Detection and Identification of Sensor Attacks Using Data

In this paper, we investigate data-driven attack detection and identification in a model-free setting. Unlike existing studies, we consider the case where the available output data include malicious false-data injections. We aim to detect and identify such attacks solely from the compromised data. We address this problem in two scenarios: (1) when the system operator is aware of the system's sparse observability condition, and (2) when the data are partially clean (i.e., attack-free). In both scenarios, we derive conditions and algorithms for detecting and identifying attacks using only the compromised data. Finally, we demonstrate the effectiveness of the proposed framework via numerical simulations on a three-inertia system.