427 research outputs found
Proving Abstractions of Dynamical Systems through Numerical Simulations
A key question that arises in rigorous analysis of cyberphysical systems
under attack involves establishing whether or not the attacked system deviates
significantly from the ideal allowed behavior. This is the problem of deciding
whether or not the ideal system is an abstraction of the attacked system. A
quantitative variation of this question can capture how much the attacked
system deviates from the ideal. Thus, algorithms for deciding abstraction
relations can help measure the effect of attacks on cyberphysical systems and
to develop attack detection strategies. In this paper, we present a decision
procedure for proving that one nonlinear dynamical system is a quantitative
abstraction of another. Directly computing the reach sets of these nonlinear
systems are undecidable in general and reach set over-approximations do not
give a direct way for proving abstraction. Our procedure uses (possibly
inaccurate) numerical simulations and a model annotation to compute tight
approximations of the observable behaviors of the system and then uses these
approximations to decide on abstraction. We show that the procedure is sound
and that it is guaranteed to terminate under reasonable robustness assumptions
Measuring Security: A Challenge for the Generation
This paper presents an approach to measuring computer security understood as a system property, in the category of similar properties, such as safety, reliability, dependability, resilience, etc. First, a historical discussion of measurements is presented, beginning with views of Hermann von Helmholtz in his 19th century work “Zählen und Messen”. Then, contemporary approaches related to the principles of measuring software properties are discussed, with emphasis on statistical, physical and software models. A distinction between metrics and measures is made to clarify the concepts. A brief overview of inadequacies of methods and techniques to evaluate computer security is presented, followed by a proposal and discussion of a practical model to conduct experimental security measurements
In Pursuit of Aviation Cybersecurity: Experiences and Lessons From a Competitive Approach
The passive and independent localization of aircraft has been the subject of much cyberphysical security research. We designed a multistage open competition focusing on the offline batch localization problem using opportunistic data sources. We discuss setup, results, and lessons learned
Cyberphysical network for crop monitoring and fertigation control
Mestrado de dupla diplomação com a UTFPR - Universidade Tecnológica Federal do ParanáFertigation is a cultivation technique that uses the precise application of nutrient solutions
according to the requirements of the plant, environmental conditions and substrate. The
use of this technique has become popular due to the advantages promoted, which include
the reduction of fertilizers, phytopharmaceuticals and water consumption. However, this
performance is achieved at the expense of rigorous monitoring and regulation of factors
such as nutrient solutions, environmental conditions and the vegetative state of the crop.
This work describes the architecture of a network based on agents and cyberphysical
elements that will be implemented in a strawberry production unit by fertigation. The
system must be responsible for the correct supply of water and agricultural inputs based
on local information provided by sets of sensors.
Each set of sensors, called a measurement node, is responsible for acquiring information
around a given location. The communication of this information is carried out through a
wireless network based on the LoRa protocol to a digital platform where the information
from all nodes, together with meteorological data, is aggregated and processed.
The result of processing this information will lead to the definition of the exact amount
of nutrient solution as well as the optimization of the use of water leading to an increase
in production efficiency.A fertirrigação é uma técnica de cultivo que recorre à aplicação precisa de soluções nutritivas
de acordo com os requisitos da planta, condições ambientais e de substrato. A
utilização desta técnica tem-se popularizado devido às vantagens promovidas onde se
destacam a redução de fertilizantes, fitofármacos e consumo de água. No entanto, este
desempenho é conseguido à custa de um rigoroso monitoramento e regulação de fatores
tais como soluções nutritivas, condições ambientais e estado vegetativo da cultura.
Este trabalho descreve a arquitetura de uma rede baseada em agentes e elementos
ciberfísicos que serão implementados em uma unidade de produção de morango por fertirrigação.
O sistema deve ser responsável pelo fornecimento correto de água e insumos
agrícolas tendo por base informações locais fornecidas por conjuntos de sensores.
Cada conjunto de sensores, chamado de nó de medida, é responsável pela aquisição
da informação em torno de um determinado local. A comunicação destas informações é
realizada através de uma rede sem fio baseada no protocolo LoRa até uma plataforma
digital onde a informação provinda de todos os nós, juntamente com dados meteorológicos,
é agregada e processada.
O resultado do processamento desta informação levará à definição da quantidade exata
de solução nutritiva bem como a otimização da utilização da água levando a um aumento
da eficiência de produção
SYNERGY OF BUILDING CYBERSECURITY SYSTEMS
The development of the modern world community is closely related to advances in computing resources and cyberspace. The formation and expansion of the range of services is based on the achievements of mankind in the field of high technologies. However, the rapid growth of computing resources, the emergence of a full-scale quantum computer tightens the requirements for security systems not only for information and communication systems, but also for cyber-physical systems and technologies.
The methodological foundations of building security systems for critical infrastructure facilities based on modeling the processes of behavior of antagonistic agents in security systems are discussed in the first chapter.
The concept of information security in social networks, based on mathematical models of data protection, taking into account the influence of specific parameters of the social network, the effects on the network are proposed in second chapter.
The nonlinear relationships of the parameters of the defense system, attacks, social networks, as well as the influence of individual characteristics of users and the nature of the relationships between them, takes into account.
In the third section, practical aspects of the methodology for constructing post-quantum algorithms for asymmetric McEliece and Niederreiter cryptosystems on algebraic codes (elliptic and modified elliptic codes), their mathematical models and practical algorithms are considered. Hybrid crypto-code constructions of McEliece and Niederreiter on defective codes are proposed. They can significantly reduce the energy costs for implementation, while ensuring the required level of cryptographic strength of the system as a whole. The concept of security of corporate information and educational systems based on the construction of an adaptive information security system is proposed.
