CN107544472B - Optimal switching dummy data injection method - Google Patents
Optimal switching dummy data injection method Download PDFInfo
- Publication number
- CN107544472B CN107544472B CN201710935494.6A CN201710935494A CN107544472B CN 107544472 B CN107544472 B CN 107544472B CN 201710935494 A CN201710935494 A CN 201710935494A CN 107544472 B CN107544472 B CN 107544472B
- Authority
- CN
- China
- Prior art keywords
- injection
- dummy data
- optimal
- switching
- matrix
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Prostheses (AREA)
Abstract
The invention provides an optimal switching dummy data injection method, which comprises the following specific processes: and (3) injection matrix design: under the condition of injecting false data into a limited subsystem, considering all possible subsystem injection combinations, and designing different injection matrixes for different injection combinations; and (3) an optimal switching strategy: calculating the switching time of the injection matrixes on line, selecting different injection matrixes at the switching time, and enabling the secondary performance index time to be maximum through switching; optimal dummy data injection: and constructing optimal dummy data through the state information of all the subsystems, and injecting the optimal dummy data into the corresponding subsystems. The method improves the flexibility and effectiveness of the dummy data injection method, and can be used for testing the defense effect of the industrial control system on the dummy data injection.
Description
Technical Field
The invention relates to the safety of an industrial control system and an information physical fusion system, and designs an optimal switching false data injection method aiming at the industrial control system and the information physical fusion system.
Background
Industrial control systems are widely used in the fields of electricity, metallurgy, petrochemistry, railways, and aviation, and are tightly connected to national key infrastructure. An industrial control system, in the event of a significant security event, can have a significant impact on the reliable, safe operation of the physical system upon which it is dependent, not only causing economic losses, threatening the safety of life and property, but also possibly threatening national security. Industrial control systems are already an important part of national security strategy, and once an industrial control system is attacked maliciously, the loss caused by the industrial control system cannot be estimated.
Conventional industrial control systems are typically factory floor based, relatively isolated, and have little communication with the outside world. However, with the popularization and development of internet technologies, especially with the rise of internet of things technologies, under the guidance of enterprise comprehensive automation requirements, industrial control systems are also developing towards networking. The modern industrial system is no longer an information island and becomes a typical information physical fusion system. In recent years, there are many cases reported for the safety problem of the industrial control system. For example, the 'seismic net' virus in 2010 invades the Iranian Blusher nuclear power station to attack the data acquisition and monitoring system of Siemens, so that the Iranian nuclear plan is forced to be postponed again and again. The countries in Europe and America have listed industrial control safety as national strategy. In recent years, the safety of the industrial control system is also highly emphasized by administrative departments and scientific research management departments in China, and the industrial control system is incorporated into related research plans.
The communication network of an industrial control system is vulnerable to hacking. The intruder accesses the field bus to access the communication network by breaking through the industrial firewall and performs the means of eavesdropping, blocking, delaying, tampering, injecting, replaying and the like on the communication message. And blocking or maliciously modifying the sensing data and the control program codes transmitted on the network. When an attacker is hidden and accessed into the controller, a designed malicious program is executed, and the actuator is enabled to malfunction to deteriorate the performance of the controlled object. The research on the false data injection method of the industrial control system can realize the known false data injection method and lay a good foundation for better security defense. Studying the dummy data injection method requires analyzing the intentions and strategies of the injector from the perspective of system theory. Yilin Mo et al in the literature (false injection estimation in wireless sensor networks, in proc.49th IEEE conf.decision and Control (CDC),2010, pp.5967-5972.) analyzed how to inject dummy data into a portion of the sensors to change the estimate of the steady state kalman filter and avoid fault detector alarms. The dummy data injection problem is described as an optimization problem with constraints and the upper and lower bounds of its reachable region are obtained. Annarita Giani et al in the literature (Smart Grid Data Integrity tasks. IEEE Transaction on Smart grid.2013:4(3), pp.1244-1253.) indicate that it is not possible to inject dummy Data simultaneously into a large number of power meters due to geographical limitations. And proposes an all undetectable injection method in both cases of injection into two power meters and into an arbitrary power meter. Jinping Hao et al, in the literature (Sparse magic dust Data Injection tasks and feedback Mechanisms in Smart grids. IEEEtransformations on Industrial information 2015:11(5), pp.1198-1209), discuss how to inject Sparse false Data into a wide area instrumentation system of a Smart grid, both in cases where any measured value can be modified and where only certain state variables can be modified. A search algorithm is proposed to find a set of measurements to inject immunity to false data to protect the system. The Guangyu Wu et al literature (Optimal Data Integrity on Actuators in Cyber-Physical Systems, American Control reference (ACC),2016, pp.1160-1164) analyzes how to inject false Data into the Actuators of the Control system to optimize the secondary error index and provide a solution to the optimality conditions and problems. In the literature (Data Injection targets on Smart Grids with multiple Adversaries: A Game-Theoreti Peractive. IEEE Transactions on Smart grid,2016:7 (4); pp 2038 + 2048.), a Stackelberg Game model with a plurality of attackers and a defender is introduced, and the defender can predict the behavior of the attackers before deciding which measurement values to protect and provides a distributed learning algorithm to search for balance points.
