In this paper, we study the problem of fault diagnosis under cyber attacks in the context of partially-observed discrete event systems. An operator monitors the evolution of a system through the received observations and computes its current diagnosis state. The observation is corrupted by an attacker which has the ability to edit a subset of sensor readings by inserting or erasing some events. In this sense, the attacker may induce the operator to draw incorrect diagnostic conclusions based on the corrupted observation regarding the fault occurrence. In particular, the attack is harmful if a fault can be detected by the operator when looking at an uncorrupted observation, while it is not detected when looking at the corresponding corrupted observation. In addition, the attacker must remain stealthy, i.e., its presence should not be discovered by the operator. To this end, we propose a special structure, called a stealthy joint diagnoser, which describes the set of all possible stealthy attacks. We show how to use the stealthy joint diagnoser to perform fault diagnosis under attack. Finally, such a structure also allows one to establish if a stealthy harmful attack may be implemented.
Fault Diagnosis of Discrete Event Systems Under Attack
Kang, Tenglong;Seatzu, Carla;Li, Zhiwu;Giua, Alessandro
2023-01-01
Abstract
In this paper, we study the problem of fault diagnosis under cyber attacks in the context of partially-observed discrete event systems. An operator monitors the evolution of a system through the received observations and computes its current diagnosis state. The observation is corrupted by an attacker which has the ability to edit a subset of sensor readings by inserting or erasing some events. In this sense, the attacker may induce the operator to draw incorrect diagnostic conclusions based on the corrupted observation regarding the fault occurrence. In particular, the attack is harmful if a fault can be detected by the operator when looking at an uncorrupted observation, while it is not detected when looking at the corresponding corrupted observation. In addition, the attacker must remain stealthy, i.e., its presence should not be discovered by the operator. To this end, we propose a special structure, called a stealthy joint diagnoser, which describes the set of all possible stealthy attacks. We show how to use the stealthy joint diagnoser to perform fault diagnosis under attack. Finally, such a structure also allows one to establish if a stealthy harmful attack may be implemented.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.