4 research outputs found
Fast Sequence Component Analysis for Attack Detection in Synchrophasor Networks
Modern power systems have begun integrating synchrophasor technologies into
part of daily operations. Given the amount of solutions offered and the
maturity rate of application development it is not a matter of "if" but a
matter of "when" in regards to these technologies becoming ubiquitous in
control centers around the world. While the benefits are numerous, the
functionality of operator-level applications can easily be nullified by
injection of deceptive data signals disguised as genuine measurements. Such
deceptive action is a common precursor to nefarious, often malicious activity.
A correlation coefficient characterization and machine learning methodology are
proposed to detect and identify injection of spoofed data signals. The proposed
method utilizes statistical relationships intrinsic to power system parameters,
which are quantified and presented. Several spoofing schemes have been
developed to qualitatively and quantitatively demonstrate detection
capabilities.Comment: 8 pages, 4 figures, submitted to IEEE Transaction
Defending Against Adversarial Attacks in Transmission- and Distribution-level PMU Data
Phasor measurement units (PMUs) provide high-fidelity data that improve
situation awareness of electric power grid operations. PMU datastreams inform
wide-area state estimation, monitor area control error, and facilitate event
detection in real time. As PMU data become more available and increasingly
reliable, these devices are found in new roles within control systems, such as
remedial action schemes and early warning detection systems. As with other
cyber physical systems, maintaining data integrity and security pose a
significant challenge for power system operators. In this paper, we present a
comprehensive analysis of multiple machine learning techniques to detect
malicious data injection within PMU data streams. The two datasets used in this
study come from two PMU networks: an inter-university, research-grade
distribution network spanning three institutions in the U.S. Pacific Northwest,
and a utility transmission network from the Bonneville Power Administration. We
implement the detection algorithms with TensorFlow, an open-source software
library for machine learning, and the results demonstrate potential for
distributing the training workload and achieving higher performance, while
maintaining effectiveness in the detection of spoofed data.Comment: 9 pages, 2 figure
Undetectable Timing-Attack on Linear State-Estimation by Using Rank-1 Approximation
Smart-grid applications based on synchrophasor measurements have recently been shown to be vulnerable to timing attacks. A fundamental question is whether timing attacks could remain undetected by bad-data detection algorithms used in conjunction with state-of-the-art situational-awareness state estimators. In this paper, we analyze the detectability of timing attacks on linear state-estimation. We show that it is possible to forge delay attacks that are undetectable. We give a closed form for an undetectable attack; it imposes two phase offsets to two or more synchrophasor-based measurement units that can be translated to synchrophasors’ time delays. We also propose different methods for combining two-delays attacks to produce a larger impact. We simulate the attacks on a benchmark power- transmission grid, we show that they are successful and can lead to physical grid damage. To prove undetectability, we use classic bad-data detection techniques such as the largest normalized residual and the χ2-test
Improvement in the management of cryptographic keys in a HSM and proposal of an Outdoor Position Certification Authority
2017 - 2018The following doctoral thesis comprises two distinct sections, both describing a
specific applied research concerning the macro-theme of computer security. The
first section describes a proposal for the improvement and optimization of the
storage space required for the management of cryptographic keys within a
Hardware Security Module (HSM), whereas the second section outlines the
design of an Outdoor Position Certification Authority (OPCA), a distributed
client-server architecture aimed for the validation and certification of the
positioning of a mobile device.
A Hardware Security Module is a special device designed for cryptographic
operations and cryptographic keys management. The latter keys are stored into
the HSM and never exposed outside the device. All the operations carried out
through the keys are performed inside the HSM so the operations result is indeed
the only external outcome produced by the HSM. In order for the HSM to store
all the keys that have to be managed, plenty of storage space is required. The
biggest data centres, handling millions of cryptographic keys, need to host a
large number of HSMs. The related costs are proportional to the number of
HSMs used. These costs include: hardware, energy consumption, network
hosting, network speed, management, etc. In this thesis, there can be found two
methods to save the space useful for the storage of the keys in a HSM, so to
reduce the number of HSMs needed and all related costs. While reducing costs
on storage, expenses related to computation time will increase.
The outlined Outdoor Position Certification Authority represents the project
and design of a certification authority whose purpose is to certify the positioning
of a mobile device equipped with a GNSS (Global Navigation Satellite System)
receiver. In general, a GNSS receiver is capable of acquiring radio signals (lowlevel
data) and navigation messages (high-level data) in the outdoor
environments coming from different constellations of global/regional satellite
navigation systems and satellite-based augmentation system (SBAS). To date,
these data are not reliable from a security point of view, because they can be
easily forged by malicious attackers through specialized spoofing techniques.
An OPCA defines a client/server architecture through which a user can certify
his position by sending to one or more remote servers the geo-localization
information required for its verification. Once the truthfulness and reliability of
the data received have been verified, the OPCA will issue and then send to the
client a digitally signed document having legal force and certifying the position
of the user in a given moment. The use of this service will concern different and
multiple scenarios and the devices requiring it will extensively grow in number
thanks to the spread of the Internet of Things (IoT).
Here are some possible scenarios: remote digital signing of a document for users
located in a specific place; certification of the geographical position of a user in
a given moment; certification of geographical position related to the delivery of
valuable goods; certification of geographical position in case of critical events,
such as rescue operations, police actions, etc.
The first section of this thesis has been carried out based on two scientific
publications. The first one, entitled “Reducing Costs in HSM-Based Data
Centres”, is a conference publication presented during the “International
Conference on Green, Pervasive, and Cloud Computing 2017 (GPC 2017) at
Cetara (SA)”. This paper offers a first experimental evaluation of what will be
found in the next pages and referred to as “Enhanced HSM (EHSM)”. The
second paper is a journal version, published in the “Journal of High Speed
Networks (JHSN) - IOS Press”. In this publication, an alternative approach has
been illustrated in relation to the issue of space storage in the key management
of a HSM.
The second section of the thesis is based on an International Patent registered at
the European Patent Organization (EPO), its official number being EP
18724344.9, and on a related paper, being completed, entitled “Design of an
Outdoor Position Certification Authority”. [edited by author]XVII n.s. (XXXI ciclo