In a large-scale industrial control system, sensor nodes and actuator nodes are often distributed in a wider region, and meanwhile, the energy of an intruder is often limited, so that false data cannot be injected into all the sensor nodes or the actuator nodes at the same time. Therefore, how to optimally select the order of injecting dummy data is a problem to be considered.
Disclosure of Invention
The invention aims to provide an optimal switching dummy data injection method aiming at a large-scale physical information system comprising a plurality of subsystems.
The technical scheme for solving the technical problem is as follows:
an optimal switching dummy data injection method comprises the following specific processes:
and (3) injection matrix design: under the condition of injecting false data into a limited subsystem, considering all possible subsystem injection combinations, and designing different injection matrixes for different injection combinations;
and (3) an optimal switching strategy: calculating the switching time of the injection matrixes on line, selecting different injection matrixes at the switching time, and enabling the secondary performance index time to be maximum through switching;
optimal dummy data injection: and constructing optimal dummy data through the state information of all the subsystems, and injecting the optimal dummy data into the corresponding subsystems.
Further, the secondary performance evaluation indexes of the invention are as follows:
wherein the content of the first and second substances,for a finite time interval, the weight matrix S, Q is a semi-positive weight matrix of n × n, the weight matrix R is a positive weight matrix of m × m, xcFor n states of the dummy data injection system, uaIs an injected m-dimensional dummy data vector.
Further, the injection matrix design of the present invention: setting the form of an injection matrix asi=1,…,N,Is an m-dimensional row vector, j is 1, …, n,n is the number of the dummy data injection systems, and r is the number of the subsystems capable of injecting the dummy data simultaneously in the same time period; arbitrarily set injection matrixThe middle r non-zero row vectors.
Further, the optimal handover strategy of the present invention: solving the optimal switching moment through the maximum value principle to maximize the secondary performance index, and obtaining the online switching condition of the injection matrix as
Wherein the content of the first and second substances,for a limited time range, xc(t0)、xc(tf) Are respectively shown at t0And tfAt time n dummy data injection system states, λ (t)f) Represents tfA time of day covariate.
Further, the optimal dummy data injection of the present invention is:
wherein u isaFor optimal dummy data, i.e. injected m-dimensional dummy data vectors, xcFor the state of the dummy data injection system, PiIs the solution of algebraic Riacati equation;
where A is a system matrix of n × n.
Advantageous effects
Firstly, the optimal false data is constructed in a state feedback mode, so that the method is convenient to realize, and meanwhile, the switching strategy can be calculated on line in real time, so that the global optimal solution can be obtained conveniently.
Secondly, the dynamic performance of the control system is changed by tampering the transmission data containing information such as control and sensing, the method is suitable for testing the defense effect of the industrial control system and the information physical fusion system on false data injection, and a test means is provided for the design of the defense method.
Drawings
FIG. 1 is a flow chart of an optimal handoff dummy data injection method of the present invention;
FIG. 2 is a block diagram of a physical information system comprising 3 subsystems and an attacker;
FIG. 3 is a graph of switching times for three injection combinations;
FIG. 4 is a state trace diagram after injecting dummy data into the system.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention.
Assume a model of a healthy system as:
the model of the dummy data injection system is:
wherein x iscFor n-dimensional column vectors, representing the states of n dummy data injection systems, uaIs an injected m-dimensional dummy data vector. Assume { A, BaAre controllable. In a limited timeAnd defining the secondary performance evaluation indexes as follows:
wherein A is a system matrix of n × n, and BaThe weight matrix S, Q is a semi-positive weight matrix of n × n, and the weight matrix R is a positive weight matrix of m × m.
The invention discloses an optimal switching dummy data injection method, which comprises the following specific processes as shown in figure 1:
(1) and (3) injection matrix design:
it is assumed that the injector can monitor the status information of all subsystems online, but because the energy of the injector is limited or because the distribution area of the subsystems is wide, the injector cannot inject dummy data to all subsystems in the same time period, and only has the ability to inject data to r subsystems simultaneously. Then the injection matrices are sharedThe pattern is selectable and each injection matrix has r non-zero rows. Different injection effects are brought by injection combinations of different subsystems, and in order to achieve the optimal effect, an injector should inject false data into different subsystems at different moments so as to maximize secondary performance evaluation indexes.
