pith. sign in

arxiv: 2505.14982 · v3 · submitted 2025-05-21 · 📡 eess.SY · cs.SY

Generating Sustainability-Targeting Attacks For Cyber-Physical Systems

Faysal Ahamed , Tanushree Roy This is my paper

Pith reviewed 2026-05-22 14:36 UTC · model grok-4.3

classification 📡 eess.SY cs.SY
keywords sustainability-targeting attackscyber-physical systemsstealthy attacksmax-min formulationgradient ascent descentlinear systemsfeasibility conditions
0
0 comments X

The pith

A max-min formulation derives feasibility conditions for minimum-effort maximum-impact stealthy attacks that raise long-term sustainability costs in linear cyber-physical systems.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper introduces a mathematical framework to model sustainability-targeting attacks that increase the long-term sustainability cost of a cyber-physical system while keeping its short-term performance metrics within acceptable bounds. It derives conditions under which such minimum-effort maximum-impact attacks are feasible for linear system dynamics by casting the problem as a max-min optimization. A gradient ascent-descent algorithm then constructs the actual attack signals subject to an explicit stealthiness constraint. The approach is demonstrated through simulation on an illustrative example that shows measurable impact on sustainability cost without triggering conventional detection thresholds.

Core claim

For linear CPS, feasibility conditions for generating a stealthy sustainability-targeting attack can be obtained from a max-min problem whose solution yields the minimum-effort attack policy that maximizes sustainability impact while satisfying a stealth constraint; this policy is constructed numerically by a gradient ascent-descent procedure.

What carries the argument

The max-min formulation that balances attack effort against sustainability impact under a stealthiness constraint on linear system trajectories.

If this is right

  • The derived max-min conditions give explicit feasibility criteria for whether a stealthy STA exists for a given linear CPS.
  • The gradient ascent-descent procedure produces a concrete attack signal that satisfies both the impact and stealth requirements.
  • Simulation of the constructed attack on an example system confirms that sustainability cost rises while performance goals remain met.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same max-min structure could be adapted to obtain bounds on the sustainability cost increase achievable before stealth is lost.
  • Detection schemes that monitor sustainability-related metrics separately from performance metrics might close the gap the paper exploits.
  • Extending the formulation to mildly nonlinear dynamics would test how much the linearity assumption can be relaxed while preserving the attack construction method.

Load-bearing premise

The cyber-physical system dynamics are linear.

What would settle it

Run the gradient algorithm on the linear model and check whether the resulting input sequence increases the sustainability cost metric while keeping the performance output inside the stated bounds and the attack residual below the detection threshold; if no such sequence exists, the derived feasibility conditions are incorrect.

Figures

Figures reproduced from arXiv: 2505.14982 by Faysal Ahamed, Tanushree Roy.

Figure 1
Figure 1. Figure 1: A schematic of the administrative and adversarial space in the context of sustainability-targeting attacks on [PITH_FULL_IMAGE:figures/full_fig_p003_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: System under nominal conditions: top plot shows controlled system trajectories and bottom plot shows the [PITH_FULL_IMAGE:figures/full_fig_p008_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: System performance under attack: top plot shows deviations from the reference trajectories and bottom plot [PITH_FULL_IMAGE:figures/full_fig_p008_3.png] view at source ↗
read the original abstract

Sustainability-targeting attacks (STA) are a growing threat to cyber-physical system (CPS)-based infrastructure, as sustainability goals become an integral part of CPS objectives. STA can be especially disruptive if it impacts the long-term sustainability cost of CPS, while its performance goals remain within acceptable parameters. Thus, in this work, we propose a general mathematical framework for modeling such stealthy STA and derive the feasibility conditions for generating a minimum-effort maximum-impact STA on a linear CPS using a max-min formulation. A gradient ascent descent algorithm is used to construct this attack policy with an added constraint on stealthiness. An illustrative example has been simulated to demonstrate the impact of the generated attack on the sustainability cost of the CPS.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The manuscript proposes a general mathematical framework for modeling stealthy sustainability-targeting attacks (STA) on cyber-physical systems (CPS). It derives feasibility conditions for generating a minimum-effort maximum-impact STA on linear CPS using a max-min formulation. A gradient ascent descent algorithm is employed to construct the attack policy under a stealthiness constraint. The approach is validated through an illustrative simulation demonstrating the attack's impact on the sustainability cost of the CPS.