ISBN 978-617-7319-31-2 (on-line)ISBN 978-617-7319-32-9 (print)
------------------------------------------------------------------------------------------------------------------
How to Cite: Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O., Korol, O., Milevskyi, S. et. al.; Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O. (Eds.) (2021). Synergy of building cybersecurity systems. Kharkiv: РС ТЕСHNOLOGY СЕNTЕR, 188. doi: http://doi.org/10.15587/978-617-7319-31-2
------------------------------------------------------------------------------------------------------------------
Indexing:
Розвиток сучасної світової спільноти тісно пов’язаний з досягненнями в області обчислювальних ресурсів і кіберпростору. Формування та розширення асортименту послуг базується на досягненнях людства у галузі високих технологій. Однак стрімке зростання обчислювальних ресурсів, поява повномасштабного квантового комп’ютера посилює вимоги до систем безпеки не тільки інформаційно-комунікаційних, але і до кіберфізичних систем і технологій.
У першому розділі обговорюються методологічні основи побудови систем безпеки для об'єктів критичної інфраструктури на основі моделювання процесів поведінки антагоністичних агентів у систем безпеки.
У другому розділі пропонується концепція інформаційної безпеки в соціальних мережах, яка заснована на математичних моделях захисту даних, з урахуванням впливу конкретних параметрів соціальної мережі та наслідків для неї.
Враховуються нелінійні взаємозв'язки параметрів системи захисту, атак, соціальних мереж, а також вплив індивідуальних характеристик користувачів і характеру взаємовідносин між ними.
У третьому розділі розглядаються практичні аспекти методології побудови постквантових алгоритмів для асиметричних криптосистем Мак-Еліса та Нідеррейтера на алгебраїчних кодах (еліптичних та модифікованих еліптичних кодах), їх математичні моделі та практичні алгоритми. Запропоновано гібридні конструкції криптокоду Мак-Еліса та Нідеррейтера на дефектних кодах. Вони дозволяють істотно знизити енергетичні витрати на реалізацію, забезпечуючи при цьому необхідний рівень криптографічної стійкості системи в цілому. Запропоновано концепцію безпеки корпоративних інформаційних та освітніх систем, які засновані на побудові адаптивної системи захисту інформації.
ISBN 978-617-7319-31-2 (on-line)ISBN 978-617-7319-32-9 (print)
------------------------------------------------------------------------------------------------------------------
Як цитувати: Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O., Korol, O., Milevskyi, S. et. al.; Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O. (Eds.) (2021). Synergy of building cybersecurity systems. Kharkiv: РС ТЕСHNOLOGY СЕNTЕR, 188. doi: http://doi.org/10.15587/978-617-7319-31-2
------------------------------------------------------------------------------------------------------------------
Індексація:
 
Centralized Versus Decentralized Detection of Attacks in Stochastic Interconnected Systems
We consider a security problem for interconnected systems governed by linear,
discrete, time-invariant, stochastic dynamics, where the objective is to detect
exogenous attacks by processing the measurements at different locations. We
consider two classes of detectors, namely centralized and decentralized
detectors, which differ primarily in their knowledge of the system model. In
particular, a decentralized detector has a model of the dynamics of the
isolated subsystems, but is unaware of the interconnection signals that are
exchanged among subsystems. Instead, a centralized detector has a model of the
entire dynamical system. We characterize the performance of the two detectors
and show that, depending on the system and attack parameters, each of the
detectors can outperform the other. In particular, it may be possible for the
decentralized detector to outperform its centralized counterpart, despite
having less information about the system dynamics, and this surprising property
is due to the nature of the considered attack detection problem. To complement
our results on the detection of attacks, we propose and solve an optimization
problem to design attacks that maximally degrade the system performance while
maintaining a pre-specified degree of detectability. Finally, we validate our
findings via numerical studies on an electric power system.Comment: Submitted to IEEE Transactions on Automatic Control (TAC
Techniques for automated parameter estimation in computational models of probabilistic systems
The main contribution of this dissertation is the design of two new algorithms for automatically synthesizing values of numerical parameters of computational models of complex stochastic systems such that the resultant model meets user-specified behavioral specifications. These algorithms are designed to operate on probabilistic systems – systems that, in general, behave differently under identical conditions. The algorithms work using an approach that combines formal verification and mathematical optimization to explore a model\u27s parameter space. The problem of determining whether a model instantiated with a given set of parameter values satisfies the desired specification is first defined using formal verification terminology, and then reformulated in terms of statistical hypothesis testing. Parameter space exploration involves determining the outcome of the hypothesis testing query for each parameter point and is guided using simulated annealing. The first algorithm uses the sequential probability ratio test (SPRT) to solve the hypothesis testing problems, whereas the second algorithm uses an approach based on Bayesian statistical model checking (BSMC). The SPRT-based parameter synthesis algorithm was used to validate that a given model of glucose-insulin metabolism has the capability of representing diabetic behavior by synthesizing values of three parameters that ensure that the glucose-insulin subsystem spends at least 20 minutes in a diabetic scenario. The BSMC-based algorithm was used to discover the values of parameters in a physiological model of the acute inflammatory response that guarantee a set of desired clinical outcomes. These two applications demonstrate how our algorithms use formal verification, statistical hypothesis testing and mathematical optimization to automatically synthesize parameters of complex probabilistic models in order to meet user-specified behavioral propertie
- …