CN107544472B - Optimal switching dummy data injection method - Google Patents

Optimal switching dummy data injection method Download PDF

Info

Publication number
CN107544472B
CN107544472B CN201710935494.6A CN201710935494A CN107544472B CN 107544472 B CN107544472 B CN 107544472B CN 201710935494 A CN201710935494 A CN 201710935494A CN 107544472 B CN107544472 B CN 107544472B
Authority
CN
China
Prior art keywords
injection
dummy data
optimal
switching
matrix
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710935494.6A
Other languages
Chinese (zh)
Other versions
CN107544472A (en
Inventor
孙健
伍光宇
陈杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Institute of Technology BIT
Original Assignee
Beijing Institute of Technology BIT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Institute of Technology BIT filed Critical Beijing Institute of Technology BIT
Priority to CN201710935494.6A priority Critical patent/CN107544472B/en
Publication of CN107544472A publication Critical patent/CN107544472A/en
Application granted granted Critical
Publication of CN107544472B publication Critical patent/CN107544472B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Prostheses (AREA)

Abstract

The invention provides an optimal switching dummy data injection method, which comprises the following specific processes: and (3) injection matrix design: under the condition of injecting false data into a limited subsystem, considering all possible subsystem injection combinations, and designing different injection matrixes for different injection combinations; and (3) an optimal switching strategy: calculating the switching time of the injection matrixes on line, selecting different injection matrixes at the switching time, and enabling the secondary performance index time to be maximum through switching; optimal dummy data injection: and constructing optimal dummy data through the state information of all the subsystems, and injecting the optimal dummy data into the corresponding subsystems. The method improves the flexibility and effectiveness of the dummy data injection method, and can be used for testing the defense effect of the industrial control system on the dummy data injection.

Description

Optimal switching dummy data injection method
Technical Field
The invention relates to the safety of an industrial control system and an information physical fusion system, and designs an optimal switching false data injection method aiming at the industrial control system and the information physical fusion system.
Background
Industrial control systems are widely used in the fields of electricity, metallurgy, petrochemistry, railways, and aviation, and are tightly connected to national key infrastructure. An industrial control system, in the event of a significant security event, can have a significant impact on the reliable, safe operation of the physical system upon which it is dependent, not only causing economic losses, threatening the safety of life and property, but also possibly threatening national security. Industrial control systems are already an important part of national security strategy, and once an industrial control system is attacked maliciously, the loss caused by the industrial control system cannot be estimated.
Conventional industrial control systems are typically factory floor based, relatively isolated, and have little communication with the outside world. However, with the popularization and development of internet technologies, especially with the rise of internet of things technologies, under the guidance of enterprise comprehensive automation requirements, industrial control systems are also developing towards networking. The modern industrial system is no longer an information island and becomes a typical information physical fusion system. In recent years, there are many cases reported for the safety problem of the industrial control system. For example, the 'seismic net' virus in 2010 invades the Iranian Blusher nuclear power station to attack the data acquisition and monitoring system of Siemens, so that the Iranian nuclear plan is forced to be postponed again and again. The countries in Europe and America have listed industrial control safety as national strategy. In recent years, the safety of the industrial control system is also highly emphasized by administrative departments and scientific research management departments in China, and the industrial control system is incorporated into related research plans.
The communication network of an industrial control system is vulnerable to hacking. The intruder accesses the field bus to access the communication network by breaking through the industrial firewall and performs the means of eavesdropping, blocking, delaying, tampering, injecting, replaying and the like on the communication message. And blocking or maliciously modifying the sensing data and the control program codes transmitted on the network. When an attacker is hidden and accessed into the controller, a designed malicious program is executed, and the actuator is enabled to malfunction to deteriorate the performance of the controlled object. The research on the false data injection method of the industrial control system can realize the known false data injection method and lay a good foundation for better security defense. Studying the dummy data injection method requires analyzing the intentions and strategies of the injector from the perspective of system theory. Yilin Mo et al in the literature (false injection estimation in wireless sensor networks, in proc.49th IEEE conf.decision and Control (CDC),2010, pp.5967-5972.) analyzed how to inject dummy data into a portion of the sensors to change the estimate of the steady state kalman filter and avoid fault detector alarms. The dummy data injection problem is described as an optimization problem with constraints and the upper and lower bounds of its reachable region are obtained. Annarita Giani et al in the literature (Smart Grid Data Integrity tasks. IEEE Transaction on Smart grid.2013:4(3), pp.1244-1253.) indicate that it is not possible to inject dummy Data simultaneously into a large number of power meters due to geographical limitations. And proposes an all undetectable injection method in both cases of injection into two power meters and into an arbitrary power meter. Jinping Hao et al, in the literature (Sparse magic dust Data Injection tasks and feedback Mechanisms in Smart grids. IEEEtransformations on Industrial information 2015:11(5), pp.1198-1209), discuss how to inject Sparse false Data into a wide area instrumentation system of a Smart grid, both in cases where any measured value can be modified and where only certain state variables can be modified. A search algorithm is proposed to find a set of measurements to inject immunity to false data to protect the system. The Guangyu Wu et al literature (Optimal Data Integrity on Actuators in Cyber-Physical Systems, American Control reference (ACC),2016, pp.1160-1164) analyzes how to inject false Data into the Actuators of the Control system to optimize the secondary error index and provide a solution to the optimality conditions and problems. In the literature (Data Injection targets on Smart Grids with multiple Adversaries: A Game-Theoreti Peractive. IEEE Transactions on Smart grid,2016:7 (4); pp 2038 + 2048.), a Stackelberg Game model with a plurality of attackers and a defender is introduced, and the defender can predict the behavior of the attackers before deciding which measurement values to protect and provides a distributed learning algorithm to search for balance points.
In a large-scale industrial control system, sensor nodes and actuator nodes are often distributed in a wider region, and meanwhile, the energy of an intruder is often limited, so that false data cannot be injected into all the sensor nodes or the actuator nodes at the same time. Therefore, how to optimally select the order of injecting dummy data is a problem to be considered.
Disclosure of Invention
The invention aims to provide an optimal switching dummy data injection method aiming at a large-scale physical information system comprising a plurality of subsystems.
The technical scheme for solving the technical problem is as follows:
an optimal switching dummy data injection method comprises the following specific processes:
and (3) injection matrix design: under the condition of injecting false data into a limited subsystem, considering all possible subsystem injection combinations, and designing different injection matrixes for different injection combinations;
and (3) an optimal switching strategy: calculating the switching time of the injection matrixes on line, selecting different injection matrixes at the switching time, and enabling the secondary performance index time to be maximum through switching;
optimal dummy data injection: and constructing optimal dummy data through the state information of all the subsystems, and injecting the optimal dummy data into the corresponding subsystems.
Further, the secondary performance evaluation indexes of the invention are as follows:
Figure BDA0001429709130000041
wherein the content of the first and second substances,
Figure BDA0001429709130000042
for a finite time interval, the weight matrix S, Q is a semi-positive weight matrix of n × n, the weight matrix R is a positive weight matrix of m × m, xcFor n states of the dummy data injection system, uaIs an injected m-dimensional dummy data vector.
Further, the injection matrix design of the present invention: setting the form of an injection matrix as
Figure BDA0001429709130000043
i=1,…,N,
Figure BDA0001429709130000044
Is an m-dimensional row vector, j is 1, …, n,
Figure BDA0001429709130000045
n is the number of the dummy data injection systems, and r is the number of the subsystems capable of injecting the dummy data simultaneously in the same time period; arbitrarily set injection matrixThe middle r non-zero row vectors.
Further, the optimal handover strategy of the present invention: solving the optimal switching moment through the maximum value principle to maximize the secondary performance index, and obtaining the online switching condition of the injection matrix as
Figure BDA0001429709130000046
Wherein the content of the first and second substances,
Figure BDA0001429709130000047
for a limited time range, xc(t0)、xc(tf) Are respectively shown at t0And tfAt time n dummy data injection system states, λ (t)f) Represents tfA time of day covariate.
Further, the optimal dummy data injection of the present invention is:
Figure BDA0001429709130000048
wherein u isaFor optimal dummy data, i.e. injected m-dimensional dummy data vectors, xcFor the state of the dummy data injection system, PiIs the solution of algebraic Riacati equation;
Figure BDA0001429709130000049
where A is a system matrix of n × n.
Advantageous effects
Firstly, the optimal false data is constructed in a state feedback mode, so that the method is convenient to realize, and meanwhile, the switching strategy can be calculated on line in real time, so that the global optimal solution can be obtained conveniently.
Secondly, the dynamic performance of the control system is changed by tampering the transmission data containing information such as control and sensing, the method is suitable for testing the defense effect of the industrial control system and the information physical fusion system on false data injection, and a test means is provided for the design of the defense method.
Drawings
FIG. 1 is a flow chart of an optimal handoff dummy data injection method of the present invention;
FIG. 2 is a block diagram of a physical information system comprising 3 subsystems and an attacker;
FIG. 3 is a graph of switching times for three injection combinations;
FIG. 4 is a state trace diagram after injecting dummy data into the system.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention.
Assume a model of a healthy system as:
Figure BDA0001429709130000051
the model of the dummy data injection system is:
Figure BDA0001429709130000052
wherein x iscFor n-dimensional column vectors, representing the states of n dummy data injection systems, uaIs an injected m-dimensional dummy data vector. Assume { A, BaAre controllable. In a limited time
Figure BDA0001429709130000053
And defining the secondary performance evaluation indexes as follows:
Figure BDA0001429709130000054
wherein A is a system matrix of n × n, and BaThe weight matrix S, Q is a semi-positive weight matrix of n × n, and the weight matrix R is a positive weight matrix of m × m.
The invention discloses an optimal switching dummy data injection method, which comprises the following specific processes as shown in figure 1:
(1) and (3) injection matrix design:
it is assumed that the injector can monitor the status information of all subsystems online, but because the energy of the injector is limited or because the distribution area of the subsystems is wide, the injector cannot inject dummy data to all subsystems in the same time period, and only has the ability to inject data to r subsystems simultaneously. Then the injection matrices are shared
Figure BDA0001429709130000061
The pattern is selectable and each injection matrix has r non-zero rows. Different injection effects are brought by injection combinations of different subsystems, and in order to achieve the optimal effect, an injector should inject false data into different subsystems at different moments so as to maximize secondary performance evaluation indexes.
Defining an injection matrix:
Figure BDA0001429709130000062
i=1,…,N,
Figure BDA0001429709130000063
is an m-dimensional row vector, j is 1, …, n. The value of the non-zero row vector of the injection matrix can be arbitrarily designed by the implanter to determine the different injection matrices.
(2) And (3) an optimal switching strategy:
solving the optimal switching injection problem by a maximum value principle to obtain a collaborative equation:
Figure BDA0001429709130000064
the state equation is as follows:
Figure BDA0001429709130000065
and boundary conditions:
λ(tf)=Sxc(tf)
the online switching conditions of the injection matrix are as follows:
Figure BDA0001429709130000066
knowing xc(t0)、xc(tf) And λ (t)f) Solving the two-point boundary value problem to obtain the initial value lambda (t) of the covariate0) And a switching time instant.
The optimal state feedback under infinite time performance evaluation indexes is obtained by solving an algebraic Rikati equation, and the optimal switching sequence among different injection matrixes is determined by calculating the component sum of the covariates.
(3) Optimal dummy data injection:
injecting optimal false data into the corresponding subsystem:
Figure BDA0001429709130000071
when t isf→ infinity, covariate λ (t) ═ Pixc(t),PiIs the solution of an algebraic Rickti equation and satisfies the following conditions:
Figure BDA0001429709130000072
with appropriate Q, R and BiThe combination of (1) and (3) enables a Rikati equation to have a solution, and the optimal false data becomes:
Figure BDA0001429709130000073
uaconfigured in the form of state feedback.
Discretization is carried out on the process, and the sampling period is set to be T.
Step 1 initializing i (0) and xc(0)
λ(0)=Pi(0)xc(0)
Step 2, loop calculation:
λ(k)=Pi(k)xc(k)
Figure BDA0001429709130000074
Figure BDA0001429709130000075
the following describes the embodiments of the present invention in detail with reference to the drawings.
FIG. 2 is a block diagram of an injector injecting dummy data into a physical information system with three interconnected subsystems. The injector injects the false data into the dynamic equation of the subsystem, and only injects the false data into two subsystems each time, and the system parameters are selected as follows:
Figure BDA0001429709130000081
initial conditions: x is the number of0=[2,2,2]T,λ(0)=P1x0=[0.7,0.65,0.65]T. The injection matrix is designed as follows:
Figure BDA0001429709130000082
the solutions of the algebraic Rickti equations corresponding to the three injection matrices are:
Figure BDA0001429709130000083
Figure BDA0001429709130000084
fig. 3 is a graph of switching times for three injection combinations.
FIG. 4 is a state trace diagram after injecting dummy data into the system.
It can be seen from the figure that the injected subsystem trajectory deviates significantly from the healthy system trajectory, but still eventually tends to steady state. The optimal switching time and the selection of the injection matrix are obtained on line, and the performance evaluation index corresponding to the obtained optimal sequence is superior to other switching sequences.
The present invention is not limited to the above-described embodiments, and various modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention are included in the scope of the present invention.

Claims (2)

1. An optimal switching dummy data injection method is characterized by comprising the following specific processes:
and (3) injection matrix design: under the condition of injecting false data into a limited subsystem, considering all possible subsystem injection combinations, and designing different injection matrixes for different injection combinations;
and (3) an optimal switching strategy: calculating the switching time of the injection matrixes on line, selecting different injection matrixes at the switching time, and enabling the time of the secondary performance evaluation index to be maximum through switching;
optimal dummy data injection: constructing optimal false data through the state information of all subsystems, and injecting the optimal false data into the corresponding subsystems;
setting the form of an injection matrix as
Figure FDA0002418749440000011
Figure FDA0002418749440000012
Is an m-dimensional row vector, j is 1, …, n,
Figure FDA0002418749440000013
n is the number of the dummy data injection systems, and r is the number of the subsystems capable of injecting the dummy data simultaneously in the same time period; arbitrarily setting r nonzero row vectors in an injection matrix;
solving the optimal switching moment through the maximum value principle to maximize the secondary performance index, and obtaining the online switching condition of the injection matrix as
Figure FDA0002418749440000014
Wherein, λ (t)f) Represents tfThe time covariance variable is a positive definite weight matrix of m × m;
the secondary performance evaluation indexes are as follows:
Figure FDA0002418749440000015
wherein the content of the first and second substances,
Figure FDA0002418749440000016
for a finite time interval, the weight matrix S, Q is a semi-positive weight matrix of n × n, the weight matrix R is a positive weight matrix of m × m, xcFor n states of the dummy data injection system, uaIs an injected m-dimensional dummy data vector.
2. The optimal switching dummy data injection method of claim 1, wherein the optimal dummy data injection is:
Figure FDA0002418749440000021
wherein u isaFor optimal dummy data, i.e. injected m-dimensional dummy data vectors, xcFor the state of the dummy data injection system, PiIs the solution of algebraic Riacati equation;
Figure FDA0002418749440000022
where A is a system matrix of n × n.
CN201710935494.6A 2017-10-10 2017-10-10 Optimal switching dummy data injection method Active CN107544472B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710935494.6A CN107544472B (en) 2017-10-10 2017-10-10 Optimal switching dummy data injection method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710935494.6A CN107544472B (en) 2017-10-10 2017-10-10 Optimal switching dummy data injection method

Publications (2)

Publication Number Publication Date
CN107544472A CN107544472A (en) 2018-01-05
CN107544472B true CN107544472B (en) 2020-07-03

Family

ID=60967370

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710935494.6A Active CN107544472B (en) 2017-10-10 2017-10-10 Optimal switching dummy data injection method

Country Status (1)

Country Link
CN (1) CN107544472B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113325705B (en) * 2021-04-30 2022-09-30 同济大学 Slamming-slamming control method of linear switching system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102761122A (en) * 2012-07-06 2012-10-31 华北电力大学 Defense method of false data injection attack of power state estimation system
WO2012154664A2 (en) * 2011-05-06 2012-11-15 University Of North Carolina At Chapel Hill Methods, systems, and computer readable media for detecting injected machine code
CN104573510A (en) * 2015-02-06 2015-04-29 西南科技大学 Smart grid malicious data injection attack and detection method
CN105791280A (en) * 2016-02-29 2016-07-20 西安交通大学 Method for defending data integrity attack in direct state estimation of power system
CN107016236A (en) * 2017-03-23 2017-08-04 新疆电力建设调试所 Power network false data detection method for injection attack based on non-linear measurement equation

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012154664A2 (en) * 2011-05-06 2012-11-15 University Of North Carolina At Chapel Hill Methods, systems, and computer readable media for detecting injected machine code
CN102761122A (en) * 2012-07-06 2012-10-31 华北电力大学 Defense method of false data injection attack of power state estimation system
CN104573510A (en) * 2015-02-06 2015-04-29 西南科技大学 Smart grid malicious data injection attack and detection method
CN105791280A (en) * 2016-02-29 2016-07-20 西安交通大学 Method for defending data integrity attack in direct state estimation of power system
CN107016236A (en) * 2017-03-23 2017-08-04 新疆电力建设调试所 Power network false data detection method for injection attack based on non-linear measurement equation

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Guangyu Wu et al.Optimal Switching Integrity Attacks in Cyber-Physical System.《2017 32nd Youth Academic Annual Conference of Chinese Association of Automation(YAC)》.2017, *
Optimal Switching Integrity Attacks in Cyber-Physical System;Guangyu Wu et al;《2017 32nd Youth Academic Annual Conference of Chinese Association of Automation(YAC)》;20170703;第709页右栏最后1段-第712页右栏最后1段 *
基于线性二次型最优控制的光伏并网发电系统的研究;李春玲;《中国博士学位论文全文数据库(电子期刊)工程科技II辑》;20130515(第5期);全文 *

Also Published As

Publication number Publication date
CN107544472A (en) 2018-01-05

Similar Documents

Publication Publication Date Title
Wang et al. Coordinated topology attacks in smart grid using deep reinforcement learning
Xu et al. Achieving efficient detection against false data injection attacks in smart grid
Hahn et al. A multi-layered and kill-chain based security analysis framework for cyber-physical systems
Ding et al. Event‐based security control for discrete‐time stochastic systems
Giani et al. Smart grid data integrity attacks
Wu et al. A survey on the security of cyber-physical systems
Yan et al. Integrated security analysis on cascading failure in complex networks
Li et al. False data injection attacks with incomplete network topology information in smart grid
Rahman et al. A formal model for verifying the impact of stealthy attacks on optimal power flow in power grids
Hewett et al. Cyber-security analysis of smart grid SCADA systems with game models
Darbandi et al. Real‐time stability assessment in smart cyber‐physical grids: a deep learning approach
Orojloo et al. A method for modeling and evaluation of the security of cyber-physical systems
CN107544472B (en) Optimal switching dummy data injection method
CN110826888B (en) Data integrity attack detection method in power system dynamic state estimation
CN113885330B (en) Information physical system safety control method based on deep reinforcement learning
Li et al. An adaptive sliding‐mode resilient control strategy in smart grid under mixed attacks
Zhang et al. Online re‐dispatching of power systems based on modal sensitivity identification
Feng et al. Stochastic games for power grid coordinated defence against coordinated attacks
Deng et al. Real-time detection of false data injection attacks based on load forecasting in smart grid
Zhonghua et al. False data injection attacks for output tracking control systems
Mohammadpourfard et al. Real-time detection of cyber-attacks in modern power grids with uncertainty using deep learning
Zhang et al. Zero-parameter-information FDI attacks against power system state estimation
Chukwuka et al. Bad data injection attack propagation in cyber-physical power delivery systems
Tong et al. False data injection attack on power system data-driven methods based on generative adversarial networks
Hewett et al. Smart Grid security: Deriving informed decisions from cyber attack game analysis

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant