Security index based on perfectly undetectable attacks: Graph-theoretic conditions

The notion of security index quantifies the least effort involved in conducting perfectly undetectable attacks. Thus, the security index enables a systems operator to assess the vulnerability of a component, informs sensor placement strategies, and helps in deciding the feasibility of secure estimators and fault detectors. In this paper, we investigate the (possible) variation in this index as a consequence of variation in the system parameters. To this end, we adopt a structured systems approach, typically represented by a directed graph, with the edges of the said graph being in one-to-one correspondence with the system parameters. We first show that the security index is generic. That is, for almost all choices of edge weights, the security index of a component remains the same. We refer to such an index as the generic security index. Secondly, we derive graph-theoretic conditions (and based on those an algorithm) for computing the generic security index. Third, we provide graph-theoretic conditions for computing lower (resp. upper) bounds on the values that the security index of a component can take for all nonzero choices of the edge weights of the directed graph. Finally, we provide a brute force search method for calculating the said bounds.