Skip to Main content Skip to Navigation
Conference papers

Sequential detection of cyber-physical attacks on industrial systems

Abstract : It is assumed that the observations represent a linear superposition of unknown nuisance parameters (stochastic or deterministic), random noise and a system parameter abruptly changing its current value from nominal to abnormal at an unknown but non-random change-point. It is assumed that this statistical model characterizes the cyber-physical attacks on industrial systems, like SCADA. The negative impact of unknown nuisance parameter on the detector is eliminated by utilizing the invariant statistics technique or statistical filtering technique. The statistical decision problem is formulated as a detection of abruptly arriving transient changes of finite duration. The criterion of optimality seeks to minimize the worst-case probability of missed detection subject to an acceptable level of the worst-case probability of false alarm within a given time period. To solve the problem, an optimal solution in a subclass of open-ended sequential tests with variable thresholds is proposed. The Variable Threshold Window Limited CUmulative SUM (VTWL CUSUM) test, previously developed for independent observations, is adapted now to the observation model with nuisance parameters. Finally, the variable threshold of the VTWL CUSUM test is optimized with respect to the optimality criterion and the probabilities of missed detection and false alarm are studied.
Document type :
Conference papers
Complete list of metadata
Contributor : Jean-Baptiste Vu Van Connect in order to contact the contributor
Submitted on : Tuesday, June 30, 2020 - 9:41:15 AM
Last modification on : Tuesday, December 7, 2021 - 4:10:50 PM


  • HAL Id : hal-02884669, version 1



van Long Do, Lionel Fillatre, Igor Nikiforov. Sequential detection of cyber-physical attacks on industrial systems. JSM 2016 (Joint Statistical Meeting), Jul 2016, Chicago, United States. ⟨hal-02884669⟩



Record views