-
Multi-Robot Coordination with Adversarial Perception
Authors:
Rayan Bahrami,
Hamidreza Jafarnejadsani
Abstract:
This paper investigates the resilience of perception-based multi-robot coordination with wireless communication to online adversarial perception. A systematic study of this problem is essential for many safety-critical robotic applications that rely on the measurements from learned perception modules. We consider a (small) team of quadrotor robots that rely only on an Inertial Measurement Unit (IM…
▽ More
This paper investigates the resilience of perception-based multi-robot coordination with wireless communication to online adversarial perception. A systematic study of this problem is essential for many safety-critical robotic applications that rely on the measurements from learned perception modules. We consider a (small) team of quadrotor robots that rely only on an Inertial Measurement Unit (IMU) and the visual data measurements obtained from a learned multi-task perception module (e.g., object detection) for downstream tasks, including relative localization and coordination. We focus on a class of adversarial perception attacks that cause misclassification, mislocalization, and latency. We propose that the effects of adversarial misclassification and mislocalization can be modeled as sporadic (intermittent) and spurious measurement data for the downstream tasks. To address this, we present a framework for resilience analysis of multi-robot coordination with adversarial measurements. The framework integrates data from Visual-Inertial Odometry (VIO) and the learned perception model for robust relative localization and state estimation in the presence of adversarially sporadic and spurious measurements. The framework allows for quantifying the degradation in system observability and stability in relation to the success rate of adversarial perception. Finally, experimental results on a multi-robot platform demonstrate the real-world applicability of our methodology for resource-constrained robotic platforms.
△ Less
Submitted 11 April, 2025;
originally announced April 2025.
-
Distributed Detection of Adversarial Attacks for Resilient Cooperation of Multi-Robot Systems with Intermittent Communication
Authors:
Rayan Bahrami,
Hamidreza Jafarnejadsani
Abstract:
This paper concerns the consensus and formation of a network of mobile autonomous agents in adversarial settings where a group of malicious (compromised) agents are subject to deception attacks. In addition, the communication network is arbitrarily time-varying and subject to intermittent connections, possibly imposed by denial-of-service (DoS) attacks. We provide explicit bounds for network conne…
▽ More
This paper concerns the consensus and formation of a network of mobile autonomous agents in adversarial settings where a group of malicious (compromised) agents are subject to deception attacks. In addition, the communication network is arbitrarily time-varying and subject to intermittent connections, possibly imposed by denial-of-service (DoS) attacks. We provide explicit bounds for network connectivity in an integral sense, enabling the characterization of the system's resilience to specific classes of adversarial attacks. We also show that under the condition of connectivity in an integral sense uniformly in time, the system is finite-gain $\mathcal{L}_{p}$ stable and uniformly exponentially fast consensus and formation are achievable, provided malicious agents are detected and isolated from the network. We present a distributed and reconfigurable framework with theoretical guarantees for detecting malicious agents, allowing for the resilient cooperation of the remaining cooperative agents. Simulation studies are provided to illustrate the theoretical findings.
△ Less
Submitted 6 October, 2024;
originally announced October 2024.
-
Multi-level Adaptation for Automatic Landing with Engine Failure under Turbulent Weather
Authors:
Haotian Gu,
Hamidreza Jafarnejadsani
Abstract:
This paper addresses efficient feasibility evaluation of possible emergency landing sites, online navigation, and path following for automatic landing under engine-out failure subject to turbulent weather. The proposed Multi-level Adaptive Safety Control framework enables unmanned aerial vehicles (UAVs) under large uncertainties to perform safety maneuvers traditionally reserved for human pilots w…
▽ More
This paper addresses efficient feasibility evaluation of possible emergency landing sites, online navigation, and path following for automatic landing under engine-out failure subject to turbulent weather. The proposed Multi-level Adaptive Safety Control framework enables unmanned aerial vehicles (UAVs) under large uncertainties to perform safety maneuvers traditionally reserved for human pilots with sufficient experience. In this framework, a simplified flight model is first used for time-efficient feasibility evaluation of a set of landing sites and trajectory generation. Then, an online path following controller is employed to track the selected landing trajectory. We used a high-fidelity simulation environment for a fixed-wing aircraft to test and validate the proposed approach under various weather uncertainties. For the case of emergency landing due to engine failure under severe weather conditions, the simulation results show that the proposed automatic landing framework is robust to uncertainties and adaptable at different landing stages while being computationally inexpensive for planning and tracking tasks.
△ Less
Submitted 9 September, 2022;
originally announced September 2022.
-
Detection of Stealthy Adversaries for Networked Unmanned Aerial Vehicles*
Authors:
Rayan Bahrami,
Hamidreza Jafarnejadsani
Abstract:
A network of unmanned aerial vehicles (UAVs) provides distributed coverage, reconfigurability, and maneuverability in performing complex cooperative tasks. However, it relies on wireless communications that can be susceptible to cyber adversaries and intrusions, disrupting the entire network's operation. This paper develops model-based centralized and decentralized observer techniques for detect…
▽ More
A network of unmanned aerial vehicles (UAVs) provides distributed coverage, reconfigurability, and maneuverability in performing complex cooperative tasks. However, it relies on wireless communications that can be susceptible to cyber adversaries and intrusions, disrupting the entire network's operation. This paper develops model-based centralized and decentralized observer techniques for detecting a class of stealthy intrusions, namely zero-dynamics and covert attacks, on networked UAVs in formation control settings. The centralized observer that runs in a control center leverages switching in the UAVs' communication topology for attack detection, and the decentralized observers, implemented onboard each UAV in the network, use the model of networked UAVs and locally available measurements. Experimental results are provided to show the effectiveness of the proposed detection schemes in different case studies.
