Structural analyses of a parsimonious watermarking policy for data deception attack detection in networked control systems.

In this paper, we perform structural analyses of a parsimonious watermarking policy, which minimizes the average detection delay (ADD) to detect data deception attacks on networked control systems (NCS) for a fixed upper bound on the false alarm rate (FAR). The addition of physical watermarking to the control input of a NCS increases the probability of attack detections with an increase in the control cost. Therefore, we formulate the problem of data deception attack detection for NCS with the facility to add physical watermarking as a stochastic optimal control problem. Then we solve the problem by applying dynamic programming value iterations and find a parsimonious watermarking policy that decides to add watermarking and detects attacks based on the estimated posterior probability of attack. We analyze the optimal policy structure and find that it can be a one, two or three threshold policy depending on a few parameter values. Simulation studies show that the optimal policy for a practical range of parameter values is a two-threshold policy on the posterior probability of attack. Derivation of a threshold-based policy from the structural analysis of the value iteration method reduces the computational complexity during the runtime implementation and offers better structural insights. Furthermore, such an analysis provides a guideline for selecting the parameter values to meet the design requirements.