Active techniques have been introduced to give better detectability performance for cyber-attack diagnosis in cyber-physical systems (CPS). In this paper, switching multiplicative watermarking is considered, whereby we propose an optimal design strategy to define switching filter parameters. Optimality is evaluated exploiting the so-called output-to-output gain of the closed loop system, including some supposed attack dynamics. A worst-case scenario of a matched covert attack is assumed, presuming that an attacker with full knowledge of the closed-loop system injects a stealthy attack of bounded energy. Our algorithm, given watermark filter parameters at some time instant, provides optimal next-step parameters. Analysis of the algorithm is given, demonstrating its features, and demonstrating that through initialization of certain parameters outside of the algorithm, the parameters of the multiplicative watermarking can be randomized. Simulation shows how, by adopting our method for parameter design, the attacker's impact on performance diminishes.

翻译：主动技术已被引入，旨在提升信息物理系统（CPS）中网络攻击诊断的可检测性性能。本文研究了切换式乘法水印技术，并提出了一种用于定义切换滤波器参数的最优设计策略。最优性评估利用了闭环系统的所谓输出-输出增益，其中包含某些假设的攻击动态。我们假设了匹配隐蔽攻击的最坏情况场景，即攻击者完全了解闭环系统并注入能量有界的隐蔽攻击。本文提出的算法在给定某一时刻的水印滤波器参数后，可提供最优的下一步参数。文中对该算法进行了分析，阐明了其特性，并证明通过在该算法外部初始化特定参数，可实现乘法水印参数的随机化。仿真结果表明，采用本文的参数设计方法能够有效降低攻击者对系统性能的影响。