Significance. If the derived feasibility conditions hold and the algorithm successfully constructs attacks meeting those conditions, this work could be significant for the security of CPS that incorporate sustainability objectives. It extends traditional attack models by focusing on long-term sustainability impacts while maintaining stealth and performance within bounds. The max-min formulation provides a structured way to balance effort and impact, which may aid in developing countermeasures.

major comments (2)
  1. [Section 3] The max-min formulation for the minimum-effort maximum-impact STA on linear dynamics may result in a non-convex problem when incorporating the stealthiness constraint on detection residuals. The gradient ascent-descent algorithm described does not provide global optimality guarantees, potentially failing to achieve the minimum effort bound stated in the feasibility conditions. This is central to the paper's claim as the construction method must deliver the derived minimum-effort attacks.
  2. [Section 5] The illustrative example simulation lacks quantitative comparison between the achieved attack effort and the theoretical minimum from the feasibility conditions, as well as any analysis of convergence or multiple initializations to address local optima issues.
minor comments (2)
  1. The abstract could more clearly state the specific contributions regarding the feasibility conditions and any assumptions on the CPS model.
  2. [References] Ensure all relevant prior work on CPS attack generation and sustainability in control systems is cited for proper context.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for their constructive comments on our manuscript. We address the major comments point by point below, indicating where revisions will be made to strengthen the presentation of the max-min formulation, the algorithm's properties, and the simulation results.

read point-by-point responses

  1. Referee: [Section 3] The max-min formulation for the minimum-effort maximum-impact STA on linear dynamics may result in a non-convex problem when incorporating the stealthiness constraint on detection residuals. The gradient ascent-descent algorithm described does not provide global optimality guarantees, potentially failing to achieve the minimum effort bound stated in the feasibility conditions. This is central to the paper's claim as the construction method must deliver the derived minimum-effort attacks.

    Authors: We agree that incorporating the stealthiness constraint on detection residuals renders the max-min problem non-convex in general. The gradient ascent-descent procedure is a first-order method for finding a stationary point of the resulting saddle-point problem and therefore carries no global optimality guarantee; it may converge to a local solution whose effort exceeds the theoretical minimum characterized by the feasibility conditions. The feasibility conditions themselves are derived directly from the problem data (system matrices, attack bounds, and residual thresholds) and establish existence of a feasible attack achieving the min-effort max-impact trade-off; they do not depend on any particular numerical solver. The algorithm is presented as a practical construction method that produces a stealthy attack policy satisfying all constraints. In the revised manuscript we will add an explicit statement in Section 3 that the algorithm yields a locally optimal policy and that the feasibility conditions serve as a theoretical benchmark rather than a certificate of global optimality for the numerical solution. We will also note that, in the linear-quadratic setting considered, multiple random initializations can be used to obtain policies whose effort is close to the bound. revision: partial

  2. Referee: [Section 5] The illustrative example simulation lacks quantitative comparison between the achieved attack effort and the theoretical minimum from the feasibility conditions, as well as any analysis of convergence or multiple initializations to address local optima issues.

    Authors: We accept this criticism. The simulation was intended primarily to demonstrate the qualitative impact of the generated attack on the long-term sustainability cost. In the revised version we will augment Section 5 with (i) a direct numerical comparison of the effort attained by the gradient algorithm against the minimum effort predicted by the feasibility conditions, (ii) convergence curves for the ascent and descent iterates, and (iii) results obtained from several distinct random initializations, thereby quantifying the variability due to local optima. revision: yes

Circularity Check

0 steps flagged

No circularity: max-min formulation and gradient algorithm applied to new STA objective on linear dynamics

full rationale

The derivation begins with linear CPS dynamics (standard assumption), defines the new STA objective as sustainability cost impact minus effort subject to stealth on detection residuals, then applies a max-min formulation to obtain feasibility conditions and a gradient ascent-descent procedure to construct the policy. These steps invoke standard optimization methods on the explicitly stated problem; the feasibility conditions are derived from the max-min rather than presupposed, and the algorithm is a numerical solver rather than a fitted input renamed as prediction. No self-citation is load-bearing, no ansatz is smuggled, and the result is not equivalent to its inputs by construction. The illustrative simulation serves only as demonstration.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 1 invented entities

The framework depends on modeling the CPS as linear and treating sustainability cost as a separable long-term objective distinct from immediate performance.

axioms (1)
  • domain assumption The cyber-physical system can be modeled as a linear system.
    Explicitly used to derive feasibility conditions for the STA on a linear CPS.
invented entities (1)
  • Sustainability-targeting attack (STA) no independent evidence
    purpose: To represent attacks that increase long-term sustainability cost while remaining stealthy by satisfying performance constraints.
    Introduced as the core concept being modeled and generated; no independent evidence such as a predicted observable outside the framework is provided.

pith-pipeline@v0.9.0 · 5645 in / 1258 out tokens · 51276 ms · 2026-05-22T14:36:52.505485+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

What do these tags mean?
matches
The paper's claim is directly supported by a theorem in the formal canon.
supports
The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends
The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses
The paper appears to rely on the theorem as machinery.
contradicts
The paper's claim conflicts with a theorem or certificate in the canon.
unclear
Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

23 extracted references · 23 canonical work pages

  1. [1]

    SIAM, 1998

    Tamer Bas ¸ar and Geert Jan Olsder.Dynamic noncooperative game theory. SIAM, 1998

    work page 1998

  2. [2]

    Springer Science & Business Media, 2008

    Tamer Bas ¸ar and Pierre Bernhard.H-infinity optimal control and related minimax design problems: a dynamic game approach. Springer Science & Business Media, 2008

    work page 2008

  3. [3]

    Quanyan Zhu and Tamer Basar. Game-theoretic methods for robustness, security, and resilience of cyberphys- ical control systems: games-in-games principle for optimal cross-layer resilient control systems.IEEE Control Systems Magazine, 35(1):46–65, 2015

    work page 2015

  4. [4]

    Mamiot: Manipulation of energy market leveraging high wattage iot botnets

    Tohid Shekari, Celine Irvene, Alvaro A Cardenas, and Raheem Beyah. Mamiot: Manipulation of energy market leveraging high wattage iot botnets. InProceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pages 1338–1356, 2021

    work page 2021

  5. [5]

    Reinforcement learning enabled intelligent energy attack in green iot networks.IEEE Transactions on Information Forensics and Security, 17:644–658, 2022

    Long Li, Yu Luo, Jing Yang, and Lina Pu. Reinforcement learning enabled intelligent energy attack in green iot networks.IEEE Transactions on Information Forensics and Security, 17:644–658, 2022

    work page 2022

  6. [6]

    Modelling of the energy depletion process and battery depletion attacks for battery-powered internet of things (iot) devices

    Godlove Suila Kuaban, Erol Gelenbe, Tadeusz Czach´orski, Piotr Czekalski, and Julius Kewir Tangka. Modelling of the energy depletion process and battery depletion attacks for battery-powered internet of things (iot) devices. Sensors, 23(13):6183, 2023

    work page 2023

  7. [7]

    Power injec- tion attacks in smart distribution grids with photovoltaics

    Martin Lindstr ¨om, Hampei Sasahara, Xingkang He, Henrik Sandberg, and Karl Henrik Johansson. Power injec- tion attacks in smart distribution grids with photovoltaics. In2021 European Control Conference (ECC), pages 529–534. IEEE, 2021

    work page 2021

  8. [8]

    Consequence simulation of cyber attacks on key smart grid business cases.Frontiers in Energy Research, 12:1395954, 2024

    Doney Abraham, Øyvind Toftegaard, Binu Ben Jose DR, Alemayehu Gebremedhin, and Sule Yildirim Yayil- gan. Consequence simulation of cyber attacks on key smart grid business cases.Frontiers in Energy Research, 12:1395954, 2024

    work page 2024

  9. [9]

    Experimental evaluation of smart electric meters’ resilience under cyber security attacks.IEEE Access, 11:55349–55360, 2023

    Harsh Kumar, Oscar A Alvarez, and Sanjeev Kumar. Experimental evaluation of smart electric meters’ resilience under cyber security attacks.IEEE Access, 11:55349–55360, 2023

    work page 2023

  10. [10]

    Ohm’s law in data centers: A voltage side channel for timing power attacks

    Mohammad A Islam and Shaolei Ren. Ohm’s law in data centers: A voltage side channel for timing power attacks. InProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pages 146–162, 2018

    work page 2018

  11. [11]

