This paper proposes a passive methodology for
detecting a class of stealthy intermittent integrity attacks in
cyber-physical systems subject to process disturbances and measurement
noise. A stealthy intermittent integrity attack strategy is
first proposed by modifying a zero-dynamics attack model. The
stealthiness of the generated attacks is rigorously investigated
under the condition that the adversary does not know precisely
the system state values. In order to help detect such attacks,
a backward-in-time detection residual is proposed based on an
equivalent quantity of the system state change, due to the attack,
at a time prior to the attack occurrence time. A key characteristic
of this residual is that its magnitude increases every time a new
attack occurs. To estimate this unknown residual, an optimal
fixed-point smoother is proposed by minimizing a piece-wise
linear quadratic cost function with a set of specifically designed
weighting matrices. The smoother design guarantees robustness
with respect to process disturbances and measurement noise,
and is also able to maintain sensitivity as time progresses to
intermittent integrity attack by resetting the covariance matrix
based on the weighting matrices. The adaptive threshold is
designed based on the estimated backward-in-time residual,
and the attack detectability analysis is rigorously investigated
to characterize quantitatively the class of attacks that can be
detected by the proposed methodology. Finally, a simulation
example is used to demonstrate the e ectiveness of the developed
methodology.
