Resilient Estimation Against Sparse Integrity Attack

Zishuo Li 李子硕

Department of Automation, Tsinghua University

D-COS Zhizhen Academic Forum for Postgraduates, Dec 19, 2021

Table of Contents


BACKGROUND: Security Problem of Estimation

Safety Critical Industries

  • High safety requirements.
  • More vulnerable System
    • Modern control systems are becoming more open to the cyber-world.
    • More intelligent algorithms.

Threats:

Malicious Attack:

Malfunctioning components:

Diverse environment:
Requires safety-concerned estimators.

Resilient Estimation

Figure

Figure

Problem Formulation

  • System equation:

    $$ x(k+1)=Ax(k)+w(k), $$

    where $x(k)\in{\color{var(--myred)}{\mathbb{R}^n}}$, $w(k)\sim\mathcal{N}(0,Q)$.
  • Measurement equation of sensor $i$:

    $$ y_i(k)=C_ix(k)+v_i(k)+a_i(k). $$

  • Full measurement equation:

    $$ y(k)=Cx(k)+v(k)+a(k), $$

    • where

    $$ y(k)\triangleq \begin{bmatrix} y_1(k)\\ \vdots\\ y_m(k) \end{bmatrix}\in {\color{var(--myred)}\mathbb{R}^m}, C\triangleq \begin{bmatrix} C_1\\ \vdots\\ C_m \end{bmatrix}, v(k)\triangleq \begin{bmatrix} v_1(k)\\ \vdots\\ v_m(k) \end{bmatrix}\sim\mathcal{N}(0,R), a(k)\triangleq \begin{bmatrix} a_1(k)\\ \vdots\\ a_m(k) \end{bmatrix} $$

  • $(A,C)$ is observable. Note that $(A, C_i)$ is not necessarily observable.
  • Each sensor needs to estimate the state $x$.

Resilient Estimation vs Robust Estimation

Robust Estimation

  • (Uncertain) system model
  • Full state noise / disturbance
  • (Partly) Known noise / disturbance statistic property

    • Resilient Estimation

  • Known system model
  • Uncertain Sparse disturbance
  • Know nothing about disturbance (can be infinitely large)
    • Resilient:

    1. 只有部分传感器有问题

    2. 不知道是哪些传感器有问题

    3. 有问题传感器观测可被任意篡改

    Sparse Attack

    The attack is called a $p$-sparse attack if the vector sequence $a(k)$ satisfy that, there exists a time invariant index set $\mathcal{I}\subseteq \mathcal{R}\triangleq\{1,2,\cdots,m\} $ with $|\mathcal{I}| = p$ such that $\bigcup_{k=1}^{\infty} \text{supp}\left\{a(k)\right\} = \mathcal{I}$.
  • 一共只有最多p个传感器受到攻击

    • Sparse Observability/Detectability

    System $(A,C)$ is $s$-sparse observable (detectable) if system $(A,C_{\mathcal{I}\setminus\mathcal{C}})$ is observable (detectable) for any set of sensors $\mathcal{C}$ with cardinality $|\mathcal{C}| = s$.
  • 去掉任意$p$个传感器后系统仍然可观/可测

    • Estimator without attack

    Kalman filter is the optimal estimator in an LTI Gaussian system. $$ \begin{aligned} \hat x(k|k-1)&=A\hat x(k-1),\\ P(k|k-1)&=AP(k-1)A^T+Q,\\ K(k)&=P(k|K-1)C^T[CP(k|k-1)C^T+R]^{-1},\\ \hat x(k)&=\hat x(k|k-1)+K(k)[y(k)-C\hat x(k|k-1)],\\ P(k)&=[I-K(k)C]P(k|k-1), \end{aligned} $$ where $\hat x(0)=0$ and $P(0)=\Sigma$.

    Security of Linear Estimator

      \( \begin{align} \hat{x}(k+1)&=(A-K C A) \hat{x}(k)+K y(k+1),\\ &=(A-K C A) \hat{x}(k)+\left[\begin{array}{c|c|c}K_1&\vdots&K_m \end{array}\right]\begin{bmatrix}y_1(k+1)\\ \vdots\\y_m(k+1)\end{bmatrix},\\ &=(A-K C A) \hat{x}(k)+\sum_{i=1}^m K_i y_i(k+1), \end{align} \)

    Information Flow of Our Proposed Estimator

    Assumption 1

  • The matrix $A$ is nonsingular and in Jordan canonical form.
  • The matrix $A − KCA$ and matrix $A$ do not share any eigenvalue.

    • Remark

  • It does not lose generality, since we can perform invertible linear transformation $T$ on state $x$ and study the following system instead: \begin{align*} \bar{x}(k)&= \bar{A} \bar{x}(k) + TB\bar{x}(k)+Tw(k), \\ y(k)&=CT^{-1}\bar{x}(k)+v(k)+a(k) , \end{align*} where $\bar{A}\triangleq TAT^{-1}$ is similar to $A$ and $\bar{x}=Tx$.
  • Since $(A,CA)$ is observable, we can freely assign the eigenvalues of $A-KCA$ by choosing $K$ to avoid the eigenvalues of $A$.

    • Local Estimator Design

    $$ \hat{x}(k+1)=(A-KCA)\hat{x}(k)+\sum_{i=1}^m K_i y_i(k+1). $$
    $$ \zeta_i(k+1)=\Lambda \zeta_i(k) + \mathbf{1}_n y_i(k+1). $$
    (where $\Lambda$ is the Jordan canonical form of $A-KCA$.) And $F_i$ is designed such that $\hat{x}$ can be recovered by a linear combination of $\zeta_i$: $$ \hat{x}(k)=F_1 \zeta_1(k)+F_2 \zeta_2(k)+\cdots+F_m\zeta_m(k),\ \forall k. $$

    From Linear Combination to Resilient Fusion

      The linear combination is not safe since one corrupted $\zeta_i$ may corrupt the $\tilde{x}$.
      We replace the linear combination to a resilient fusion scheme.
    What is $\zeta_i$ estimating ?

    Lemma 1

    The local estimation $\zeta_i(k)$ is a stable estimation of $G_ix(k)$ where $G_i$ is defined as following and the residue $\epsilon_i(k)\triangleq \zeta_i(k)-G_ix(k)$ satisfy: $$ \epsilon_i(k+1)=\Lambda\epsilon_i(k) - (G_i-\mathbf{1}_n C-i) w_i(k)+ \mathbf{1}_n v_i(k)+\mathbf{1}_n a_i(k), $$ and

    $$ G_i=\begin{bmatrix} G_{1,i}\\ \vdots \\ G_{p,i} \end{bmatrix}\in\mathbb{C}^{n\times n},\; G_{l, i}=\left[\begin{array}{c} C_{i} A\left(A-\lambda_{l} I\right)^{-n_{l}}+\cdots+C_{i} A\left(A-\lambda_{l} I\right)^{-1} \\ \vdots \\ C_{i} A\left(A-\lambda_{l} I\right)^{-2}+C_{i} A\left(A-\lambda_{l} I\right)^{-1} \\ C_{i} A\left(A-\lambda_{l} I\right)^{-1} \end{array}\right]\in\mathbb{C}^{n_{l} \times n} . $$

    Least Square Fusion Scheme

    $$\epsilon_{i}(k+1)= \Lambda \epsilon_{i}(k)\underbrace{-\left(G_{i}-\mathbf{1}_{n} C_{i}\right) w(k) +\mathbf{1}_{n} v_{i}(k+1)}_{\text{noise term}} \underbrace{+\mathbf{1}_{n} a_{i}(k+1)}_{\text{attack term}} .$$

    Define $\tilde{W}$ as the stable covariance of $\left[\epsilon_1'(k) \cdots \epsilon_m'(k)\right]'$ when $a(k)=0$, then $\tilde{W}$ satisfy $$ \tilde{W}=\begin{bmatrix}\Lambda&&\\ &\ddots&\\ &&\Lambda \end{bmatrix} \tilde{W} \begin{bmatrix}\Lambda&&\\ &\ddots&\\ &&\Lambda \end{bmatrix} + \text{Cov}(\text{noise term}),$$ We have the following least square problem: \begin{align} &\underset{\check{x}(k), \mu(k)}{\operatorname{minimize}} \mu(k)' \tilde{W}^{-1} \mu(k)\\ &\text {subject to } \begin{bmatrix} \hat{\zeta}_{1}(k) \\ \vdots \\ {\zeta}_{m}(k) \end{bmatrix}= \begin{bmatrix} {G}_{1} \\ \vdots \\ {G}_{m} \end{bmatrix} \check{x}(k)+\mu(k) . \end{align}