Defining an injection matrix:i=1,…,N,is an m-dimensional row vector, j is 1, …, n. The value of the non-zero row vector of the injection matrix can be arbitrarily designed by the implanter to determine the different injection matrices.
(2) And (3) an optimal switching strategy:
solving the optimal switching injection problem by a maximum value principle to obtain a collaborative equation:
the state equation is as follows:
and boundary conditions:
λ(tf)=Sxc(tf)
the online switching conditions of the injection matrix are as follows:
knowing xc(t0)、xc(tf) And λ (t)f) Solving the two-point boundary value problem to obtain the initial value lambda (t) of the covariate0) And a switching time instant.
The optimal state feedback under infinite time performance evaluation indexes is obtained by solving an algebraic Rikati equation, and the optimal switching sequence among different injection matrixes is determined by calculating the component sum of the covariates.
(3) Optimal dummy data injection:
injecting optimal false data into the corresponding subsystem:
when t isf→ infinity, covariate λ (t) ═ Pixc(t),PiIs the solution of an algebraic Rickti equation and satisfies the following conditions:
with appropriate Q, R and BiThe combination of (1) and (3) enables a Rikati equation to have a solution, and the optimal false data becomes:
uaconfigured in the form of state feedback.
Discretization is carried out on the process, and the sampling period is set to be T.
λ(0)=Pi(0)xc(0)
λ(k)=Pi(k)xc(k)
the following describes the embodiments of the present invention in detail with reference to the drawings.
FIG. 2 is a block diagram of an injector injecting dummy data into a physical information system with three interconnected subsystems. The injector injects the false data into the dynamic equation of the subsystem, and only injects the false data into two subsystems each time, and the system parameters are selected as follows:
initial conditions: x is the number of0=[2,2,2]T,λ(0)=P1x0=[0.7,0.65,0.65]T. The injection matrix is designed as follows:
the solutions of the algebraic Rickti equations corresponding to the three injection matrices are:
fig. 3 is a graph of switching times for three injection combinations.
FIG. 4 is a state trace diagram after injecting dummy data into the system.
It can be seen from the figure that the injected subsystem trajectory deviates significantly from the healthy system trajectory, but still eventually tends to steady state. The optimal switching time and the selection of the injection matrix are obtained on line, and the performance evaluation index corresponding to the obtained optimal sequence is superior to other switching sequences.
The present invention is not limited to the above-described embodiments, and various modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention are included in the scope of the present invention.
Claims (2)
1. An optimal switching dummy data injection method is characterized by comprising the following specific processes:
and (3) injection matrix design: under the condition of injecting false data into a limited subsystem, considering all possible subsystem injection combinations, and designing different injection matrixes for different injection combinations;
and (3) an optimal switching strategy: calculating the switching time of the injection matrixes on line, selecting different injection matrixes at the switching time, and enabling the time of the secondary performance evaluation index to be maximum through switching;
optimal dummy data injection: constructing optimal false data through the state information of all subsystems, and injecting the optimal false data into the corresponding subsystems;
setting the form of an injection matrix as Is an m-dimensional row vector, j is 1, …, n,n is the number of the dummy data injection systems, and r is the number of the subsystems capable of injecting the dummy data simultaneously in the same time period; arbitrarily setting r nonzero row vectors in an injection matrix;
solving the optimal switching moment through the maximum value principle to maximize the secondary performance index, and obtaining the online switching condition of the injection matrix as
Wherein, λ (t)f) Represents tfThe time covariance variable is a positive definite weight matrix of m × m;
the secondary performance evaluation indexes are as follows:
wherein the content of the first and second substances,for a finite time interval, the weight matrix S, Q is a semi-positive weight matrix of n × n, the weight matrix R is a positive weight matrix of m × m, xcFor n states of the dummy data injection system, uaIs an injected m-dimensional dummy data vector.
