physical watermarking and authentication in cyber physical ... · cyber-physical systems refer to...
TRANSCRIPT
Physical Watermarking and Authentication
in Cyber Physical Systems
Yilin Mo (Caltech), Sean Weerakkody(CMU), and Bruno Sinopoli (CMU) Department of Electrical and Computer Engineering Carnegie Mellon University TRUST Conference October 10, 2013
Cyber-physical systems refer to the embedding of
information, communication technology, and
control into physical spaces with the goal of
making them safer, more efficient and reliable.
Such systems are becoming pervasive, thanks to
the advances in sensing, computing and
networking.
Credit: www.cps-vo.org
Credit:www.nist.gov
Credit:www.discover.hannovermesse.de
Cyber-Physical
Systems
Credit:www.nist.gov
Smart Vehicles
Smart Grid
Smart Manufacturing
Smart Buildings
Secure Cyber-Physical Systems • Cyber-physical systems (CPS) create new attack opportunities.
o unsheltered systems
o authenticity in information technology (IT) vs. CPS
• Attacks on CPS can have disastrous consequences.
Example: Stuxnet Attack
Stuxnet Attack Strategy
1. Infect centrifuges in enrichment
plant.
2. Record dynamics of normal
operation.
3. “Man in the middle attack,” replay
previous dynamics.
4. Insert destabilizing input.
The System Model
Suppose we have system dynamics as follows:
• 𝑥𝑘+1 = 𝐴𝑥𝑘 + 𝐵𝑢𝑘 + 𝑤𝑘 𝑥𝑘 ∈ 𝑅𝑛, 𝑢𝑘 ∈ 𝑅𝑝, 𝑤𝑘~𝑁(0, 𝑄) • 𝑦𝑘 = 𝐶𝑥𝑘 + 𝑣𝑘 𝑦𝑘 ∈ 𝑅𝑚, 𝑣𝑘~𝑁(0, 𝑅)
A Linear Quadratic Gaussian controller is implemented.
𝑥 𝑘+1|𝑘 = 𝐴𝑥 𝑘 + 𝐵𝑢𝑘 , 𝑥 𝑘 = 𝑥 𝑘|𝑘−1 + 𝐾𝑧𝑘
𝑧𝑘 = 𝑦𝑘 − 𝐶𝑥 𝑘|𝑘−1, 𝐾 = 𝑃𝐶𝑇 𝐶𝑃𝐶𝑇 + 𝑅 −1
𝐽 = lim𝑇→∞
1
2𝑇 + 1𝐸 𝑥𝑘
𝑇𝑊𝑥𝑘 + 𝑢𝑘𝑇𝑈𝑢𝑘
𝑇
𝑘=−𝑇
𝑢𝑘= 𝑢𝑘∗ = 𝐿𝑥 𝑘 , 𝐿 = 𝐵𝑇𝑆𝐵 + 𝑈 −1𝐵𝑇𝑆𝐴
Linear Quadratic
Regulator
Kalman Filter
The Attack Model
Plant Sensors
Estimator
Virtual System
LQG
Controller
Failure Detector
𝑧−1
𝑧𝑘
𝑢𝑘∗ 𝑢𝑘−1
∗
𝑦𝑘𝑣~𝑦𝑘
𝑢𝑘𝑎
𝑥 𝑘
4) Binary Detector: 𝑔 𝑧𝑘 ≥ 𝜂
Proposed Approach: Watermarking
1) 𝑦𝑘 with optimal inputs 𝑢𝑘∗ 2) Inject input 𝑢𝑘 = 𝑢𝑘
∗ + 𝜁𝑘
3) 𝑦𝑘 with sub-optimal input 𝑢𝑘 4) Binary Detector: 𝑔 𝑧𝑘 < 𝜂
The Attack Model: Watermark
Plant Sensors
Estimator
Virtual System
LQG
Controller
Failure Detector
𝑧−1
+
𝑧𝑘
𝜁𝑘
𝑢𝑘∗
𝑢𝑘−1 𝑢𝑘
𝑦𝑘𝑣~𝑦𝑘
𝑢𝑘𝑎
𝑥 𝑘
Watermark Design
Watermark Design Properties, 𝑢𝑘 = 𝑢𝑘∗ + 𝜁𝑘
• Assume 𝜁𝑘 is a zero-mean stationary Gaussian process with
Γ 𝑑 ≜ 𝑐𝑜𝑣 𝜁𝑘𝜁𝑘+𝑑𝑇 = E 𝜁𝑘𝜁𝑘+𝑑
𝑇 .
• Attacker knows Γ 𝑑 !
Tradeoff: Cost versus Detection Ability • Larger Γ 𝑑 increases the probability of detection, while
also increasing the cost of control
• Small Γ(𝑑) reduces the probability of detection while
reducing the cost of control
• 𝐽 = 𝐽∗ + Δ𝐽 , Δ𝐽 is linear in the auto-covariance Γ(𝑑)
Detector Design
Residue Vector Properties Use superscript 𝑐 to denote compromised system.
𝐻0: 𝑧𝑘~𝑁0(0, 𝐶𝑃𝐶𝑇 + 𝑅), normal operation
𝐻1 ∶ 𝑧𝑘𝑐 ~ 𝑁1 𝜇𝑘
𝑐 , 𝐶𝑃𝐶𝑇 + 𝑅 + Σ , under stealthy attack
𝜇𝑘
𝑐 ≜ −𝐶 𝐴 + 𝐵𝐿 𝐼 − 𝐾𝐶 𝑘−𝑖 𝐵𝑘𝑖=−∞ 𝜁𝑖
𝑐 , Σ = 𝜙 Γ 0 , Γ 1 , Γ 2 , …
𝜙 is linear
Use Neyman Pearson Detector Maximize probability of detection 𝛽𝑘
𝐶, for given probability of false
alarm 𝛼.
