1. Introduction
Cyber-physical systems (CPSs) are networked systems that integrate computation, communication, and control elements. The principal goal of CPSs is to monitor and (if necessary) change the behavior of a physical process to ensure that it functions correctly, reliably, and efficiently. Nowadays, it has been applied in various domains, such as smart grids, health management, vehicular management, and military applications [
1]. As CPSs advance rapidly in the degree of informatization and intelligence, their security issues have attracted both scholarly and industrial attention. Security issues of CPSs cover various aspects, including sensing security, computing security, communication security, and control security [
2,
3]. For the CPSs that are networked in nature, information sharing and interactions should be built on secure and reliable links among various terminals. As a result, communication security is crucial to CPSs [
4,
5]. Due to the broadcast nature of radio propagation, secure wireless transmission is a challenge. Malicious attacks on communication systems in CPS are classified as passive attacks and active attacks. Passive attacks are those where the attacker listens to network traffic in order to gain access to sensitive information. Yulong Zou studies the intercept behavior of an industrial wireless sensor network, and propose an optimal sensor scheduling scheme aiming at maximizing the secrecy capacity of wireless transmissions from sensors to the sink [
6]. In this paper, we develop a practical countermeasure for passive attacks and propose a physical layer security communication scheme for CPS applications.
A well-designed secure wireless link should have LPD and LPI properties with respect to illegal users [
7,
8]. The concept of perfect secrecy was first introduced in Shannon’s fundamental paper [
9]. He also proposed that security of communication could be guaranteed only when the transmitter and receiver have a certain degree of cooperation, and perfect secrecy could be achieved if a one-time pad protocol were employed. Traditional encryption techniques are based on the complexity of mathematical tasks, such as the computation of discrete logarithms in large finite fields. With the rapid development of computer hardware and computing technologies, such as distributed computing and cloud computing, the security of traditional encryption techniques has become questionable [
10]. Quantum communication can provide almost perfect security through the use of quantum laws to detect any possible information leak [
11]. However, its application to wireless and mobile communications is confined because the line of sight for the transmission of optical quantum is not always available, particularly in urban areas crowded by large buildings. The classical spread spectrum communication systems have good LPD, and LPI characteristics and are widely used. However, the random and noise-like properties of pseudo-noise spreading sequences are usually deterministic and periodical in actual systems. With the rapid development of blind signal detection techniques [
12], the spreading sequences may be cracked by illegal users. Then, the traditional spread spectrum techniques are also not as secure as expected.
Physical layer security is to develop a secure transmission that exploits the physical properties of transceivers without relying on source encryption [
13]. Wyner introduced the concept of secrecy capacity over wire-tap channels [
14]. In Wyner’s model, the wire-tap channel is a degraded version of the main channel; thus, the eavesdropper can only receive a noisy version of the signal received at the intended receiver. Wyner’s work was extended to single input multiple output (SIMO) systems in the presence of one eavesdropper [
15]. Hero proposed an information theoretical framework to investigate information security in wireless multiple-input multiple-output links [
16]. Another important line of research is the design of a practical system to achieve near-optimal physical layer security performance [
17]. Zheng proposed a low-complexity polar-coded cooperative jamming scheme for the general two-way wire-tap channel, without any constraint on channel symmetry or degradation [
18,
19,
20,
21,
22]. The research mentioned above is unexceptionally confined to the information-theoretic perspective, which only focuses on the LPI performance. Therefore, the main contribution of our work is to design an LPD signal waveform and investigate its application in physical layer security.
Motivated by achieving an LPD signal waveform, we previously proposed an under-sampling spectrum-sparse signal based on active aliasing [
23]. In this work, we extend our earlier work to a more practical scenario. Application of the LPD signal for physical layer security is investigated, and a typical wire-tap channel model with three users, namely, the transmitter (Alice), the intended receiver (Bob), and the eavesdropper (Eve), is considered. Since the under-sampling method may be effective only when the sub-band signals are accurately aligned after the sampling process, Alice can shift the central frequencies of the transmitted sub-band signals according to the clock offset between Alice and Bob, to make sure that Bob can collect the signal power on all sub-carriers coherently. Furthermore, a precoding technique based on CSI can be employed to maximize Bob’s SNR at the sampling stage. The sampling clock frequency offset and CSI between Alice and Bob are treated as security keys which can be determined at Alice’s end according to the reciprocal principle. Meanwhile, Alice and Eve do not have a negotiation of compensation for the sampling rate and CSI; Eve can only use incoherent demodulation techniques. Finally, the LPD and LPI performance of the proposed scheme is evaluated by the detection probability of the received signal and BER, respectively.
The rest of this paper is organized as follows.
Section 2 presents the construction of the LPD signal waveform, the principle of the signal detection method.
Section 3 presents the application of the designed LPD signal for physical layer security. A practical secure transmission scheme based on channel reciprocity is proposed.
Section 4 analyses the LPD performance of the designed signal in the Wire-tap channel.
Section 5 investigates the signal and information security performance in terms of detection probability and BER at both Bob’s and Eve’s ends by simulations. Finally, the conclusions are drawn in
Section 6.
5. Simulation Results
In this section, a number of experiments are designed to evaluate both the reliability and security of the proposed secure transmission system. The receiving gain and BER are chosen as indicators to assess the feasibility and security of the proposed physical layer security communication system. The receiving gain, which was defined in section II implies the phenomenon of SNR improvement caused by the under-sampling method on Bob’s side. For secure wireless communication systems, it is desired that the BER at Bob’s side is decreased rapidly with the increase in received SNR, while the BER at Eve’s side is always unacceptably high. To illustrate the robustness of the proposed physical layer security communication system, simulations are conducted over both AWGN and fading channels. In simulations, the signal
is assumed to be a BPSK-modulated signal with a bandwidth of 10MHz, which means
MHz. Furthermore, the parameter
L is set as
. It is noticed that all simulations in this work are implemented using Matlab. The diagram of system model simulations is shown in
Figure 6.
5.1. LPD Performance
The objective of LPD property is to guarantee the covertness of the signal waveform, which means Bob can detect the signals transmitted by Alice, while Eve can hardly detect the presence of the transmit signals. In this section, we will investigate the detection performance at Bob’s and Eve’s ends in both AWGN and fading channels. The detection method is as described in the last section, and the predetermined false alarm rate is .
Simulation results in
Figure 7 show that detection probability at Bob’s end is always superior to Eve’s when the channel signal-to-noise ratio is less than 10dB over the AWGN channel. There exists a security region depicted by the SNR, in which Bob’s detection probability is approaching 1, while that of Eve’s is at a low level. For example, when the SNR is in the [−3,4] (dB) interval, the detection probability of Bob is close to 1, while the detection probability of Eve is always lower than 0.1 given
and
. In practical applications, Alice can adjust the transmit power so that the received SNR is always in this region, thereby ensuring the covertness of the signal.
Furthermore, the range of the security region increases with the sub-carrier number N. This means a larger bandwidth may always lead to stronger security in signal covertness. Such a conclusion is completely consistent with how the larger the spread spectrum ratio is in DSSS, the better the security is in the direct sequence spread spectrum communication system.
Simulation results in
Figure 8 show that Bob’s detection performance in fading channel is basically the same as that in the AWGN channel, and the precoding scheme is proved to be effective. However, for Eve, the weighted factor
and channel coefficients
are completely independent, and the SNR at Eve’s side is significantly reduced. Therefore, the security region is wider than that in the AWGN channel.
5.2. Comparison of BER Performance between Bob and Eve
The objective of the proposed physical layer security communication scheme is to simultaneously guarantee the LPD and LPI properties of wireless links. On the one hand, Bob can detect and demodulate the signals transmitted by Alice, while Eve can hardly detect the presence of the transmitted signals. On the other hand, although Eve can detect the transmitted signal, he can hardly extract useful information.