    Least Square Fusion Scheme

    \begin{align} &\underset{\check{x}(k), \mu(k)}{\operatorname{minimize}} \mu(k)' \tilde{W}^{-1} \mu(k)\\ &\text {subject to } \begin{bmatrix} \zeta_{1}(k) \\ \vdots \\ {\zeta}_{m}(k) \end{bmatrix}= \begin{bmatrix} {G}_{1} \\ \vdots \\ {G}_{m} \end{bmatrix} \check{x}(k)+\mu(k) . \end{align}

    Theorem 1

    In the absence of attack, i.e. $a(k)=\mathbf{0}$, the solution $\check{x}(k)$ of the above optimization problem coincides with the Kalman estimation, i.e., $\check{x}(k)=\hat{x}(k)$.

    LASSO Fusion Scheme

    \begin{align} &\underset{\tilde{x}(k), \mu(k)}{\operatorname{minimize}} \mu(k)' \tilde{W}^{-1} \mu(k) +\gamma \|\nu(k)\|_1\\ &\text {subject to } \begin{bmatrix} \zeta_{1}(k) \\ \vdots \\ {\zeta}_{m}(k) \end{bmatrix}= \begin{bmatrix} {G}_{1} \\ \vdots \\ {G}_{m} \end{bmatrix} \tilde{x}(k)+\mu(k) +\nu(k). \end{align}

    We will prove in the following that:
  • In the absence of attack, our proposed estimation coincides with Kalman for centain probability, i.e. $$\mathbb{P}\left[\tilde{x}(k) = \hat{x}(k)\right]=f(\gamma).$$ And $f(\gamma)\rightarrow 1$ if $\gamma\rightarrow +\infty$.
  • In the presence of attack, our proposed estimation is resilient against $p$-sparse attack if one condition is satisfied.

    • Intuition of LASSO

    $$\min_{x,\mu,\nu} \frac{1}{2}\mu'\mu+\gamma\|\nu\|_1$$ $$s.t. Y=Hx +\mu+\nu$$ $$\min_{x,\nu} \frac{1}{2}\|Y-Hx-\nu\|_2^2+\gamma\|\nu\|_1$$
    If we define the following function: $$ f(r) \triangleq \underset{\nu}{\operatorname{min}} \ \frac{1}{2}\|r-\nu\|_{2}^{2} +\gamma\|\nu\|_{1} . $$ Then, one can easily prove that the optimization problem can be rewritten as follows: $$ \underset{x}{\min } f\left(Y-H x\right) . $$

    Intuition of LASSO

    $$\min_{x,\mu} \frac{1}{2}\mu'\mu$$ $$s.t. \begin{bmatrix}-1\\ 1 \\10\end{bmatrix}=\begin{bmatrix}1\\ 1 \\1\end{bmatrix}x +\mu$$ $$\min_{x} \frac{1}{2}\left[(x+1)^2+(x-1)^2+(x-10)^2\right]$$
    $$\min_{x,\mu} \frac{1}{2}\mu'\mu+\|\nu\|_1$$ $$s.t. \begin{bmatrix}-1\\ 1 \\10\end{bmatrix}=\begin{bmatrix}1\\ 1 \\1\end{bmatrix}x +\mu+\nu$$ $$\min_{x} f(x+1)+f(x-1)+f(x-10)$$ $$f(r) \triangleq \underset{\nu}{\operatorname{min}} \ \frac{1}{2}\|r-\nu\|_{2}^{2} +\gamma\|\nu\|_{1}$$

    LASSO Fusion Scheme

    \begin{align} &\underset{\tilde{x}(k), \mu(k)}{\operatorname{minimize}} \mu(k)' \tilde{W}^{-1} \mu(k) +\gamma \|\nu(k)\|_1\\ &\text {subject to } \begin{bmatrix} \zeta_{1}(k) \\ \vdots \\ {\zeta}_{m}(k) \end{bmatrix}= \begin{bmatrix} {G}_{1} \\ \vdots \\ {G}_{m} \end{bmatrix} \tilde{x}(k)+\mu(k) +\nu(k). \end{align}

    We will prove in the following that:
  • In the absence of attack, our proposed estimation coincides with Kalman for centain probability, i.e. $$\mathbb{P}\left[\tilde{x}(k) = \hat{x}(k)\right]=f(\gamma).$$ And $f(\gamma)\rightarrow 1$ if $\gamma\rightarrow +\infty$.
  • In the presence of attack, our proposed estimation is resilient against $p$-sparse attack if one condition is satisfied.

    • Theorem 2 (Optimality without attack)

    The solution $\tilde{x}(k)$ of the above optimization equals to Kalman estimation $\hat{x}(k)$ if the following condition is satisfied: $$ \left\|\tilde{W}^{-1}\left(I-\left[\begin{array}{c} {G}_{1} \\ \vdots \\ {G}_{m} \end{array}\right]\left[\begin{array}{lll} {F}_{1} & \ldots & {F}_{m} \end{array}\right]\right) \left(\zeta(k)-Gx(k)\right)\right\| \leq \gamma $$

    Remark

  • The probability of this inequality holds can be explicity calculated given system parameters.
  • By tuning design parameter $\gamma$, the probability of recovering the Kalman estimation can be adjusted.

    • Theorem 3 (Security under attack)

    The solution $\tilde{x}(k)$ of the above optimization problem is resilient against $p$-sparse attack if the following condition is satisfied: $ \forall x\in\mathbb{R}^n , x\neq 0, \forall \mathcal{C}$ with $|\mathcal{C}|=p,$ $$ \sum_{i\in\mathcal{C}} \|G_i x \|_1 < \sum_{i\in\mathcal{I}\setminus\mathcal{C}} \|G_i x \|_1. $$ Moreover, the estimation covariance upper bound is monotone increasing w.r.t $\gamma$.

    Remark

  • $\gamma \rightarrow +\infty$ better performance without attack, poor performance under attack.
  • $\gamma \rightarrow 0\quad$ poor performance without attack, better performance under attack.

    • Problem and Improvement

    Problems of this result

    $ \forall x\in\mathbb{R}^n , x\neq 0, \forall \mathcal{C}$ with $|\mathcal{C}|=p,$ $$ \sum_{i\in\mathcal{C}} \|G_i x \|_1 < \sum_{i\in\mathcal{I}\setminus\mathcal{C}} \|G_i x \|_1. $$
  • Computational complexity: actually NP-hard.
  • Not necessary: do not achieve fundamental limit:
    • Define the observability matrix as

    $$O_i\triangleq\left[\begin{array}{c} C_{i} \\ C_{i} A \\ \vdots \\ C_{i} A^{n-1} \end{array}\right].$$

    The observable subspace with respect to sensor $i$ is $\text{Row}(O_i)=\text{Span} \left[C'_{i},(C_{i}A)',\cdots,\left(C_{i} A^{n-1}\right){'}\right]$. We have proved the following theorem:

    Theorem 4

    When all the eigenvalues of $A$ have geometric multiplicity $1$, then

    $$\text{Row}(O_i)=\text{Row}(G_i)=\text{Row}(H_i),$$ where $$H_i=\begin{bmatrix}\mathbb{I}\{O^{(1)}_i\neq 0\} && \\ &\ddots& \\ &&\mathbb{I}\{O^{(n)}_i\neq 0\}\end{bmatrix}.$$

    Corollary 4.1

    There exists an invertible $n\times n$ matrix $P_i$ such that $P_iG_i=H_i$.

