC2019,address={Napoles, Italy},author={Chong, M. S. and Sandberg, H. and Teixeira, A. M. H.},booktitle={Eur. Control Conf.},title={A Tutorial Introduction to Security and Privacy for Cyber-Physical Systems},year={2019},}
“Data Injection Attacks against Feedforward Controllers”.
A. M. H. Teixeira. Eur. Control Conf., Napoles, Italy, 2019 BIB
@inproceedings{Teixeira_ECC2019,address={Napoles, Italy},author={Teixeira, A. M. H.},booktitle={Eur. Control Conf.},title={Data Injection Attacks against Feedforward Controllers},year={2019},}