Arguably, BER is an effective and useful measure for both reliability and security. We hope the BER at Bob’s side is as low as possible; meanwhile, the BER at Eve’s side is (very close to) 0.5, so he essentially cannot recover any information transmitted by Alice. Simulation results demonstrate that the proposed scheme can guarantee that the BER at Eve will always be unacceptably high regardless of the received SNR, while the BER at Bob will be decreased significantly as the received SNR increases.
For the AWGN channel, the security of the proposed communication system is mainly determined by the sampling clock frequency offset between Bob and Eve. According to the communication protocol proposed in Section III, Bob can increase the transmit power or length of pilot signals in order to improve the estimation accuracy. In this way, the sampling clock offset can be estimated nearly perfectly as the SNR of the pilot signal is sufficiently high or the number of pilot symbols is sufficiently large. Meanwhile, the sampling frequency between Alice and Eve can hardly be synchronized because they have no negotiation for sampling frequency synchronization. The BER performance of Bob and Eve is shown in
Figure 9. The parameters are set as
and
; thus, the sampling frequency is 50 MHz. As the accuracy of the sampling clocks is always at PPM(parts per million) level, we can reasonably assume that the sampling clock offset between Alice and Eve is 1 Hz. The BER versus
at Bob and Eve are illustrated in
Figure 9. The sampling phase offset at Bob is set as
. A significant improvement in BER performance can be achieved when the sampling phase offset decreases. Simulation results show that the BER at Bob decreases rapidly as the SNR increases. Meanwhile, the BER at Eve stays at a high level, and decreases very slowly with the increase in SNR that he can hardly intercept useful information. When some artificial jamming signals are added to the LPD signal, simulation results in
Figure 9 show that Bob can still detect and demodulate the LPD signal. The parameter
in the figure is defined as
, where
denotes the transmit power of useful signals and
denotes the transmit power of artificial jamming signals. As a result, the proposed secure communication scheme is proven effective in the AWGN channel.
Next, the BER performance of the proposed secure communication scheme over fading channels is shown in
Figure 10. For Bob, both perfect CSI and imperfect scenarios are investigated. For the imperfect CSI scenario, the estimation error
is assumed to be 0.2 and 0.4. It is not surprising that the BER performance loss is induced by the increase in estimation error under the same channel condition. The results have clearly demonstrated that Bob can detect and demodulate the LPD signal effectively. The BER performance at Eve with different
is also given in this figure, where
denotes the sampling frequency offset between Alice and Bob. Simulation results show that the BER at Eve is about 0.5 even
, which means the sampling clock offset between Alice and Eve does not exist. It reveals that Eve can hardly extract useful information only because he has different channel coefficients. It can be seen that Eve will obtain a BER of about 0.5 no matter how the SNR changes. As a result, the proposed secure communication scheme is also proven effective in the fading channel.
6. Conclusions
In this work, a physical layer security communication scheme has been proposed for CPS applications. First, a structured LPD signal waveform is designed, and the detection method for the LPD signal is proposed. Analysis shows that the maximum receiving gain is given by and decreased with the increase in sapling phase offset. Then, a wireless wire-tap channel is presented, and a secure transmission protocol is proposed. The channel reciprocal principle is applied to achieve the sampling clock offset and CSI between Alice and Bob. Based on such information, the sampling clock compensation method and precoding scheme, which can maximize Bob’s SNR at the sampling stage, are proposed. To demonstrate the LPD property, detection probability at both Bob’s and Eve’s ends are derived with the energy detector model. Simulation results show that there exists a specific SNR interval where Bob’s detection probability is approaching 1, while Eve’s is well below 0.1. The range is approximately 7 dB and 17 dB in AWGN and fading channel, respectively, when and . In addition, simulation results in AWNG and fading channel also show that the BER at Bob’s end is always decreased with the increase in SNR or the number of sampling phases, while Eve’s BER has always been around 0.5 regardless of the SNR. As a result, both the effectiveness and security of the proposed scheme are verified.