    Corollary 4.2

    If the sparse observability index of system $(A,C)$ is $s$, then \begin{equation}\label{eq:calc_index} s=\min_{j=1,\cdots,n} \sum_{i\in\mathcal{I}}\mathbb{I}\{O^{(j)}_i\neq 0\} -1. \end{equation}
    Define $\tilde{P} \triangleq \text{diag}\left(P_1,\cdots,P_m\right),\ \tilde{M}\triangleq\tilde{P}\tilde{W}\tilde{P}{'}$, we have the following optimization problem:

    \begin{align} &\underset{\tilde{x}(k), \mu(k)}{\operatorname{minimize}} \mu(k)' \tilde{M}^{-1} \mu(k) +\gamma \|\nu(k)\|_1\\ &\text {subject to } \begin{bmatrix} P_1\zeta_{1}(k) \\ \vdots \\ P_m{\zeta}_{m}(k) \end{bmatrix}= \begin{bmatrix} {H}_{1} \\ \vdots \\ {H}_{m} \end{bmatrix} \tilde{x}(k)+\mu(k) +\nu(k). \end{align}

    Theorem 5

    When all the eigenvalues of $A$ have geometric multiplicity $1$, the solution $\tilde{x}(k)$ of the above optimization problem is resilient against $p$-sparse attack if the system sparse observability index $s$ satisfy $s\geq 2p$.
  • Step 1 done !
  • Computational complexity reduced to NP.

    • Improvement from observability to detectability

    Since the stable states will finally converge to 0, the estimation of stable states can be trivially secure. We can further relax our condition to $2p$-sparse detectable.

    Separate matrix $A$ into two parts: \begin{equation*} A=\left[\begin{array}{c} A^\mathcal{U} \ | \ \ A^\mathcal{S}\end{array}\right] ,\ \ x= \left[\begin{array}{c} x^\mathcal{U} \\ x^\mathcal{S}\end{array}\right] \end{equation*}

    For example:

    Corollary 4.3

    When all the unstable eigenvalues of $A$ have geometric multiplicity $1$, then

    $$\text{Row}(O^\mathcal{U}_i)=\text{Row}(G^\mathcal{U}_i)=\text{Row}(H^\mathcal{U}_i),$$ where $$H^\mathcal{U}_i=\begin{bmatrix}\mathbb{I}\{O^{(1)}_i\neq 0\} && \\ &\ddots& \\ &&\mathbb{I}\{O^{(n_u)}_i\neq 0\}\end{bmatrix}.$$

