A Zero-stealthy Attack for Sampled-data Control Systems via Input Redundancy

Abstract: In this paper, we introduce a new vulnerability of cyber-physical systems to malicious attack. It arises when the physical plant, that is modeled as a continuous-time LTI system, is controlled by a digital controller. In the sampled-data framework, most anomaly detectors monitor the plant's output only at discrete time instants, and thus, nothing abnormal can be detected as long as the sampled output behaves normal. This implies that if an actuator attack drives the plant's state to pass through the kernel of the output matrix at each sensing time, then the attack compromises the system while remaining stealthy. We show that this type of attack always exists when the sampled-data system has an input redundancy, i.e., the number of inputs being larger than that of the outputs or the sampling rate of the actuators being higher than that of the sensors. Simulation results for the X-38 vehicle and for the other numerical examples illustrate this new attack strategy possibly brings disastrous consequences.