# IEEE Systems, Man and Cybernetics Magazine - April 2021 - 39

```devices' measured data for a short period of time when a
system is in a steady-state condition. Then, they replay
the recorded data while undertaking to hide the attack
effects [76], [77].
Mathematical Models of Attacks
In this section, we present mathematical models of certain
attacks. The models could be used to study attack detection
and identification as well as attack-resilient CPS designs.
DoS Attacks
DoS attacks involve service interruptions that lead to
packet losses. They can compromise every sensor and
actuator. Therefore, an attack on sensor i in the system in
(1) can be formulated as follows:

yu i (k) = (

c(k) y i (k), k s # k # k f
, (2)
y i (k),
else

where yu i (k) is kth compromised measurement observed
by sensor i. Here, y i (k) is the kth measurement observed
by sensor i, and k s and t f are the times at which the
attack was initiated and concluded, respectively. The variable c(k) ! R presents stochastic sequences that take values of one and zero with Bernoulli distributions. These
forms are often considered in DoS attacks to model measurements missing due to packet losses [9]. It is supposed
that c(k) is independent of w(k), v(k), and x(0). Similarly,
a DoS attack on actuator i can be defined as follows:

c(k) u i (k), k s # k # k f
uu i (k) = (
, (3)
u i (k),
else

where uu i (k) is the kth compromised signal of input i and
u i (k) is the kth control signal at input i.
Models of Deception Attacks
During a deception attack, data sensors and actuators are
corrupted. Consider that sensor i in the system in (1) is
experiencing a deception attack. The following formulation describes the situation [26], [58], [66]:

yu i (k) = (

y i (k) + a(k), k s # k # k f
, (4)
y i (k),
else

where yu i (k) is the kth compromised measurement
observed by sensor i. Similarly, y i (k) is the kth measurement observed by sensor i. Finally, a(k) is kth attack
value introduced by the attackers. Similarly, deception
attack on actuator i can be represented as follows:

uu i (k) = (

u i (k) + b (k), k s # k # k f
, (5)
u i (k),
else

where uu i (k) is the kth compromised signal of input i,
u i (k) is the kth signal of input i, and b(k) is the kth
attack value.

Secure Control Strategies
This section presents secure control techniques for detecting cyberattacks. In the literature, secure control techniques are also known as intrusion detectors [78]. Intrusion
detection techniques are divided into two categories: 1) network-based and 2) estimation-based. Network-based methods monitor traffic and check Internet protocols [79]. They
investigate Ethernet packets and employ rules to judge
whether or not there is an attack. This class of techniques
falls under IT-related practices and will not be pursued further in this review. Estimation-based approaches examine
relationships between measurements from various instruments, such as sensors and actuators, to identify deviations
from normal behavior. Generally, secure control strategies
and estimation-based intrusion detectors can be classified
into two classes, consisting of model-based and data-driven
techniques, as discussed in the following sections.
Model-Based Methods
Model-based techniques assume that a mathematical
model of a system is available. They often apply estimation
methods to observe a system's state and create analytical
redundancy for attack detection. Kalman filtering
approaches [e.g., the Kalman filter (KF) [80]-[84] and the
unscented KF (UKF) [85]), observer-based methods [86]-
[89], and sliding mode observation [90] are common examples, which are investigated in the following.
Kalman Filtering-Based Techniques
Kalman filtering approaches utilize the state-space model
introduced in (1) and apply an optimal recursive algorithm
using current measurements and previously estimated
states. They provide accurate estimates of state vectors
and are computationally efficient, as past measurements
are not required [91]. Chen et al. [92] develop an optimal
attack strategy with an explicit bound on detection for
CPSs. They consider a linear CPS with process and measurement noise, applying a linear quadratic Gaussian
(LQG) controller and a Kalman filtering method to control
and estimate the state. An |2 detector that uses a Kalman
filtering technique is applied to detect an attack whenever
the energy of |2 exceeds a threshold. However, it is possible to get around this scheme, and the |2 detector may fail
to observe an attack. From an attacker's perspective, an
attack can be organized on the CPS by optimizing a cost
function, including the distance between the state and the
target. To have a stealthy attack, the probability of a successful attack must be equal to the detector's false alarm
rate. In this case, the optimal attack strategy is driven as
linear feedback of the augmented system. Subsequently,
they perform a simulation study using a remotely controlled helicopter. The results prove that attacks can be
successful against the system.
In [93], another deception attack is launched on a linear
system with smart sensor nodes. Similarly, a residual generation algorithm using a Kalman filtering method is
Ap ri l 2021

IEEE SYSTEMS, MAN, & CYBERNETICS MAGAZINE

39

```

# IEEE Systems, Man and Cybernetics Magazine - April 2021

## Table of Contents for the Digital Edition of IEEE Systems, Man and Cybernetics Magazine - April 2021

contents
IEEE Systems, Man and Cybernetics Magazine - April 2021 - Cover1
IEEE Systems, Man and Cybernetics Magazine - April 2021 - Cover2
IEEE Systems, Man and Cybernetics Magazine - April 2021 - contents
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 2
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 3
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 4
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 5
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 6
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 7
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 8
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 9
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 10
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 11
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 12
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 13
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 14
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 15
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 16
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 17
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 18
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 19
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 20
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 21
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 22
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 23
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 24
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 25
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 26
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 27
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 28
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 29
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 30
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 31
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 32
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 33
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 34
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 35
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 36
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 37
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 38
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 39
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 40
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 41
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 42
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 43
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 44
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 45
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 46
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 47
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 48
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 49
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 50
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 51
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 52
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 53
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 54
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 55
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 56
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 57
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 58
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 59
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 60
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 61
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 62
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 63
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 64
IEEE Systems, Man and Cybernetics Magazine - April 2021 - Cover3
IEEE Systems, Man and Cybernetics Magazine - April 2021 - Cover4
https://www.nxtbook.com/nxtbooks/ieee/smc_202301
https://www.nxtbook.com/nxtbooks/ieee/smc_202210
https://www.nxtbook.com/nxtbooks/ieee/smc_202207
https://www.nxtbook.com/nxtbooks/ieee/smc_202204
https://www.nxtbook.com/nxtbooks/ieee/smc_202201
https://www.nxtbook.com/nxtbooks/ieee/smc_202110
https://www.nxtbook.com/nxtbooks/ieee/smc_202107
https://www.nxtbook.com/nxtbooks/ieee/smc_202104
https://www.nxtbook.com/nxtbooks/ieee/smc_202101
https://www.nxtbook.com/nxtbooks/ieee/smc_202010
https://www.nxtbook.com/nxtbooks/ieee/smc_202007
https://www.nxtbook.com/nxtbooks/ieee/smc_202004
https://www.nxtbook.com/nxtbooks/ieee/smc_202001
https://www.nxtbook.com/nxtbooks/ieee/smc_201910
https://www.nxtbook.com/nxtbooks/ieee/smc_201907
https://www.nxtbook.com/nxtbooks/ieee/smc_201904
https://www.nxtbook.com/nxtbooks/ieee/smc_201901
https://www.nxtbook.com/nxtbooks/ieee/smc_201810
https://www.nxtbook.com/nxtbooks/ieee/smc_201807
https://www.nxtbook.com/nxtbooks/ieee/smc_201804
https://www.nxtbook.com/nxtbooks/ieee/smc_201801
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_1017
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0717
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0417
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0117
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_1016
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0716
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0416
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0116
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_1015
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0715
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0415
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0115
https://www.nxtbookmedia.com