The problem of state estimation in the setting of partially-observed discrete event systems subject to cyber attacks is considered. An operator observes a plant through a natural projection that hides the occurrence of certain events. The objective of the operator is that of estimating the current state of the system. The observation is corrupted by an attacker which can tamper with the readings of a set of sensors thus inserting some fake events or erasing some observations. The aim of the attacker is that of altering the state estimation of the operator. An automaton, called joint estimator, is defined to describe the set of all possible attacks. In more details, an unbounded joint estimator is obtained by concurrent composition of two state observers, the attacker observer and the operator observer. The joint estimator shows, for each possible corrupted observation, the joint state estimation, i.e., the set of states consistent with the uncorrupted observation and the set of states consistent with the corrupted observation. Such a structure can be used to establish if an attack function is harmful w.r.t. a misleading relation. Our approach is also extended to the case in which the attacker may insert at most n events between two consecutive observations.
翻译:在设置受到网络攻击的局部离散事件系统时,考虑国家估计的问题。操作员通过自然预测观察工厂,隐藏某些事件的发生。操作员的目标是估计系统的目前状况。观察被攻击者腐蚀,攻击者可以篡改一套传感器的读数,从而插入一些假事件或消除一些观测结果。攻击者的目的是改变操作员的国家估计情况。一个称为联合估计器的自动测量器被定义为描述所有可能攻击的一组情况。在更多的细节中,通过由两名国家观察员、攻击者观察员和操作者观察员同时组成,获得一个未受限制的联合估计器。联合估计器显示,对于每一种可能的腐蚀观察,联合估计器都显示联合国家估计,即,国家组与未受干扰的观察相一致,国家组与腐败观察相一致。这种结构可以用来确定攻击功能是否有害 w.r.t. 。在两次连续的观测中,我们的方法也可以扩展为两次攻击事件之间的连续观测。