    We proceed to deal with stable part.
    Terminology:
    All the unstable eigenvalues of $A$ have geometric multiplicity $1$ $\Leftrightarrow$ Regular linear system
    The least square problem we intend to solve looks like: \begin{align*} &\underset{x, \mu}{\operatorname{minimize}}\quad \frac{1}{2} \mu{'} \tilde{M}^{-1} \mu &\underset{x}{\operatorname{minimize}}\quad \frac{1}{2} \left({Y}-{H}x\right){'} \tilde{M}^{-1} \left({Y}-{H}x\right) \\ & \text{subject to }\quad {Y}= {H}x+\mu. \end{align*} We show the processing of state entries by a example where $n=2,m=1$ and ${H}=I_{2}$. Suppose $x_1$ is unstable entry and $x_2$ is stable entry. \begin{align*} &\frac{1}{2}\begin{bmatrix} Y_1-x_1\\Y_2-x_2 \end{bmatrix}'\tilde{M}^{-1} \begin{bmatrix} Y_1-x_1\\Y_2-x_2 \end{bmatrix}+\frac{1}{2}Y_2^2 =\frac{1}{2}\begin{bmatrix}Y_1-x_1\\Y_2-x_2\\Y_2 \end{bmatrix}'\begin{bmatrix} \tilde{M}^{-1} & 0\\ 0& I \end{bmatrix} \begin{bmatrix} Y_1-x_1\\Y_2-x_2\\Y_2 \end{bmatrix}\\ =&\frac{1}{2}\left(\begin{bmatrix} 1 & &\\&1&\\&1&1 \end{bmatrix}\begin{bmatrix}Y_1-x_1\\Y_2-x_2\\x_2 \end{bmatrix}\right)'\begin{bmatrix} \tilde{M}^{-1} & 0\\ 0& I \end{bmatrix} \left(\begin{bmatrix} 1 & &\\&1&\\&1&1 \end{bmatrix} \begin{bmatrix} Y_1-x_1\\Y_2-x_2\\x_2 \end{bmatrix}\right) \end{align*}
    By the aforementioned operation, we have the following two equivalent least square problems: \begin{align*} \underset{x}{\operatorname{minimize}}\quad \frac{1}{2} \left({Y}-{H}x\right){'} \tilde{M}^{-1} \left({Y}-{H}x\right) \end{align*} \begin{align*} \underset{x}{\operatorname{minimize}}\quad \frac{1}{2}\begin{bmatrix}{Y}-{H}x\\ x^\mathcal{S}\end{bmatrix}^{'} \widehat{M}^{-1} \begin{bmatrix}{Y}-{H}x\\ x^\mathcal{S}\end{bmatrix} \end{align*} and accordingly, two LASSO: \begin{align*} \underset{x,\nu}{\operatorname{minimize}}\quad \frac{1}{2} \left({Y}-{H}x-\nu\right){'} \tilde{M}^{-1} \left({Y}-{H}x-\nu\right) +\gamma\|\nu\|_1 \end{align*} \begin{align*} \underset{x,\nu}{\operatorname{minimize}}\quad \frac{1}{2}\begin{bmatrix}{Y}-{H}x-\nu\\ x^\mathcal{S}\end{bmatrix}^{'} \widehat{M}^{-1} \begin{bmatrix}{Y}-{H}x-\nu\\ x^\mathcal{S}\end{bmatrix}+\gamma\|\nu\|_1 \end{align*} They are equivalent when $\nu=0$.
    By placing $X^\mathcal{S}$ on the second order term, we can prove that estimation error covariance of $x^\mathcal{S}$ is always bounded. Define \begin{align*} &{N}\triangleq I_{m} \otimes \begin{bmatrix} \mathbf{0}_{n_s\times n_u} & I_{n_s} \end{bmatrix} \in \mathbb{R}^{mn_s\times mn },\ \mathcal{W}\triangleq \begin{bmatrix} \tilde{P}'^{-1}\tilde{W}^{-1}\tilde{P}^{-1} + {N}{'}{N} & {N}{'} \\ {N} & I \end{bmatrix}. \end{align*}

    Theorem 6

    When the system is regular, in the presence of arbitrary $p$-sparse attack, if the system $(A,C)$ is $2p$-sparse detectable, the estimation $\tilde{x}(k)$ solved from the following problem is secure. \begin{align}\label{pb:resilient_LASSO} \underset{{\tilde{x}}(k), \mu(k),\nu(k)}{\text{minimize}}&\quad \frac{1}{2} \begin{bmatrix} \mu(k) \\ {N} {H} \tilde{x}(k) \end{bmatrix}^{'} \mathcal{W} \begin{bmatrix} \mu(k) \\ {N} {H} \tilde{x}(k) \end{bmatrix} + \gamma\left\|\nu(k)\right\|_1 \\ \text { subject to }&\quad {Y} (k)= {H} \tilde{x}(k)+\mu(k)+\nu(k) . \end{align}

    Fundamental Limit

    If the system is not $2p$-sparse detectable, there exists a $p$-sparse attack strategy that no estimator is secure.

    Proof idea:

  • Find an attack that yields same $y(k)$ while with different $x(0)$.
  • When $x(0)=0$ attack sensors in set $\mathcal{C_1}$, when $x(0)=\xi$, attack sensors in set $\mathcal{C_2}$.
  • This $\xi$ can be found because $$ \bigcap_{i\in\mathcal{I}\setminus \mathcal{C_1}\cup\mathcal{C_2} }\operatorname{Ker}(O_i) \neq \varnothing.$$

    • Summary

    We proposed an resilient estimator in the presence of $p$ sparse attack for regular linear system.

    Theory:

  • No attack: Coincides with Kalman for certain probability.
  • With attack: Resilient when $2p$ detectable, achieve fundamental limit.