    A hierarchical security architecture for cyber-physical systems

    Quanyan Zhu, Craig Rieger, and Tamer Bas ¸ar. A hierarchical security architecture for cyber-physical systems. In2011 4th international symposium on resilient control systems, pages 15–20. IEEE, 2011

    work page 2011

  12. [12]

    Energy efficiency index as an indicator for measuring building energy performance: A review.Renewable and Sustainable Energy Reviews, 44:1–11, 2015

    Nur Najihah Abu Bakar, Mohammad Yusri Hassan, Hayati Abdullah, Hasimah Abdul Rahman, Md Pauzi Abdul- lah, Faridah Hussin, and Masilah Bandi. Energy efficiency index as an indicator for measuring building energy performance: A review.Renewable and Sustainable Energy Reviews, 44:1–11, 2015

    work page 2015

  13. [13]

    Electric vehicle charging op- timization to minimize marginal greenhouse gas emissions from power generation.Applied Energy, 277:115517, 2020

    Ran Tu, Yijun Jessie Gai, Bilal Farooq, Daniel Posen, and Marianne Hatzopoulou. Electric vehicle charging op- timization to minimize marginal greenhouse gas emissions from power generation.Applied Energy, 277:115517, 2020

    work page 2020

  14. [14]

    Worst-case stealthy innovation-based linear attack on remote state estimation.Automatica, 89:117–124, 2018

    Ziyang Guo, Dawei Shi, Karl Henrik Johansson, and Ling Shi. Worst-case stealthy innovation-based linear attack on remote state estimation.Automatica, 89:117–124, 2018

    work page 2018

  15. [15]

    Optimal feedback control law for a class of partially observed uncertain dynamic systems: A min-max problem.Dynamic Systems and Applications, 20(1):149, 2011

    Nasir Uddin Ahmed and M Suruz Miah. Optimal feedback control law for a class of partially observed uncertain dynamic systems: A min-max problem.Dynamic Systems and Applications, 20(1):149, 2011

    work page 2011

  16. [16]

    International series in pure and applied mathematics

    Walter Rudin.Functional Analysis. International series in pure and applied mathematics. McGraw-Hill, 1991

    work page 1991

  17. [17]

    World Scientific Publishing Company, 2006

    Nasir Uddin Ahmed.Dynamic systems and control with applications. World Scientific Publishing Company, 2006

    work page 2006

  18. [18]

    A course in real analysis.A course in real analysis-book review, 2015

    Ittay Weiss. A course in real analysis.A course in real analysis-book review, 2015

    work page 2015

  19. [19]

    Optimal feedback control law for automated vehicles in the presence of cyberattacks: A min–max approach.Transportation research part C: emerging technologies, 153:104204, 2023

    Shian Wang, Michael W Levin, and Raphael Stern. Optimal feedback control law for automated vehicles in the presence of cyberattacks: A min–max approach.Transportation research part C: emerging technologies, 153:104204, 2023

    work page 2023

  20. [20]

    Springer Science & Business Media, 2008

    Steven X Ding.Model-based fault diagnosis techniques: design schemes, algorithms, and tools. Springer Science & Business Media, 2008

    work page 2008

  21. [21]

    Security Of Cyber-physical Systems Under Compromised Switching

    Sanchita Ghosh and Tanushree Roy. Security Of Cyber-physical Systems Under Compromised Switching. In 2023 IEEE Conference on Control Technology and Applications (CCTA), pages 1034–1039, 2023

    work page 2023

  22. [22]

    Attack models and scenarios for networked control systems

    Andr ´e Teixeira, Daniel P ´erez, Henrik Sandberg, and Karl Henrik Johansson. Attack models and scenarios for networked control systems. InProceedings of the 1st international conference on High Confidence Networked Systems, pages 55–64, 2012

    work page 2012

  23. [23]

    Optimal dynamic controller design for linear quadratic tracking problems.IEEE Transactions on Automatic Control, 69(6):4021–4027, 2023

    Jianguo Zhao, Chunyu Yang, Weinan Gao, and Ju H Park. Optimal dynamic controller design for linear quadratic tracking problems.IEEE Transactions on Automatic Control, 69(6):4021–4027, 2023

    work page 2023