Building an Emulation Environment for Cyber Security Analyses of Complex Networked Systems

Computer networks are undergoing a phenomenal growth, driven by the rapidly increasing number of nodes constituting the networks. At the same time, the number of security threats on Internet and intranet networks is constantly growing, and the testing and experimentation of cyber defense solutions requires the availability of separate, test environments that best emulate the complexity of a real system. Such environments support the deployment and monitoring of complex mission-driven network scenarios, thus enabling the study of cyber defense strategies under real and controllable traffic and attack scenarios. In this paper, we propose a methodology that makes use of a combination of techniques of network and security assessment, and the use of cloud technologies to build an emulation environment with adjustable degree of affinity with respect to actual reference networks or planned systems. As a byproduct, starting from a specific study case, we collected a dataset consisting of complete network traces comprising benign and malicious traffic, which is feature-rich and publicly available

Wide-Area Time-Synchronized Closed-Loop Control of Power Systems And Decentralized Active Distribution Networks

The rapidly expanding power system grid infrastructure and the need to reduce the occurrence of major blackouts and prevention or hardening of systems against cyber-attacks, have led to increased interest in the improved resilience of the electrical grid. Distributed and decentralized control have been widely applied to computer science research. However, for power system applications, the real-time application of decentralized and distributed control algorithms introduce several challenges. In this dissertation, new algorithms and methods for decentralized control, protection and energy management of Wide Area Monitoring, Protection and Control (WAMPAC) and the Active Distribution Network (ADN) are developed to improve the resiliency of the power system. To evaluate the findings of this dissertation, a laboratory-scale integrated Wide WAMPAC and ADN control platform was designed and implemented. The developed platform consists of phasor measurement units (PMU), intelligent electronic devices (IED) and programmable logic controllers (PLC). On top of the designed hardware control platform, a multi-agent cyber-physical interoperability viii framework was developed for real-time verification of the developed decentralized and distributed algorithms using local wireless and Internet-based cloud communication. A novel real-time multiagent system interoperability testbed was developed to enable utility independent private microgrids standardized interoperability framework and define behavioral models for expandability and plug-and-play operation. The state-of-theart power system multiagent framework is improved by providing specific attributes and a deliberative behavior modeling capability. The proposed multi-agent framework is validated in a laboratory based testbed involving developed intelligent electronic device prototypes and actual microgrid setups. Experimental results are demonstrated for both decentralized and distributed control approaches. A new adaptive real-time protection and remedial action scheme (RAS) method using agent-based distributed communication was developed for autonomous hybrid AC/DC microgrids to increase resiliency and continuous operability after fault conditions. Unlike the conventional consecutive time delay-based overcurrent protection schemes, the developed technique defines a selectivity mechanism considering the RAS of the microgrid after fault instant based on feeder characteristics and the location of the IEDs. The experimental results showed a significant improvement in terms of resiliency of microgrids through protection using agent-based distributed communication

On Cyber-Physical Security of Smart Grid: Data Integrity Attacks and Experiment Platform

A Smart Grid is a digitally enabled electric power grid that integrates the computation and communication technologies from cyber world with the sensors and actuators from physical world. Due to the system complexity, typically the high cohesion of communication and power system, the Smart Grid innovation introduces new and fundamentally different security vulnerabilities and risks. In this work, two important research aspects about cyber-physical security of Smart Grid are addressed: (i) The construction, impact and countermeasure of data integrity attacks; and (ii) The design and implementation of general cyber-physical security experiment platform. For data integrity attacks: based on the system model of state estimation process in Smart Grid, firstly, a data integrity attack model is formulated, such that the attackers can generate financial benefits from the real-time electrical market operations. Then, to reduce the required knowledge about the targeted power system when launching attacks, an online attack approach is proposed, such that the attacker is able to construct the desired attacks without the network information of power system. Furthermore, a network information attacking strategy is proposed, in which the most vulnerable meters can be directly identified and the desired measurement perturbations can be achieved by strategically manipulating the network information. Besides the attacking strategies, corresponding countermeasures based on the sparsity of attack vectors and robust state estimator are provided respectively. For the experiment platform: ScorePlus, a software-hardware hybrid and federated experiment environment for Smart Grid is presented. ScorePlus incorporates both software emulator and hardware testbed, such that they all follow the same architecture, and the same Smart Grid application program can be tested on either of them without any modification; ScorePlus provides a federated environment such that multiple software emulators and hardware testbeds at different locations are able to connect and form a unified Smart Grid system; ScorePlus software is encapsulated as a resource plugin in OpenStack cloud computing platform, such that it supports massive deployments with large scale test cases in cloud infrastructure