2. The optimal switching dummy data injection method of claim 1, wherein the optimal dummy data injection is:
wherein u isaFor optimal dummy data, i.e. injected m-dimensional dummy data vectors, xcFor the state of the dummy data injection system, PiIs the solution of algebraic Riacati equation;
where A is a system matrix of n × n.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710935494.6A CN107544472B (en) | 2017-10-10 | 2017-10-10 | Optimal switching dummy data injection method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710935494.6A CN107544472B (en) | 2017-10-10 | 2017-10-10 | Optimal switching dummy data injection method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107544472A CN107544472A (en) | 2018-01-05 |
CN107544472B true CN107544472B (en) | 2020-07-03 |
Family
ID=60967370
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710935494.6A Active CN107544472B (en) | 2017-10-10 | 2017-10-10 | Optimal switching dummy data injection method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107544472B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113325705B (en) * | 2021-04-30 | 2022-09-30 | 同济大学 | Slamming-slamming control method of linear switching system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102761122A (en) * | 2012-07-06 | 2012-10-31 | 华北电力大学 | Defense method of false data injection attack of power state estimation system |
WO2012154664A2 (en) * | 2011-05-06 | 2012-11-15 | University Of North Carolina At Chapel Hill | Methods, systems, and computer readable media for detecting injected machine code |
CN104573510A (en) * | 2015-02-06 | 2015-04-29 | 西南科技大学 | Smart grid malicious data injection attack and detection method |
CN105791280A (en) * | 2016-02-29 | 2016-07-20 | 西安交通大学 | Method for defending data integrity attack in direct state estimation of power system |
CN107016236A (en) * | 2017-03-23 | 2017-08-04 | 新疆电力建设调试所 | Power network false data detection method for injection attack based on non-linear measurement equation |
-
2017
- 2017-10-10 CN CN201710935494.6A patent/CN107544472B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012154664A2 (en) * | 2011-05-06 | 2012-11-15 | University Of North Carolina At Chapel Hill | Methods, systems, and computer readable media for detecting injected machine code |
CN102761122A (en) * | 2012-07-06 | 2012-10-31 | 华北电力大学 | Defense method of false data injection attack of power state estimation system |
CN104573510A (en) * | 2015-02-06 | 2015-04-29 | 西南科技大学 | Smart grid malicious data injection attack and detection method |
CN105791280A (en) * | 2016-02-29 | 2016-07-20 | 西安交通大学 | Method for defending data integrity attack in direct state estimation of power system |
CN107016236A (en) * | 2017-03-23 | 2017-08-04 | 新疆电力建设调试所 | Power network false data detection method for injection attack based on non-linear measurement equation |
Non-Patent Citations (3)
Title |
---|
Guangyu Wu et al.Optimal Switching Integrity Attacks in Cyber-Physical System.《2017 32nd Youth Academic Annual Conference of Chinese Association of Automation(YAC)》.2017, * |
Optimal Switching Integrity Attacks in Cyber-Physical System;Guangyu Wu et al;《2017 32nd Youth Academic Annual Conference of Chinese Association of Automation(YAC)》;20170703;第709页右栏最后1段-第712页右栏最后1段 * |
基于线性二次型最优控制的光伏并网发电系统的研究;李春玲;《中国博士学位论文全文数据库(电子期刊)工程科技II辑》;20130515(第5期);全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN107544472A (en) | 2018-01-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Wang et al. | Coordinated topology attacks in smart grid using deep reinforcement learning | |
Xu et al. | Achieving efficient detection against false data injection attacks in smart grid | |
Hahn et al. | A multi-layered and kill-chain based security analysis framework for cyber-physical systems | |
Ding et al. | Event‐based security control for discrete‐time stochastic systems | |
Giani et al. | Smart grid data integrity attacks | |
Wu et al. | A survey on the security of cyber-physical systems | |
Yan et al. | Integrated security analysis on cascading failure in complex networks | |
Li et al. | False data injection attacks with incomplete network topology information in smart grid | |
Rahman et al. | A formal model for verifying the impact of stealthy attacks on optimal power flow in power grids | |
Hewett et al. | Cyber-security analysis of smart grid SCADA systems with game models | |
Darbandi et al. | Real‐time stability assessment in smart cyber‐physical grids: a deep learning approach | |
Orojloo et al. | A method for modeling and evaluation of the security of cyber-physical systems | |
CN107544472B (en) | Optimal switching dummy data injection method | |
CN110826888B (en) | Data integrity attack detection method in power system dynamic state estimation | |
CN113885330B (en) | Information physical system safety control method based on deep reinforcement learning | |
Li et al. | An adaptive sliding‐mode resilient control strategy in smart grid under mixed attacks | |
Zhang et al. | Online re‐dispatching of power systems based on modal sensitivity identification | |
Feng et al. | Stochastic games for power grid coordinated defence against coordinated attacks | |
Deng et al. | Real-time detection of false data injection attacks based on load forecasting in smart grid | |
Zhonghua et al. | False data injection attacks for output tracking control systems | |
Mohammadpourfard et al. | Real-time detection of cyber-attacks in modern power grids with uncertainty using deep learning | |
Zhang et al. | Zero-parameter-information FDI attacks against power system state estimation | |
Chukwuka et al. | Bad data injection attack propagation in cyber-physical power delivery systems | |
Tong et al. | False data injection attack on power system data-driven methods based on generative adversarial networks | |
Hewett et al. | Smart Grid security: Deriving informed decisions from cyber attack game analysis |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |