A Game-Theoretic Approach to Secure Estimation and Control for Cyber-Physical Systems with a Digital Twin
AA Game-Theoretic Approach to Secure Estimation and Control forCyber-Physical Systems with a Digital Twin st Zhiheng Xu
School of Electrical and Electronic EngineeringNanyang Technological University, SingaporeEmail: [email protected] nd Arvind Easwaran
School of Computer Science and EngineeringNanyang Technological University, SingaporeEmail: [email protected]
Abstract —Cyber-Physical Systems (CPSs) play an increasinglysignificant role in many critical applications. These valuableapplications attract various sophisticated attacks. This paperconsiders a stealthy estimation attack, which aims to modify thestate estimation of the CPSs. The intelligent attackers can learndefense strategies and use clandestine attack strategies to avoiddetection. To address the issue, we design a Chi-square detectorin a Digital Twin (DT), which is an online digital model of thephysical system. We use a Signaling Game with Evidence (SGE)to find the optimal attack and defense strategies. Our analyticalresults show that the proposed defense strategies can mitigate theimpact of the attack on the physical estimation and guarantee thestability of the CPSs. Finally, we use an illustrative applicationto evaluate the performance of the proposed framework.
Index Terms —Cyber-Physical Systems, Data-Integrity Attack,Signaling Game with Evidence, Digital Twin.
I. I
NTRODUCTION
Cyber-Physical Systems (CPS) integrate physical compo-nents (e.g., sensors, actuators, and controllers), computationalresources, and networked communications [1]. The integrationwith networked communications highly enhances the flexi-bility and scalability of CPSs in various applications, suchas large-scale manufacturing systems [2], intelligent trans-port systems [3], and smart grid infrastructure [4]. However,the valuable applications of CPSs attract many sophisticatedattacks. A well-known example is the Stuxnet, a computervirus compromises Supervisory control and data acquisition(SCADA) of industrial systems [5]. Besides, we have wit-nessed many other control-system-related attacks, such asMaroochy Water attack [6], Unmanned Aerial Vehicle’s (UAV)GPS spoofing attack [7], and German Steel Mill cyber attack[8].Due to the increasing number of security-related incidentsin CPSs, many researchers have studied the features of theseattacks and developed relevant defense strategies. Amongmany attack models, we focus on data-integrity attacks, wherethe attackers modify the original data used by the system orinject unauthorized data to the system [9]. The data-integrityattacks can cause catastrophic consequences in CPSs. Forinstance, the fake data may deviate the system to a dangeroustrajectory or make the system oscillate with a significant
This work was supported by Delta-NTU Corporate Lab for Cyber-PhysicalSystems with funding support from Delta Electronics Inc. and the NationalResearch Foundation (NRF) Singapore under the Corp Lab@UniversityScheme. amplitude, destabilizing the system. Therefore, how to mitigatethe impact of data-integrity attacks becomes a critical issue inthe security design of CPSs.One typical data-integrity attack for CPSs is the Sensor-and-Estimation (SE) attack, where the attackers tamper the sensingor estimated information of the CPSs [10]. Given the SEattack, Fawzi et al. [11] have studied a SE attack and proposedalgorithms to reconstruct the system state when the attackerscorrupt less than half of the sensors or actuators. MiroslavPajic et al. [12] have extended the attack-resilient state esti-mation for noisy dynamical systems. Based on Kalman filter,Chang et al. [13] have extended the secure estimation ofCPSs to a scenario in which the set of attacked nodes canchange over time. However, to recover the estimation, theabove work requires a certain number of uncorrupted sensorsor a sufficiently long time. Those approach might introduce anon-negligible computational overhead, which is not suitablefor time-critical CPSs, e.g., real-time systems. Besides, sinceall the senors do not have any protection, the attacker mighteasily compromise the a large number of sensors, violating theassumptions of the above work.Instead of recovering the estimation from SE attacks, re-searchers and operators also focus on attack detection [14].However, detecting a SE attack could be challenging sincethe attackers’ strategies become increasingly sophisticated.Pasqualetti et al. [15] have identified the conditions of unde-tectable SE attacks for CPSs. Using the conventional statisticdetection theory, e.g., Chi-square detection, may fail to dis-cover an estimation attack if the attackers launch a stealthyattack [16]. Yuan Chen et al. [17] have developed optimalattack strategies, which can deviate the CPSs subject todetection constraints. Hence, the traditional detection theorymay not sufficiently address the stealthy attacks in whichthe attackers can acquire the defense information. Besides,using classical cryptography to protect CPSs will introducesignificant overhead, degrading the control performance ofdelay-sensitive CPSs [18].The development of Digital Twin (DT) provides essentialresources and environments for detecting sophisticated attacks.A DT could be a virtual prototype of a CPS, reflecting partialor entire physical processes [19]. Based on the concept of DT,researchers have developed numerous applications for CPSs[20]. The most relevant application to this paper is using aDT to achieve fault detection [21]. Similarly, we use the DT a r X i v : . [ ee ss . S Y ] F e b ig. 1. The Stealthy Estimation Attack and the Defense Mechanism based ona Digital Twin: the attacker aims to modify the estimation results in a CPS,while the Digital Twin protects the system by monitoring the results. to monitor the estimation process, mitigating the influence ofthe SE attack.In this paper, we focus on a stealthy estimation attack, wherethe attackers know the defense strategies and aim to tamperthe estimation results without being detected. Fig. 1 illustratesthe underlying architecture of the proposed framework. Towithstand the attack, we design a Chi-square detector, runningin a DT. The DT connects to a group of protected sensingdevices, collecting relevant evidence. We use cryptography(e.g., digital signature or message authentication code) topreserve the evidence from the attack. Hence, the DT canuse the evidence to monitor the estimation of the physicalsystems. The cryptographic overhead will not affect physicalperformance since the execution of the real plant does notdepend on the DT.Different from the work [11]–[13], we have designed twoindependent channels, i.e., one is protected by standard cryp-tography, and the other one is the general sensing channel.Fig. 2 illustrates the structure of the framework. The mainadvantage of this structure is the cryptographical overhead willaffect the control performance of the physical system due tothe independency between these two channels. Fig. 2. The Architecture of the Framework: the Digital Twin has twochannels to obtain the sensing information of the plant: one is secure, andthe other is not secure. The secure channel provides less accurate data witha heavy computational overhead. DT only uses the secure channel to runthe verification, and the computational overhead has negligible impact on thephysical performance since these two channels are independent.
To analyze whether a stealthy attack can bypass DT’sdetector, we use game theory to find the optimal attack anddefense strategies. Game theory has been an essential tool in designing security algorithms since we can use it to searchfor the optimal defense strategies against intelligent attackers[22]. One related game model that can capture the detectionissue is the Signaling Game (SG) [23]. However, instead ofusing the SG, we use a Signaling Game with Evidence (SGE),presented in [24], to protect the system from the attack. Inan SGE, the DT’s detector will provide critical evidence toexplore the stealthy attack. After integrating DT’s detectorwith CPSs, we use an SGE to study the stealthy attack anddevelop optimal defense strategies based on the equilibria ofthe SGE. Our analytical results show that the stealthy attackershave to sacrifice the impact on the physical system to avoiddetection.We organize the rest of the paper as follows. SectionII presents the problem formulation in which we identifythe control problem, attack model, and a signaling gameframework. Section III analyzes the equilibrium of the gameframework and the stability of the CPSs. Section IV usesthe experimental results to evaluate the performance of theproposed defense mechanism. Finally, Section V concludesthe entire paper.II. S
YSTEM M ODELLING AND C HARACTERIZATION
In this section, we first introduce the dynamic model of aCPS. Secondly, we define a stealthy estimation attack model.Based on a Digital Twin (DT), we design a Chi-squaredetector to monitor the estimation process. Finally, we definea Signaling Game with Evidence (SGE) to characterize thefeatures of the stealthy attack.
A. System Model and Control Problem of a CPS
Suppose that the physical layer of a CPS is a control system.We assume that the control system can be linearized as a lineardiscrete-time system, given by x k +1 = Ax k + Bu k + w k , (1) y k = Cx k + v k , (2)where k ∈ Z + is the discrete-time instant; x k ∈ R n x is thesystem state with an initial condition x ∼ N (0 n x , Σ x ) , and Σ x ∈ R n x × n x is the covariance matrix; u k ∈ R n u is thecontrol input; y k ∈ R n y is the sensor output; w k ∈ R n x and v k ∈ R n y are additive zero-mean Gaussian noises withcovariance matrices Σ w and Σ v with proper dimensions; A , B , and C are constant matrices with proper dimensions.Given system model (1), we design a control policy µ : R n x → R n u by minimizing the following expected linearquadratic cost function, i.e., J LQG = lim N →∞ sup E (cid:26) N N − (cid:88) k =0 (cid:18) x Tk Qx k + u Tk Ru k (cid:19)(cid:27) , (3)where Q ∈ R n x × n x and R ∈ R n u × n u are positive-definitematrices.Note that the controller cannot use state x k directly, i.e., weneed to design an observer to estimate x k . Hence, minimizingfunction (3) is a Linear Regulator Gaussian (LQG) problem.ccording to the separation principle, we can design thecontroller and state estimator separately. The optimal controlpolicy µ : R n x → R n u is given by µ k ( x k ) := K k x k , with K k := − ( R + B T V k B ) B T V k , (4)where V k ∈ R n x × n x is the solution to the linear discrete-timealgebraic Riccati equation V k +1 = Q + A T V k ( A − BK k ) , with V = I n x , (5)and I n x ∈ R n x × n x is an identity matrix.We assume that ( A, B ) is stabilizable. Then, V k will con-verge to a constant matrix V when k goes to infinity, i.e., lim k →∞ V k = V, and lim k →∞ µ k ( x ) = µ ( x ) = Kx.
In the next subsection, we will use a Kalman filter toestimate x k such that controller (4) uses this estimated valueto control the physical system. B. Kalman Filter Problem
To use controller (4), we need to design an estimator. Let ˆ x k ∈ R n x be the estimation of x k and ˆ e k := ˆ x k − x k bethe error of the estimation. Given the observation Y k − := { y , y , . . . , y k − } , we aim to solve the following Kalmanfiltering problem, i.e., min ˆ x k ∈ R nx × nx E [(ˆ x k − x k ) T (ˆ x k − x k ) |Y k − ] . (6)To solve (6), we need the following lemma, which charac-terizes a conditioned Gaussian distribution. Lemma 1: [25] If a ∈ R n a , b ∈ R n b are jointly Gaussianwith means ¯ a , ¯ b and covariances Σ a , Σ b , and Σ ab = Σ Tba , thengiven b , distribution a is a Gaussian with E [ a | b ] = ¯ a + Σ ab Σ − b ( b − ¯ b ) , Cov [ a | b ] = Σ a − Σ ab Σ − b Σ ba . To use Lemma 1, we define the covariance matrix of ˆ e k as ˆ P k := E [ˆ e k ˆ e Tk | y k − ] = E [(ˆ x k − x k )(ˆ x k − x k ) T | y k − ] , with ˆ P = Σ x . Using the results of Lemma 1, we computethe optimal estimation iteratively, i.e., ˆ x k = A K ˆ x k − + ˆ L k ( y k − − C ˆ x k − ) , (7)where A K := ( A + BK ) . Gain matrix ˆ L k ∈ R n x × n y andcovariance ˆ P k ∈ R n x × n x are updated using ˆ L k := A K ˆ P k C T (Σ v + C ˆ P k C T ) − , ˆ P k +1 := Σ w + ( A K − ˆ L k C ) ˆ P k A TK . Assuming that ( A, C ) is detectable, we can obtain that lim k →∞ ˆ P k = ˆ P ∗ , (8)where ˆ P ∗ ∈ R n x × n x is a constant positive-definite matrix. C. Stealthy Estimation Attack
CPSs face an increasing threat in recent years. Numerousattack models for CPSs or networked control systems (NCSs)have been introduced in [26]. Among those attacks, one majorattack is the data-integrity attack, where the attacker canmodify or forge data used in the CPSs. For example, Liu et al.[27] have studied a false-data-injection attack that can tamperthe state estimation in electrical power grids.
Fig. 3. The Stealthy Estimation Attack: intelligent attacker aims to deviatethe state by modifying the estimation results.
To mitigate the impact of a data-integrity attack on the stateestimation, researchers have designed a Chi-square detectorto monitor the estimation process. However, Yilin Mo etal. [16] have analyzed stealthy integrity attack, which canpass the Chi-square detector by manipulating the perturbationof the injected data. Therefore, the main challenge is thatthe conventional fault detectors fail to protect the systemfrom a stealthy attack. One real attack that can achieve theobjective is the Advanced Persistent Threat (APT) [28], whichcan compromise a cyber system by executing a zero-dayexploration to discover the vulnerabilities.In our work, we consider an intelligent attacker who canlaunch a stealthy estimation attack to tamper the estimationresults. Fig. 3 illustrates how the attacker achieves its objec-tive. The attacker can either modify the data in the sensorsor the data in the estimator. Besides tampering the estimationresults, the attacker is also aware of the intrusion detector.The attacker can know the defense strategy and play a stealthyattack to remaind unknown.In the next subsection, based on the Digital Twin (DT), wedesign a cyber defender to withstand the stealthy estimationattack and discuss the benefits introduced by the DT. Afterpresenting the game model, we will discuss the optimaldefense strategies explicitly in Section III.
D. Digital Twin for the CPS
As mentioned above, an intelligent attacker can learn thedefense strategy and launch a stealthy estimation attack, whichcan modify the estimation results without being detected by theconventional detector, e.g., a Chi-square detector. To resolvethe issue, we aim to design an advanced detector based ona Digital Twin (DT). After that, we use a game-theoreticalapproach to develop an optimal defense strategy. ig. 4. The CPS with a DT: the DT uses a secure observation z k to obtainan estimation ˜ x k ; given ˜ x k , we use a Chi-square detector monitor estimationresult ˆ x k . Given the system information, we design a DT with thefollowing dynamics ˜ x k = A K ˜ x k − + ˜ L k ( z k − − D ˜ x k − ) , (9) z k = Dx k + d k , where ˜ x k ∈ R n x is the DT’s estimation of state x k ; z k ∈ R n z is the DT’s observation; D ∈ R n z × n x is a constant matrix, d k is a Gaussian noise with a covariance matrix Σ d ∈ R n z .Similar to problem (6), we compute ˜ L k using the followingiterations: ˜ L k = A K ˜ P k D T (Σ d + D ˜ P k D T ) − , ˜ P k +1 = Σ w + ( A K − ˜ L k D ) ˜ P k A TF , where ˜ P = Σ x and ˜ P k is defined by ˆ P k := E [(˜ x k − x k )(˜ x k − x k ) T | z k − ] = E [˜ e k ˜ e Tk | z k − ] . where ˜ e k := ˜ x k − x k is the DT’s estimation error. We alsoassume that ( A K , D ) is detectable, i.e., we have lim k →∞ ˜ P k = ˜ P ∗ . (10)Fig. 4 illustrates the architecture of a CPS with a DT. Wesummarize the main differences between Kalman filter (7) andthe DT’s estimator (9) as follows. Firstly, the Kalman filter willuse all available sensing information y k to obtain estimation ˆ x k . While the DT’s estimator just uses a minimum sensinginformation z k ∈ R n z to predict x k as long as ( A, D ) isdetectable, i.e., n y ≥ n z . This feature reduces the dimensionof z k , making it easier to protect z k . Secondly, we do notrequire a high accuracy for z k , since we only use z k for attackdetection. Hence, in general, ˆ P ∗ and ˜ P ∗ satisfy the conditionthat tr ( ˆ P ∗ ) ≤ tr ( ˜ P ∗ ) , where tr ( P ) is the trace of matrix P .Thirdly, we do not use any cryptography to protect y k sincethe overhead introduced by the encryption scheme will degradethe performance of the physical system. However, we can usecryptography, such as Message Authentication Code (MAC)[29] or Digital Signature (DS) [30], to protect the integrity of z k . The overhead caused by the cryptography will not affect Fig. 5. The DT’s Monitoring Process: we can view the DT’s monitoringprocess as a message-sending process, i.e., the estimator sends a message tothe DT for verification. the physical system, because it does depend on z k . Besides,we can put the DT into a supercomputer or a cloud to resolvethe overhead issue.To sum up, z k is an observation that is less accurate butmore secure than y k . Given the distinct features of y k and z k ,we use y k to estimate x k for the physical control and use z k for the detection in the DT.Given DT’s estimator, we construct a Chi-square detectorto monitor estimation result ˆ x k at each time k . As illustratedin Fig. 4, we build the detector in the DT by comparing ˜ x k and ˆ x k . The Chi-square detector generates a detection result q k ∈ Q := { , , } at time k , where q k = 0 means the resultis qualified, q k = 1 means the result is unqualified, q k = 2 means the result is detrimental. When q k = 2 , the DT shouldalways reject the estimation and send an alarm to the operators.To design the detector, we define φ k := ˜ x k − ˆ x k . Since ˜ x k and ˆ x k are Gaussian distributions, φ k is a also Gaussiandistribution with a zero-mean vector and a covariance matrix,i.e., φ ∼ N (0 n x , Σ φ ) . Furthermore, we define that χ k := (˜ x k − ˆ x k ) T Σ − φ (˜ x k − ˆ x k ) . (11)Then, χ k follows a Chi-square distribution. We define a Chi-square detector as the following: q k = f q ( m k ) := , if χ k ≤ ρ ;1 , if χ k ∈ ( ρ , ρ ];2 , if χ k > ρ ; (12)where ρ , ρ are two given thresholds, and they satisfy that ρ > ρ > ; f q : R n x → Q is the detection function.Using the above Chi-square detector, we can achieve faultdetection. However, the work [16] has shown that intelligentattackers can constrain the ability of the Chi-square detectorby manipulating the amount of injected data. In the followingsubsection, we will introduce a stealthy sensor attack that aimsto remain stealthy while modifying the estimation. . General Setup of Signaling Game with Evidence Due to the existence of attacks, the DT’s might not be ableto monitor the actual value estimation directly. Instead, theDT’s can read a message provided by the estimator. Accordingto our attack model, the attacker can compromise the estimator.Hence, the estimator can have two identities, i.e., a benignestimator or a malicious estimator. The DT aims to verifythe estimator’s identity by monitoring the estimation results.As shown in Fig. 5, we can view DT’s monitoring processas a message-sending process, i.e., the estimator sends anestimation result to the DT for verification. To capture theinteractions between the estimator and DT, we will formallydefine a Signaling Game with Evidence (SGE) as follows.In an SGE, we have two players: one is the sender, and theother one is the receiver. The sender has a private identity,denoted by θ ∈ Θ := { θ , θ } , where θ means the sender isbenign, and θ means the sender is malicious. According to itsidentity, the sender will choose a message m ∈ M and send itto the receiver. After observing the message, the receiver canchoose an action a ∈ A . Action a = 1 means that the receiveraccepts the message, while a = 0 means the receiver rejectsthe message. The sender and receiver have their own utilityfunctions U i : Θ ×M×A → R , for i ∈ { s, r } . Fig. 6 illustrateshow the data and information transmit in the proposed cyber-physical SGE. Fig. 6. The Architecture of the Proposed SGE for a CPS: the physicalestimator sends the estimation to the DT, which uses its secure evidence toverify the identity of the estimator.
In this paper, given a message m ∈ M , we assume thatboth players are aware of the corresponding detection results,i.e., q = f q ( m ) . Hence, both players’ can select the optimalstrategies based on detection result q . To this end, we let σ s ( f q ( m ) | θ ) ∈ Γ s and σ r ( a | f q ( m )) ∈ Γ r be the mixedstrategies of the sender and receiver, respectively. The spaces Γ s and Γ r are defined by Γ s := (cid:26) σ s (cid:12)(cid:12)(cid:12)(cid:12) (cid:88) m ∈M σ s ( f q ( m ) | θ ) = 1 , ∀ m, σ s ( f q ( m ) | θ ) ≥ (cid:27) , Γ r := (cid:26) σ r (cid:12)(cid:12)(cid:12)(cid:12)(cid:88) a ∈A σ r ( a | f q ( m )) = 1 , ∀ a, σ r ( a | f q ( m )) ≥ (cid:27) . Note that formation of strategy σ s ( f q ( m ) | θ ) does not meanthe sender can choose detection results directly. Instead, thesender can only choose message m ∈ M , which leads to adetection result q based on function f q , given by (12). Given mixed strategies σ s and σ r , we define players’expected utility functions as ¯ U s ( θ, σ s , a ) := (cid:88) q ∈Q σ s ( f q ( m ) | θ ) U s ( θ, m, a ) , ¯ U r ( θ, m, σ r ) := (cid:88) a ∈A σ r ( a | f q ( m )) U r ( θ, m, a ) . To find the optimal mixed strategies of both players, weidentify a Perfect Bayesian Nash Equilibrium (PBNE) of theSGE in the following definition.
Definition 1:
A PBNE of a SGE is a strategy profile ( σ ∗ s , σ ∗ r )and a posterior belief π ( θ ) such that σ s ( f q ( m ) | θ ) ∈ arg max σ s ∈ Γ s (cid:88) a ∈A σ r ( a | f q ( m )) ¯ U s ( θ, σ s , a ) ,σ r ( a | f q ( m )) ∈ arg max σ r ∈ Γ r (cid:88) θ ∈ Θ π ( θ ) ¯ U r ( θ, m, σ r ) , and the receiver updates the posterior belief using the Bayes’rule, i.e., π ( θ ) = f b ( π (cid:48) ( θ ) , f q ( m )):= σ s ( f q ( m ) | θ (cid:48) ) π (cid:48) ( θ ) (cid:80) θ (cid:48) ∈ Θ σ s ( f q ( m ) | θ (cid:48) ) π (cid:48) ( θ (cid:48) ) . (13)where f b : (0 , × Q → (0 , is the belief-update function,and π (cid:48) ( θ ) is a prior belief of θ . Remark 1:
Definition 1 identifies the optimal mixed strate-gies of the sender and receiver. One important thing is thatat any PBNE, the belief π ( θ ) should be consistent with theoptimal strategies, i.e., at the PBNE, belief π ( θ ) is independentof time k . Instead, π ( θ ) should only depend on detectionresults q ∈ Q . Besides, we implement Bays’s rule to deducebelief-update function (13).In a SGE, there are different types of PBNE. We presentthree types of PBNE in the following definition. Definition 2: (Types of PBNE) An SGE, defined by Defini-tion 1, has three types of PBNE:1) Pooling PBNE: The senders with different identities useidentical strategies. Hence, the receiver cannot distin-guish the identities of the sender based on the availableevidence and message, i.e., the receiver will use the samestrategies with the different senders.2) Separated PBNE: Different senders will use differentstrategies based on their identities, and the receiver candistinguish the senders and use different strategies fordifferent senders.3) Partially-Separated PBNE: different senders will choosedifferent, but not completely opposite strategies, i.e., σ s ( f q ( m ) | θ ) (cid:54) = 1 − σ s ( f q ( m ) | θ ) . Remark 2:
In the separated PBNE, the receiver can obtainthe identity of the senders by observing a finite sequence ofevidence and messages. However, in the other two PBNE, thereceiver may not be able to distinguish the senders’ identity.ote that in real applications, the CPS will run the SGErepeatedly, and generate a sequence of detection results H k := { q , q , . . . , q k } . At time k , we define the posterior belief as π k ( θ ) := Pr( θ |H k − ) . Whenever there is a new detection result q k , we can updatethe belief using π k +1 ( θ ) = f b ( π k ( θ ) , q k ) , where function f b is defined by (13). Belief π k +1 ( θ ) will become a prior beliefat time k + 1 .To this end, we will use the SGE framework to capturethe interactions between the physical layer and the DT. Wewill find the optimal defense strategy of the DT by findingthe PBNE. In the next section, we define the utility functionsexplicitly and find the PBNE of the proposed SGE. Given thePBNE, we can identify the optimal defense strategies.III. E QUILIBRIUM R ESULTS OF THE C YBER
SGEIn this section, we aim to find the optimal defense strategyagainst a stealthy sensor attack. To this end, we first definethe utility functions, which capture the profit earned by theplayers. Secondly, we identify the best response of the playerswhen they observe or anticipate the other player’s strategy.Finally, we present a PBNE under the players’ best responseand obtain an optimal defense strategy for the DT. We analyzethe stability of the system under the stealthy attack.
A. SGE Setup for the CPSs
In this work, we use an SGE to capture the interactionsbetween the physical estimator and the DT. In our scenario,the message set is just the estimation set, i.e., M := R n x .The DT monitors the estimation m k and chooses an action a ∈ A := { , } . Action a = 1 means the estimation passesthe verification, while action a = 0 means the verificationfails, and the DT will send an alarm to the operators.In the next step, we define the utility functions of bothplayers, explicitly. Firstly, we define sender’s utility functions U s ( θ, m, a ) . Since the sender has two identifies, we need todefine two types of utility functions for the sender. The utilityfunction with θ = 0 is defined by U s ( θ , m k , a k ) := − E [( m k − x k ) T ( m k − x k )] , (14)In (14), we can see that U s ( θ , m k , a k ) is independent ofaction a k , and maximizing U s ( θ , m k , a k ) is equivalent to theestimation problem (6). Hence, given (14), the benign senderalways sends the true estimation result ˆ x k , defined by (7),regardless of action a k .For the malicious estimator, we define its utility function as U s ( θ , m k , a k ) := E [( m k − x k ) T ( m k − x k )] · { a k =1 } , (15)where { s } = 1 if statement s is true. In (15), we see thatthe motivation of the attacker is to deviate the system state asmuch as possible while remaining undiscovered. However, theattacker’s utility will be zero if the DT detects the attack.Secondly, we define the DT’s utility function. Note that theDT’s utility function should depend on the identity of thesender. When the estimator is benign, i.e., θ = 0 , the DT should choose a k = 1 to accept the estimation. When theestimator is malicious, i.e., ( θ = 1) , the DT should choose a k = 0 to reject the estimation and send an alarm to theoperators. Given the motivations, we define U r ( θ, ˆ x, a ) U r ( θ , m k , a k ) := − (˜ x k − m k ) T ˜ Q (˜ x k − m k ) · { a k =0 } ,U r ( θ , m k , a k ) := − (˜ x k − m k ) T ˜ Q (˜ x k − m k ) · { a k =1 } . where ˜ Q , ˜ Q ∈ R n x × n x are positive-definite matrices. Theweighting matrices will affect the receiver’s defense strategy.A large value of tr ( ˜ Q ) will lead to a conservative strategy,while a large value of tr ( ˜ Q ) will lead a radical one. Readerscan receive more details in Proposition 1.In the next subsection, we analyze the behaviors of theplayers and obtain the best-response strategies. Note thatfunction U r ( θ, m k , a k ) is deterministic. The reason is that theDT can observe ˆ x k and ˜ x k at time k , explicitly. However, thephysical estimator cannot observe x k at time k . B. Best Response of the Players and a PBNE of the SGE
We first analyze the best response of the DT. Given belief π k ( θ ) , message m k , and detection result q k , we present thefollowing theorem to identify DT’s best response. Proposition 1: (DT’s Best Response) Given q k = f q ( m k ) ,the DT will choose a k according to the following policy, σ ∗ r ( a k = 1 | q k ) = , if q k (cid:54) = 2 , π k ( θ ) ≥ β ;0 , if q k (cid:54) = 2 , π k ( θ ) < β ;0 , if q k = 2; (16) σ ∗ r ( a k = 0 | q k ) = 1 − σ ∗ r ( a k = 1 | q k ) , (17)where β is defined by β := (˜ x k − m k ) T ˜ Q (˜ x k − m k )(˜ x k − m k ) T ( ˜ Q + ˜ Q )(˜ x k − m k ) . (18) Proof:
Note that E [ U r ( θ, m k , a k = 1) | q k ] ≥ E [ U r ( θ, m k , a k = 0) | q k ] ⇔ a k = 1 if π k ( θ ) ≥ β, where β is defined by (18). This completes the proof. Remark 3:
Given Proposition 1, we note that the DT usesa pure strategy since it can make its decision after observingdetection result q k and message m k .In the next step, we consider the best response of theestimator. If the estimator is benign, i.e., θ = θ , the optimalestimation should be (7). Therefore, the optimal utility of thebenign estimator is given by U s ( θ , ˆ x k , a k ) = E [(ˆ x k − x k ) T (ˆ x k − x k )] = tr ( ˆ P k ) , where tr ( P ) is the trace of matrix P . The following theoremshows the optimal mixed strategy of the benign estimator. Proposition 2: (Best Response of the Benign Estimator)Given the DT’s best response (16), the optimal mixed strategyof the benign estimator, i.e., θ = θ , is given by σ ∗ s ( f q ( m k ) = 0 | θ ) = F χ ( ρ , n x ) , (19) σ ∗ s ( f q ( m k ) = 1 | θ ) = F χ ( ρ , n x ) − F χ ( ρ , n x ) , (20) σ ∗ s ( f q ( m k ) = 2 | θ ) = 1 − F χ ( ρ , n x ) , (21)here ˆ x k is defined by (7), F χ ( ρ, n ) : R + → [0 , is theCumulative Distribution Function (CDF) of the Chi-squaredistribution with n ∈ Z + degrees. Proof:
Note that the benign estimator will choose m k =ˆ x k , defined by (7). According to definition (11), we know that (˜ x k − ˆ x k ) follows a Chi-square distribution with n x degrees.Hence, we have Pr( χ k ≤ ρ ) = F χ ( ρ , n x ) , Pr( χ k > ρ ]) = 1 − F χ ( ρ , n x ) , Pr( χ k ∈ ( ρ , ρ ]) = F χ ( ρ , n x ) − F χ ( ρ , n x ) . Combining the above equations with Chi-square detector (12)yields mixed strategies (19)-(21).
Remark 4:
Note that the benign estimator always choosethe optimal estimation 7. However, from DT’s perspective inthis game, the real mixed strategies of the benign estimatorare (19)-(21) because of uncertainty introduced by the noises.From the perspective of the malicious estimator, it needsto select σ s ( f q ( m k ) | θ ) such that π k ( θ ) ≥ β . Given theattackers’ incentive, we obtain the following theorem. Proposition 3: (Best Response of the Malicious Estimator) σ ∗ s ( f q ( ξ k, ) = 0 | θ ) = F χ ( ρ , n x ) , (22) σ ∗ s ( f q ( ξ k, ) = 1 | θ ) = 1 − F χ ( ρ , n x ) , (23)where ξ k, , ξ k, are the solutions to the following problems: ξ k, ∈ arg max m ∈M ρ (˜ x k ) U s ( θ , m, a k = 1) , (24) ξ k, ∈ arg max m ∈M ρ (˜ x k ) U s ( θ , m, a k = 1) , (25)with spaces M ρ (˜ x k ) and M ρ (˜ x k ) defined by M ρ (˜ x k ) := (cid:26) m ∈ R n x (cid:12)(cid:12)(cid:12)(cid:12) (cid:107) ˜ x k − m (cid:107) − φ ≤ ρ (cid:27) , M ρ (˜ x k ) := (cid:26) m ∈ R n x (cid:12)(cid:12)(cid:12)(cid:12) (cid:107) ˜ x k − m (cid:107) − φ ∈ ( ρ , ρ ] (cid:27) . Proof:
Firstly, the attacker has no incentive to choose m k / ∈ M ρ (˜ x k ) ∪ M ρ (˜ x k ) because its utility will be zero.Secondly, the attacker aims to choose the mixed strategy σ ∗ s ( q k = 1 | θ ) as large as possible since it can make a higherdamage to the system. Then, we show that the optimal mixedstrategy of the attacker is given by (22) and (23). To do this,based on (13), we consider the following belief update: π k +1 ( θ )= σ ∗ s ( q k (cid:54) = 0 | θ ) π k ( θ ) σ ∗ s ( q k (cid:54) = 0 | θ ) π k ( θ ) + σ s ( q k (cid:54) = 0 | θ )(1 − π k ( θ ))= σ ∗ s ( q k (cid:54) = 0 | θ ) π k ( θ )∆ σ s ( q k (cid:54) = 0) π k ( θ ) + σ s ( q k (cid:54) = 1 | θ ) , (26)where ∆ σ s ( q k (cid:54) = 0) is defined by ∆ σ s ( q k (cid:54) = 0) := σ ∗ s ( q k (cid:54) = 0 | θ ) − σ s ( q k (cid:54) = 0 | θ ) . Rearranging (26) yields that π k +1 ( θ ) π k ( θ ) = σ ∗ s ( q k (cid:54) = 0 | θ ) π k ( θ )∆ σ s ( q k (cid:54) = 0) π k ( θ ) + σ s ( q k (cid:54) = 0 | θ ) . Given that π k ( θ ) ∈ (0 , , we have π k +1 ( θ ) π k ( θ ) > , if ∆ σ s ( q k (cid:54) = 0) > π k +1 ( θ ) π k ( θ ) = 1 , if ∆ σ s ( q k (cid:54) = 0) = 0; π k +1 ( θ ) π k ( θ ) < , if ∆ σ s ( q k (cid:54) = 0) < . When π k ( θ ) ∈ [ β, , the attacker has to choose ∆ σ s ( q k (cid:54) =0) = 0 to maintain the belief at a constant. Otherwise, thebelief will decrease continuously. When the belief π k ( θ ) stayslower than β , the DT will send an alert to the operators. Hence,the optimal mixed strategies of the malicious estimator aregiven by (22) and (23).Given the results of Propositions 1, 2, and 3, we present thefollowing theorem to characterize a unique pooling PBNE. Theorem 1: (The PBNE of the Proposed SGE) The proposedcyber SGE has a unique pooling PBNE. At the PBNE, theoptimal mixed strategies of the benign and malicious senderare presented by (19)-(21) and (22)-(23). The DT has a purestrategy defined by (16). At the PBNE, belief π ∗ k ( θ ) ∈ [ β, is a fixed point of function f b , i.e., π ∗ k ( θ ) = f b ( π ∗ k ( θ ) , q k ) , for q k ∈ Q . Proof:
We first show the existence of the pooling PBNE.Suppose that both estimators use strategies (19)-(21), (22)-(23), respectively, and the DT uses (16). Then, no playerhas incentive to move since these are already the optimalstrategies. Besides, for any θ ∈ Θ , q k ∈ Q , we note that π k +1 ( θ ) = f b ( π ∗ k ( θ ) , q k ) = π ∗ k ( θ ) , where f b is defined by (13). Hence, π ∗ k ( θ ) is a fixed pointof function f b , and the belief remain at π ∗ k ( θ ) , which meansthe belief stays consistently with the optimal strategies ofthe sender and receiver. Hence, the proposed strategies pair ( σ ∗ s , σ ∗ r ) is a PBNE.Secondly, we show that pooling PBNE is unique. We notethat the DT and benign estimator have no incentive to movesince they already choose their best strategies. In Proposi-tion 3, we already show that the attacker cannot change itsmixed strategies. Otherwise, the belief cannot remain constant.Hence, pooling PBNE is unique. Remark 5:
Theorem 1 shows that the SGE admits a uniquepooling PBNE, which means that an intelligent attacker canuse its stealthy strategies to avoid being detected by the DT.In the next subsection, we will analyze the stability of thesystem under the stealthy attack. Besides, we will also evaluatethe loss caused by the attack.
C. Estimated Loss Under the Stealthy Attack
In the previous subsection, we have shown the PBNE inwhich the attacker can use a stealthy strategy to pass theverification of the DT. In this subsection, we will quantifythe loss under the attack. Before presenting the results, weneed the following lemma.
Lemma 2:
Given ρ i and ξ k,i , for i ∈ { , } , we have thefollowing relationship: ρ i λ max (Σ φ ) ≥ (˜ x k − ξ k,i ) T (˜ x k − ξ k,i ) , for i = 1 , , here λ max (Σ) is the greatest eigenvalue of matrix Σ . Proof:
Firstly, we note that U s is strictly convex in m k . The solution to problem (24) and (25) must stay at theboundary. Hence, we have ρ i = (˜ x k − ξ k,i ) T Σ − φ (˜ x k − ξ k,i ) ≥ (˜ x k − ξ k,i ) T (˜ x k − ξ k,i ) λ max (Σ φ ) (27)Rearranging (27) yields that ρ i λ max (Σ φ ) ≥ (˜ x k − ξ k,i ) T (˜ x k − ξ k,i ) . This completes the proof.Considering different estimators, we define two physicalcost functions J and J , i.e., J := lim N →∞ E (cid:26) N N − (cid:88) k =0 (cid:20) x Tk Qx k + µ T ( m k ) Rµ ( m k ) (cid:21)(cid:12)(cid:12)(cid:12)(cid:12) θ (cid:27) ,J := lim N →∞ E (cid:26) N N − (cid:88) k =0 (cid:20) x Tk Qx k + µ T ( m k ) Rµ ( m k ) (cid:21)(cid:12)(cid:12)(cid:12)(cid:12) θ (cid:27) . We define a loss function ∆ J := J − J to quantify the losscaused by the stealthy sensor attack. Given pooling PBNEdefined by Theorem 1, we provide an upper-bound of ∆ J inthe following theorem. Theorem 2: (Bounded Loss) The proposed framework canguarantee stability of the CPSs, and the value of function ∆ J is bounded by a constant, i.e., ∆ J = J − J ≤ α tr ( ˜ P ∗ ) − α tr ( ˆ P ∗ ) + α ρ λ max (Σ φ ) F χ ( ρ , n x )+ α ρ λ max (Σ φ )(1 − F χ ( ρ , n x )) , (28)where α and α are defined by α := λ min ( R K )( λ min ( G ) − λ min ( R K )) λ min ( G ) ,α := λ max ( R K )( λ max ( R K ) + 2 λ max ( G )) λ max ( G ) , and R K := K T RK, G := Q + R K ; λ max ( W ) and λ min ( W ) are the greatest and smallest eigenvalues of matrix W . Proof:
Firstly, we note that E (cid:20) (cid:107) x k (cid:107) Q + (cid:107) K ˆ x k (cid:107) R (cid:21) = E (cid:20) (cid:107) x k (cid:107) G + 2 x Tk R K ˆ e k + (cid:107) ˆ e k (cid:107) R K (cid:21) ≥ E (cid:20)(cid:13)(cid:13)(cid:13)(cid:13)(cid:112) λ min ( G ) x k + λ min ( R K ) (cid:112) λ min ( G ) ˆ e k (cid:13)(cid:13)(cid:13)(cid:13) + λ min ( R K )( λ min ( G ) − λ min ( R K )) λ min ( G ) (cid:107) ˆ e k (cid:107) (cid:21) ≥ α tr ( ˆ P k ) , Using the above inequality, we observe that J = lim N →∞ N N − (cid:88) k =0 E (cid:20) (cid:107) x k (cid:107) Q + (cid:107) K ˆ x k (cid:107) R (cid:21) ≥ lim N →∞ N N − (cid:88) k =0 α tr ( ˆ P k ) = α tr ( ˆ P ∗ ) , (29) where ˆ P ∗ is defined by (8). Secondly, we also note that E (cid:20) x Tk Qx k + µ T ( ξ k,i ) Rµ ( ξ k,i ) (cid:21) = E (cid:20) (cid:107) x k (cid:107) Q + (cid:107) x k + ˜ e k + ξ k,i − ˜ x k (cid:107) R K (cid:21) ≤ E (cid:20) (cid:107) x k (cid:107) G + (cid:18) x Tk R K ˜ e k + 2 x Tk R K ( ξ k,i − ˜ x k ) (cid:19) + 2˜ e Tk R K ( ξ k,i − ˜ x k ) + (cid:107) ξ k,i − ˜ x k (cid:107) R K + (cid:107) ˜ e k (cid:107) R K (cid:21) ≤ E (cid:20) (cid:107) x k (cid:107) G + λ ( R K ) λ max ( G ) (cid:18) (cid:107) ˜ e k (cid:107) + (cid:107) ξ k,i − ˜ x k (cid:107) (cid:19) + 2 λ max ( R K ) (cid:107) ˜ e k (cid:107) + 2 λ max ( R k ) (cid:107) ξ k,i − ˜ x k (cid:107) (cid:21) ≤ (cid:107) x k (cid:107) G + α tr ( ˜ P k ) + α ρ i λ max (Σ φ ) , (30)We complete the squares to deduce the second inequality of(30) Similarly, we have J = lim N →∞ N N − (cid:88) k =0 (cid:26) F χ ( ρ , n x ) E (cid:20) (cid:107) x k (cid:107) Q + (cid:107) ξ k, (cid:107) R K (cid:21) + (cid:18) − F χ ( ρ , n x ) (cid:19) E (cid:20) (cid:107) x k (cid:107) Q + (cid:107) ξ k, (cid:107) R K (cid:21)(cid:27) ≤ lim N →∞ N N − (cid:88) k =0 (cid:107) x k (cid:107) G (cid:124) (cid:123)(cid:122) (cid:125) =0 + α ρ λ max (Σ φ ) F χ ( ρ , n x )+ α ρ λ max (Σ φ )(1 − F χ ( ρ , n x )) + α tr ( ˜ P ∗ ) , (31)where ˜ P ∗ is defined by (10). Combining inequalities (29) and(31) yields inequality (28). Hence, the system is stable, andthe impact of the attack is bounded by a constant. Remark 6:
Theorem 2 shows that the difference between J and J is bounded, i.e., the stealthy estimation attack cannotdeviate the system to an arbitrary point even if the attackerhas an infinite amount of time.In the next subsection, we will use an application to evaluatethe performance of the proposed defense strategies.IV. S IMULATION R ESULTS
In this section, we use a two-link Robotic Manipulator(RM) to investigate the impact of the estimation attacks. Inthe experiments, we use different case studies to analyze theperformance of the proposed defense framework.
Fig. 7. The Dynamic Model of a Two-Link Robotic Manipulator (RM): theRM has two links and moves in a two-dimensional space.ig. 8. No-Attack Case: (a) the system trajectory,physical estimation and DT’s estimation; (b) theChi-square value; (c) DT’s belief π ( θ ) . Fig. 9. Normal-Attack Case: (a) the system tra-jectory, physical estimation and DT’s estimation;(b) the Chi-square value; (c) DT’s belief π ( θ ) . Fig. 10. Stealthy-Attack Case: (a) the system tra-jectory, physical estimation and DT’s estimation;(b) the Chi-square value; (c) DT’s belief π ( θ ) . A. Experimental Setup
Fig. 7 illustrates the physical structure of the two-link RM.Variables g and g are the angular positions of Links 1 and2. We summarize the parameters of the RM in Table II. TABLE IP
ARAMETERS OF THE R OBOTIC M ANIPULATOR
Parameter Description Value l Length of Link 1 0.6 m l Length of Link 2 0.4 m r Half Length of Link 1 0.3 m r Half Length of Link 2 0.2 m η Mass of Link 1 6.0 kg η Mass of Link 2 4.0 kg I Inertia of Link 1 on z-axis 1 kg · m I Inertia of Link 2 on z-axis 1 kg · m Let g = [ g , g ] T be the angular vector and τ = [ τ , τ ] T bethe torque input. According to the Euler-Lagrange Equation,we obtain the dynamics of the two-link RM as M ( g )¨ g + S ( g, ˙ g ) ˙ g = τ, (32)where matrices M ( g ) and S ( g, ˙ g ) are defined by M ( g ) := (cid:20) a + b cos( g ) δ + b cos( g ) δ + cos( g ) δ (cid:21) ,S ( g, ˙ g ) := (cid:20) − b sin( g ) ˙ g − b sin( g )( ˙ g + ˙ g ) b sin( g ) ˙ g (cid:21) ,a := I + I + η r + η ( l + r ) ,b := η l r , δ := I + η r . To control the two-link RM, we let τ be τ := M ( g ) a g + S ( g, ˙ g ) ˙ g , where a q ∈ R is the acceleration that we needto design. Note that M ( g ) is positive-definite, i.e., M ( g ) isinvertible. Hence, substituting τ into (32) yields that M ( g )¨ g = M ( g ) a g ⇒ ¨ g = a g . Let p ∈ R be the position of RM’s end-effector. We have ¨ p = H ( g )¨ g + ˙ H ( g ) ˙ g = H ( g ) a g + ˙ H ( g ) ˙ g, (33) where H ( g ) is the Jacobian matrix. Then, we substitute a g := H − ( g )( u − ˙ H ( g )) into (33), arriving at ¨ p = u . Let x = [ p T , ˙ p T ] T be the continuous-time state. Then, we obtaina continuous-time linear system ˙ x = A c x + B c u . Given asampling time ∆ T > , we discretize the continuous-timesystem to obtain system model (1). We let y k and z k be y k = x k + v k , z k = p ( k ∆ T ) + d k (34)We assume that the DT uses security-protected cameras toidentify the position of the end-effector.In the experiments, we let the RM to draw a half circle ona two-dimensional space. The critical parameters are given by β = 0 . , n x = 4 , ρ = 9 . , ρ = 18 . ,F χ ( ρ , n x ) = 0 . , F χ ( ρ , n x ) = 0 . . We have three case studies: a no-attack case, a normal-attackcase, and a stealthy-attack case. In the normal-attack case,the attacker is not aware of the defense strategies and deviatethe system from the trajectory, directly. In the last case, theattacker aims to tamper the estimation without being detected.Figures 8, 9, and 10 illustrate the simulation results of thecase studies. In Fig. 8 (a), we can see that the RM can trackthe trajectory smoothly when there is no attack. However, wenote that DT’s estimation is worse than the physical estimation,which coincides with our expectation. Figures 8 (b) and (c)show the value of the Chi-square and the belief of the DT. Inthe no-attack case, the Chi-square detector will remain silentwith a low false alarm rate, and the belief stays at a highlevel.In Fig. 9 (a), the attackers deviate the system withoutconsidering the detection. Even though DT’s estimation isnot accurate, the attacker cannot tamper that. Therefore, thedetector will rapidly locate the attack and send alarms to theoperators. The belief of θ will remain at the bottom line. InFig. 10, differently, the stealthy attackers know the defensestrategies and try to maintain the Chi-square value belowthreshold ρ . However, the behavior mitigates the impact ofthe attack, which also coincides with the result of Theorem 2.igure 11 illustrates the Mean Square Errors (MSE) ofdifferent cases. Figure 11 (a) presents that the MSE of thephysical estimator is much smaller than the DT’s estimator,i.e., the physical estimator can provide more accurate sensinginformation. However, in Figure 11 (b), we can see that theattacker can deviate the physical estimation to a significantMSE. Besides, under the DT’s supervision, the stealthy at-tacker fails to generate a large MSE. The above results showthat the proposed defense mechanism succeeds in mitigatingthe stealthy attacker’s impact. Fig. 11. The Comparison of the Mean Square Error (MSE): (a) the comparisonbetween the MSE of physical estimation and DT’s estimation; (b) the MSEof different case studies.
V. C
ONCLUSIONS
In this paper, we have considered a stealthy estimationattack, where an attack can modify the estimation resultsto deviate the system without being detected. To mitigatethe impact of the attack on physical performance, we havedeveloped a Chi-square detector, running in a Digital Twin(DT). The Chi-square detector can collect DT’s observationsand the physical estimation to verify the identity of theestimator. We have used a Signaling Game with Evidence(SGE) to study the optimal attack and defense strategies. Ouranalytical results have shown that the proposed framework canconstrain the attackers’ ability and guarantee the stability.R
EFERENCES[1] K.-D. Kim and P. R. Kumar, “Cyber–physical systems: A perspectiveat the centennial,”
Proceedings of the IEEE , vol. 100, no. SpecialCentennial Issue, pp. 1287–1308, 2012.[2] L. Wang, M. T¨orngren, and M. Onori, “Current status and advancementof cyber-physical systems in manufacturing,”
Journal of ManufacturingSystems , vol. 37, pp. 517–527, 2015.[3] G. Xiong, F. Zhu, X. Liu, X. Dong, W. Huang, S. Chen, and K. Zhao,“Cyber-physical-social system in intelligent transportation,”
IEEE/CAAJournal of Automatica Sinica , vol. 2, no. 3, pp. 320–333, 2015.[4] Y. Mo, T. H.-J. Kim, K. Brancik, D. Dickinson, H. Lee, A. Perrig, andB. Sinopoli, “Cyber–physical security of a smart grid infrastructure,”
Proceedings of the IEEE , vol. 100, no. 1, pp. 195–209, 2011.[5] R. Langner, “Stuxnet: Dissecting a cyberwarfare weapon,”
IEEE Security& Privacy , vol. 9, no. 3, pp. 49–51, 2011.[6] J. Slay and M. Miller, “Lessons learned from the maroochy waterbreach,” in
International Conference on Critical Infrastructure Protec-tion . Springer, 2007, pp. 73–82. [7] D. P. Shepard, J. A. Bhatti, and T. E. Humphreys, “Drone hack: Spoofingattack demonstration on a civilian unmanned aerial vehicle,” 2012.[8] R. M. Lee, M. J. Assante, and T. Conway, “German steel mill cyberattack,”
Industrial Control Systems , vol. 30, p. 62, 2014.[9] Y. Mo and B. Sinopoli, “Integrity attacks on cyber-physical systems,”in
Proceedings of the 1st international conference on High ConfidenceNetworked Systems . ACM, 2012, pp. 47–54.[10] F. Pasqualetti, F. Dorfler, and F. Bullo, “Control-theoretic methods forcyberphysical security: Geometric principles for optimal cross-layerresilient control systems,”
IEEE Control Systems Magazine , vol. 35,no. 1, pp. 110–127, 2015.[11] H. Fawzi, P. Tabuada, and S. Diggavi, “Secure estimation and control forcyber-physical systems under adversarial attacks,”
IEEE Transactions onAutomatic control , vol. 59, no. 6, pp. 1454–1467, 2014.[12] M. Pajic, I. Lee, and G. J. Pappas, “Attack-resilient state estimation fornoisy dynamical systems,”
IEEE Transactions on Control of NetworkSystems , vol. 4, no. 1, pp. 82–92, 2016.[13] Y. H. Chang, Q. Hu, and C. J. Tomlin, “Secure estimation based kalmanfilter for cyber–physical systems against sensor attacks,”
Automatica ,vol. 95, pp. 399–412, 2018.[14] D. Ding, Q.-L. Han, Y. Xiang, X. Ge, and X.-M. Zhang, “A surveyon security control and attack detection for industrial cyber-physicalsystems,”
Neurocomputing , vol. 275, pp. 1674–1683, 2018.[15] F. Pasqualetti, F. D¨orfler, and F. Bullo, “Attack detection and identifica-tion in cyber-physical systems,”
IEEE transactions on automatic control ,vol. 58, no. 11, pp. 2715–2729, 2013.[16] Y. Mo and B. Sinopoli, “On the performance degradation of cyber-physical systems under stealthy integrity attacks,”
IEEE Transactionson Automatic Control , vol. 61, no. 9, pp. 2618–2624, 2015.[17] Y. Chen, S. Kar, and J. M. Moura, “Optimal attack strategies subject todetection constraints against cyber-physical systems,”
IEEE Transactionson Control of Network Systems , vol. 5, no. 3, pp. 1157–1168, 2017.[18] Z. Xu and Q. Zhu, “Cross-layer secure and resilient control of delay-sensitive networked robot operating systems,” in . IEEE, 2018, pp.1712–1717.[19] W. Luo, T. Hu, C. Zhang, and Y. Wei, “Digital twin for cnc machinetool: modeling and using strategy,”
Journal of Ambient Intelligence andHumanized Computing , vol. 10, no. 3, pp. 1129–1140, 2019.[20] F. Tao, J. Cheng, Q. Qi, M. Zhang, H. Zhang, and F. Sui, “Digital twin-driven product design, manufacturing and service with big data,”
TheInternational Journal of Advanced Manufacturing Technology , vol. 94,no. 9-12, pp. 3563–3576, 2018.[21] B. Bielefeldt, J. Hochhalter, and D. Hartl, “Computationally efficientanalysis of sma sensory particles embedded in complex aerostructuresusing a substructure approach,” in
ASME 2015 Conference on SmartMaterials, Adaptive Structures and Intelligent Systems . AmericanSociety of Mechanical Engineers Digital Collection, 2016.[22] M. H. Manshaei, Q. Zhu, T. Alpcan, T. Bacs¸ar, and J.-P. Hubaux, “Gametheory meets network security and privacy,”
ACM Computing Surveys(CSUR) , vol. 45, no. 3, p. 25, 2013.[23] S. Shen, Y. Li, H. Xu, and Q. Cao, “Signaling game based strategyof intrusion detection in wireless sensor networks,”
Computers &Mathematics with Applications , vol. 62, no. 6, pp. 2404–2416, 2011.[24] J. Pawlick, E. Colbert, and Q. Zhu, “Modeling and analysis of leakydeception using signaling games with evidence,”
IEEE Transactions onInformation Forensics and Security , vol. 14, no. 7, pp. 1871–1886, 2018.[25] A. Papoulis and S. U. Pillai,
Probability, random variables, and stochas-tic processes . Tata McGraw-Hill Education, 2002.[26] A. Teixeira, D. P´erez, H. Sandberg, and K. H. Johansson, “Attack modelsand scenarios for networked control systems,” in
Proceedings of the1st international conference on High Confidence Networked Systems .ACM, 2012, pp. 55–64.[27] Y. Liu, P. Ning, and M. K. Reiter, “False data injection attacks againststate estimation in electric power grids,”
ACM Transactions on Informa-tion and System Security (TISSEC) , vol. 14, no. 1, p. 13, 2011.[28] C. Tankard, “Advanced persistent threats and how to monitor and deterthem,”
Network security , vol. 2011, no. 8, pp. 16–19, 2011.[29] M. Bellare, J. Kilian, and P. Rogaway, “The security of the cipher blockchaining message authentication code,”
Journal of Computer and SystemSciences , vol. 61, no. 3, pp. 362–399, 2000.[30] R. C. Merkle, “A certified digital signature,” in