Mist and Edge Computing Cyber-Physical Human-Centered Systems for Industry 5.0: A Cost-Effective IoT Thermal Imaging Safety System

While many companies worldwide are still striving to adjust to Industry 4.0 principles, the transition to Industry 5.0 is already underway. Under such a paradigm, Cyber-Physical Human-centered Systems (CPHSs) have emerged to leverage operator capabilities in order to meet the goals of complex manufacturing systems towards human-centricity, resilience and sustainability. This article first describes the essential concepts for the development of Industry 5.0 CPHSs and then analyzes the latest CPHSs, identifying their main design requirements and key implementation components. Moreover, the major challenges for the development of such CPHSs are outlined. Next, to illustrate the previously described concepts, a real-world Industry 5.0 CPHS is presented. Such a CPHS enables increased operator safety and operation tracking in manufacturing processes that rely on collaborative robots and heavy machinery. Specifically, the proposed use case consists of a workshop where a smarter use of resources is required, and human proximity detection determines when machinery should be working or not in order to avoid incidents or accidents involving such machinery. The proposed CPHS makes use of a hybrid edge computing architecture with smart mist computing nodes that processes thermal images and reacts to prevent industrial safety issues. The performed experiments show that, in the selected real-world scenario, the developed CPHS algorithms are able to detect human presence with low-power devices (with a Raspberry Pi 3B) in a fast and accurate way (in less than 10 ms with a 97.04% accuracy), thus being an effective solution that can be integrated into many Industry 5.0 applications. Finally, this article provides specific guidelines that will help future developers and managers to overcome the challenges that will arise when deploying the next generation of CPHSs for smart and sustainable manufacturing.Comment: 32 page

Cyber-physical manufacturing cloud: An efficient method of building digital twin for 3D printer by adapting MTConnect protocol

The common modeling of a virtual machine is using an information model to describe the physics of machines. The integration of digital twins into productive cyber-physical cloud manufacturing (CPCM) systems imposes strict requirements such as reducing overhead and saving resources for the systems. In this paper, we investigate a new method for building cloud-based digital twins (CBDT), which can be adapted to the CPCM platform. Our method helps reduce computing resources in the processing center and guarantees the fastest speed of the interactions between the human users and physical machines. We introduce a knowledge resource center (KRC) built on a cloud server for information intensive applications. An information model for one type of 3D printers is designed and integrated into the core of the KRC as a shared resource. Several experiments and results are provided to show the performance of the CBDT compared to traditional methods --Abstract, page iii

SAMADroid: A Novel 3-Level Hybrid Malware Detection Model for Android Operating System

© 2013 IEEE. For the last few years, Android is known to be the most widely used operating system and this rapidly increasing popularity has attracted the malware developer's attention. Android allows downloading and installation of apps from other unofficial market places. This gives malware developers an opportunity to put repackaged malicious applications in third-party app-stores and attack the Android devices. A large number of malware analysis and detection systems have been developed which uses static analysis, dynamic analysis, or hybrid analysis to keep Android devices secure from malware. However, the existing research clearly lags in detecting malware efficiently and accurately. For accurate malware detection, multilayer analysis is required which consumes large amount of hardware resources of resource constrained mobile devices. This research proposes an efficient and accurate solution to this problem, named SAMADroid, which is a novel 3-level hybrid malware detection model for Android operating systems. The research contribution includes multiple folds. First, many of the existing Android malware detection techniques are thoroughly investigated and categorized on the basis of their detection methods. Also, their benefits along with limitations are deduced. A novel 3-level hybrid malware detection model for Android operating systems is developed, that can provide high detection accuracy by combining the benefits of the three different levels: 1) Static and Dynamic Analysis; 2) Local and Remote Host; and 3) Machine Learning Intelligence. Experimental results show that SAMADroid achieves high malware detection accuracy by ensuring the efficiency in terms of power and storage consumption

SciTech News Volume 71, No. 1 (2017)

Columns and Reports From the Editor 3 Division News Science-Technology Division 5 Chemistry Division 8 Engineering Division Aerospace Section of the Engineering Division 9 Architecture, Building Engineering, Construction and Design Section of the Engineering Division 11 Reviews Sci-Tech Book News Reviews 12 Advertisements IEEE