Detecting Switching Attacks On Traffic Flow Regulation For Changing Driving Patterns (2505.23033v1)

Abstract: Modern traffic management systems increasingly adopt hierarchical control strategies for improved efficiency and scalability, where a local traffic controller mode is chosen by a supervisory controller based on the changing large-scale driving patterns. Unfortunately, such local metering controllers are also vulnerable to cyberattacks that can disrupt the controller switching, leading to undesired, inefficient, and even unsafe traffic operations. Additionally, the detection of such attacks becomes challenging when the operational mode of the traffic is uncertain and the operational mode identification is delayed. Thus, in this work, we propose a cyberattack detection scheme to detect the compromised controller switching in ramp metering for an uncertain, multimodal macroscopic traffic operation of a freeway segment. In particular, we propose a bank of detectors corresponding to each admissible traffic mode that can compensate for the uncertain traffic mode of the freeway. Furthermore, we utilize backstepping tools along with Lyapunov function theory to achieve analytical performance guarantees for the detector, such as nominal exponential stability, anomaly/uncertainty-to-residual stability, robustness, and sensitivity. Finally, we demonstrate the efficacy of the proposed detection scheme through simulations of free traffic under realistic traffic parameters, uncertainties, and commonly occurring attack scenarios.