This paper analyzes the effects of false data injec-tion attacks on Control System. We assume that the system, equipped with a Kalman filter and LQG con-troller, is used to monitor and control a discrete linear time invariant Gaussian system. We further assume that the system is equipped with a failure detector. An at-tacker wishes to destabilize the system by compromising a subset of sensors and sending corrupted readings to the state estimator. In order to inject fake sensor mea-surements without being detected the attacker needs to carefully design its inputs to fool the failure detector, since abnormal sensor measurements usually trigger an alarm from the failure detector. We will provide a nec-essary and sufficient condition under which the attacker could destabilize the system while successfully bypass-ing the failure detector. A design method for the de-fender to improve the resilience of the CPS against such kind of false data injection attacks is also provided.

The proof of Theorem 2 is not correct. However, the statement is correct. The sketched proof can be found here.

The code is written in Matlab R2009b (7.9.0.529).