    • Application:

  • Accuracy
      • Can recover optimal Kalman without attack. Has bounded error covariance under attack. $\gamma$ balances them.
  • Efficiency
      • Off-line computation: easy to calculate sparse observability/detectability index.
      On-line computation: solve a strongly convex optimization problem.

    Simulation

    Figure

    Simulation

    $$A=\begin{bmatrix} 1 & 2.0\cdot 10^{-2} & -2.0\cdot 10^{-4} & 1.9\cdot 10^{-5}\\ 0 & 1.0\cdot 10^{0} & -2.0\cdot 10^{-2} & 1.8\cdot 10^{-3}\\ 0 & 1.0\cdot 10^{-5} & 1.0\cdot 10^{0} & 2.0\cdot 10^{-2}\\ 0 & 1.0\cdot 10^{-3}& 2.1\cdot 10^{-1} & 9.8\cdot 10^{-1} \end{bmatrix}, C=\begin{bmatrix}1&0&0&0\\ 1&0&0&0\\ 1&0&0&0\\ 0&0&1&0 \end{bmatrix}$$ The system dynamic matrix can be written as the following Jordan canonical form by an invertible linear transformation: $$ \text{diag}(1.057,1,0.999,0.925), $$ and we consider the system after transformation. System matrix $A$ have four Jordan blocks with size $1\times1$ and the upper left two blocks have unstable eigenvalues. Therefore, the set of unstable states and stable states are $\mathcal{U}=\{1,2\},\mathcal{S}=\{3,4\}.$ The canonical form of $G_i^\mathcal{U}$ are \begin{align} H_1^\mathcal{U}=H_2^\mathcal{U}=H_3^\mathcal{U}=\begin{bmatrix} 1 & 0 \\ 0 & 1 \\ 0 & 0 \\ 0 & 0 \end{bmatrix},\ H_4^\mathcal{U}=\begin{bmatrix} 0 & 0 \\ 0 & 1 \\ 0 & 0 \\ 0 & 0 \end{bmatrix}. \end{align} Only the first 3 sensors can observe unstable state 1, and all the four sensors can observe unstable state 2$. Therefore, the system is 2-sparse detectable and our proposed estimator is secure in the presence of 1 corrupted sensor.

    No attack

    Figure

    Random data injection attack

    Figure

    Random data injection attack

    Figure

    Slope signal attack

    Figure

    Slope signal attack

    Figure

    Resilient Estimation for Model Racecar Drifting Control

    Sensors:

  • IMU
  • ZED Stereo Camera
  • 2D LiDAR

    • Goal

    On-board sensor State Estimation for aggressive Driving

    Challenge

  • IMU: Violent vibration cause inaccurate
  • Stereo Camera: Image distortion
  • LiDAR: Slow matching speed

    • Figure

    Basic set up

    Figure

    Sensor property

    Figure

    Sensor property

    Figure

    Sensor comparison

    Figure

    Camera+IMU coarse estimation:
  • High frequency (100Hz)
  • No out liers or interrupt
  • Drifting growing error
    • Camera+IMU coarse estimation:
  • Low frequency (30-60Hz)
  • Out liers and interrupt
  • No drifting growing error

    • Fusion Result

    Figure

    Model Racecar drifting

    Preliminary works

  • X. Liu, Y. Mo and E. Garone, Local Decomposition of Kalman Filters and its Application for Secure State Estimation, in IEEE Transactions on Automatic Control, vol. 66, no. 10, pp. 5037-5044, Oct. 2021, doi: 10.1109/TAC.2020.3044854.

    • Publishing paper

  • ZiShuo Li, Yilin Mo, Low Complexity Secure State Estimation Design for Linear System with Non-derogatory Dynamics, 2021 IEEE 60th Conference on Decision and Control (CDC), 2021, accepted.
  • ZiShuo Li, Yilin Mo, Efficient Secure State Estimation against Sparse Integrity Attack for System with Non-derogatory Dynamics, in International Journal of Robust and Nonlinear Control, 2nd round review.

    • Future Work

  • Asynchronous Non-uniform Sampled Measurements
  • Distributed Resilient Estimation

    • The slides can be seen at

    https://zs-li.github.io/talk/resi_est/index.html

    Figure

    欢迎提问!