△ Less
Submitted 22 May, 2022; v1 submitted 19 February, 2022;
originally announced February 2022.
-
Privacy-Preserving Stealthy Attack Detection in Multi-Agent Control Systems
Authors:
Rayan Bahrami,
Hamidreza Jafarnejadsani
Abstract:
This paper develops a glocal (global-local) attack detection framework to detect stealthy cyber-physical attacks, namely covert attack and zero-dynamics attack, against a class of multi-agent control systems seeking average consensus. The detection structure consists of a global (central) observer and local observers for the multi-agent system partitioned into clusters. The proposed structure ad…
▽ More
This paper develops a glocal (global-local) attack detection framework to detect stealthy cyber-physical attacks, namely covert attack and zero-dynamics attack, against a class of multi-agent control systems seeking average consensus. The detection structure consists of a global (central) observer and local observers for the multi-agent system partitioned into clusters. The proposed structure addresses the scalability of the approach and the privacy preservation of the multi-agent system's state information. The former is addressed by using decentralized local observers, and the latter is achieved by imposing unobservability conditions at the global level. Also, the communication graph model is subject to topology switching, triggered by local observers, allowing for the detection of stealthy attacks by the global observer. Theoretical conditions are derived for detectability of the stealthy attacks using the proposed detection framework. Finally, a numerical simulation is provided to validate the theoretical findings.
△ Less
Submitted 28 September, 2021;
originally announced September 2021.
-
Detectability of Intermittent Zero-Dynamics Attack in Networked Control Systems
Authors:
Yanbing Mao,
Hamidreza Jafarnejadsani,
Pan Zhao,
Emrah Akyol,
Naira Hovakimyan
Abstract:
This paper analyzes stealthy attacks, particularly the zero-dynamics attack (ZDA) in networked control systems. ZDA hides the attack signal in the null-space of the state-space representation of the control system and hence it cannot be detected via conventional detection methods. A natural defense strategy builds on changing the null-space via switching through a set of topologies. In this paper,…
▽ More
This paper analyzes stealthy attacks, particularly the zero-dynamics attack (ZDA) in networked control systems. ZDA hides the attack signal in the null-space of the state-space representation of the control system and hence it cannot be detected via conventional detection methods. A natural defense strategy builds on changing the null-space via switching through a set of topologies. In this paper, we propose a realistic ZDA variation where the attacker is aware of this topology-switching strategy, and hence employs the policy to avoid detection: "pause (update and resume) attack" before (after) topology switching to evade detection. We first systematically study the proposed ZDA variation, and then develop defense strategies under the realistic assumptions. Particularly, we characterize conditions for detectability of the proposed ZDA variation, in terms of the network topologies to be maintained, the set of agents to be monitored, and the measurements of the monitored agents that should be extracted. We provide numerical results that demonstrate our theoretical findings.
△ Less
Submitted 15 September, 2019;
originally announced September 2019.
-
Novel Stealthy Attack and Defense Strategies for Networked Control Systems
Authors:
Yanbing Mao,
Hamidreza Jafarnejadsani,
Pan Zhao,
Emrah Akyol,
Naira Hovakimyan
Abstract:
This paper studies novel attack and defense strategies, based on a class of stealthy attacks, namely the zero-dynamics attack (ZDA), for multi-agent control systems. ZDA poses a formidable security challenge since its attack signal is hidden in the null-space of the state-space representation of the control system and hence it can evade conventional detection methods. An intuitive defense strategy…
▽ More
This paper studies novel attack and defense strategies, based on a class of stealthy attacks, namely the zero-dynamics attack (ZDA), for multi-agent control systems. ZDA poses a formidable security challenge since its attack signal is hidden in the null-space of the state-space representation of the control system and hence it can evade conventional detection methods. An intuitive defense strategy builds on changing the aforementioned representation via switching through a set of carefully crafted topologies. In this paper, we propose realistic ZDA variations where the attacker is aware of this topology-switching strategy, and hence employs the following policies to avoid detection: (i) pause, update and resume ZDA according to the knowledge of switching topologies; (ii) cooperate with a concurrent stealthy topology attack that alters network topology at switching times, such that the original ZDA is feasible under the corrupted topology. We first systematically study the proposed ZDA variations, and then develop defense strategies against them under the realistic assumption that the defender has no knowledge of attack starting, pausing, and resuming times and the number of misbehaving agents. Particularly, we characterize conditions for detectability of the proposed ZDA variations, in terms of the network topologies to be maintained, the set of agents to be monitored, and the measurements of the monitored agents that should be extracted, while simultaneously preserving the privacy of the states of the non-monitored agents. We then propose an attack detection algorithm based on the Luenberger observer, using the characterized detectability conditions. We provide numerical simulation results to demonstrate our theoretical findings.
△ Less
Submitted 25 April, 2020; v1 submitted 26 August, 2019;
originally announced August 2019.
