Data Poisoning Attacks Can Systematically Destabilize Data-Driven Control Synthesis

Data-driven control has emerged as a powerful paradigm for synthesizing controllers directly from data, bypassing explicit model identification. However, this reliance on data introduces new and largely unexplored vulnerabilities. In this paper, we show that an attacker can systematically poison the data used for control synthesis, causing any linear state-feedback controller synthesized by the planner to destabilize the physical system. Concerningly, we show that the attacker can achieve this objective without knowledge of the system model or the controller synthesis procedure. To this end, we develop a recursive data-poisoning mechanism that generates falsified state trajectories, inducing a precise geometric shift in the apparent system dynamics. More broadly, our results establish that data-driven control pipelines can be deterministically destabilized by model-agnostic attacks operating solely at the data level. Numerical simulations corroborate these findings for both noise-free and noisy data.