𝑔 𝑧𝑘 = 𝑧𝑘𝑇𝑃 −1𝑧𝑘 − 𝑧𝑘 − 𝜇𝑘
𝑐 𝑇 𝑃 + Σ −1(𝑧𝑘 − 𝜇𝑘𝑐) 𝜂𝑘
𝑃 = 𝐶𝑃𝐶𝑇 + 𝑅
Watermark Parameter Design Desired Optimization: Maximize Asymptotic Detection
maxΓ(𝑑)
lim𝑘→∞
𝛽𝑘𝑐
subject to Δ𝐽 ≤ 𝛿
Challenge: difficult to obtain expression for 𝛽𝑘𝑐
Possible Metric: Kullback-Liebler Distance:
𝐸 𝐷𝑘𝑙 𝑁1||𝑁0 = tr ΣP −1 −1
2log[det(I+ΣP −1)]
KL distance is convex in Γ(𝑑). Can not perform concave maximization
Objective Relaxation:
tr ΣP −1 ≤ 𝐸 𝐷𝑘𝑙 𝑁1||𝑁0 ≤ tr ΣP −1 −1
2log[tr(ΣP −1)]
Bounds are monotonically increasing in tr ΣP −1
Watermark Parameter Design
Optimization Problem
maxΓ(𝑑)
tr Σ𝑃 −1
subject to Δ𝐽 ≤ 𝛿
Challenge: Infinitely many optimization variables
Bochner’s Theorem
Γ 𝑑 is the auto-covariance function of a stationary Gaussian process {𝜁𝑘}, if and only if there exists a unique positive definite Hermitian measure 𝜈 such that
Γ 𝑑 = 𝑒2𝜋𝑗𝑑𝜔d1/2
−1/2 𝜈(𝜔)
Alternative Expressions:
Partition [0 ½] into disjoint intervals 𝐼1, … , 𝐼𝑞 of maximal length 𝜎.
Γ 𝑑 = lim𝜎→0
2𝑅𝑒 𝑒2𝜋𝑗𝑑𝜔𝑖𝜈 𝐼𝑖
𝑞
𝑖=1
, 𝜔𝑖 ∈ 𝐼𝑖
Watermark Parameter Design
Optimization Problem
maxΓ(𝑑)
tr Σ𝑃 −1
subject to Δ𝐽 ≤ 𝛿
tr Σ𝑃 −1 = lim𝜎→0
tr[𝐹2 𝜔𝑖, 𝜈 𝐼𝑖 𝐶𝑇𝑃 −1𝐶] 𝑞𝑖=1 , Δ𝐽 =lim
𝜎→0 𝐹1 𝜔𝑖 , 𝜈 𝐼𝑖
𝑞𝑖=1
Alternative Formulation
𝜓 = max𝐻,𝜔
tr 𝐹2 𝜔,𝐻 𝐶𝑇𝑃 −1𝐶 , 𝐻∗ , 𝜔∗ maximizers
subject to 𝐹1 𝜔,𝐻 ≤ 𝛿, 0 ≤ 𝜔 ≤ 0.5, 𝐻 ≥ 0
𝑭𝟏, 𝑭𝟐 are linear in 𝑯 → 𝐭𝐫 𝚺𝑷 −𝟏 ≤ 𝝍 for 𝜟𝑱 ≤ 𝜹
Suppose 𝜈 𝐼𝑖 = 𝐻∗I 𝜔∗∈𝐼𝑖 + 𝐻 ∗I −𝜔∗∈𝐼𝑖 yields
ΔJ = 𝛿, tr Σ𝑃 −1 = 𝜓
Input Generation
Result: Γ∗ 𝑑 = 2Re exp 2𝜋𝑗𝑑𝜔∗ 𝐻∗ , Note that: 𝐻∗ = ℎℎ𝐻
Watermark Generation
1) 𝜉0~𝑁(0, 𝐼),
2) 𝜉𝑘+1= A𝜔𝜉𝑘,
3) 𝜁𝑘 = 𝐶ℎ𝜉𝑘,
Γ∗ 𝑑 = 𝐶ℎ𝐴𝜔𝑑 𝐶ℎ
𝑇
𝐶ℎ = 2 ℎ𝑟 ℎ𝑖
A𝜔= cos (2𝜋𝜔∗) − sin(2𝜋𝜔∗)sin(2𝜋𝜔∗) cos(2𝜋𝜔∗)
Problem: Attacker knows one 𝜁𝑘 , he can determine all 𝜁𝑘
Solution: Suboptimal approach, add randomness at each step
2) 𝜉𝑘+1= 𝜌A𝜔𝜉𝑘 + 𝜆𝑘 , 𝜆𝑘~𝑁(0, 1 − 𝜌2 𝐼), 0 ≤ 𝜌 ≤ 1
Simulation: Power versus Size
Probability of False Alarm
Simulation: Improvement over IID
0 0.01 0.02 0.03 0.04 0.05 0.06 0.07 0.08 0.09 0.1
20%
40%
60%
80%
100%
120%
Impro
vem
ent
of
the a
sym
pto
tic
kc
Optimal
Sub-Optimal = 0.9
Probability of False Alarm
Simulation: Power vs Cost
Summary and Conclusions
• Reviewed some security challenges in cyber-physical
systems.
• Considered strong attack model.
• Proposed watermarking technique to detect attacks.
• Analyzed and discussed design of parameters for
watermarking schemes.
Future Work: Develop and analyze suboptimal approach
Thank You!