Improving System Reliability for Cyber-Physical Systems

Cyber-physical systems (CPS) are systems featuring a tight combination of, and coordination between, the system's computational and physical elements. Cyber-physical systems include systems ranging from critical infrastructure such as a power grid and transportation system to health and biomedical devices. System reliability, i.e., the ability of a system to perform its intended function under a given set of environmental and operational conditions for a given period of time, is a fundamental requirement of cyber-physical systems. An unreliable system often leads to disruption of service, financial cost and even loss of human life. An important and prevalent type of cyber-physical system meets the following criteria: processing large amounts of data; employing software as a system component; running online continuously; having operator-in-the-loop because of human judgment and an accountability requirement for safety critical systems. This thesis aims to improve system reliability for this type of cyber-physical system. To improve system reliability for this type of cyber-physical system, I present a system evaluation approach entitled automated online evaluation (AOE), which is a data-centric runtime monitoring and reliability evaluation approach that works in parallel with the cyber-physical system to conduct automated evaluation along the workflow of the system continuously using computational intelligence and self-tuning techniques and provide operator-in-the-loop feedback on reliability improvement. For example, abnormal input and output data at or between the multiple stages of the system can be detected and flagged through data quality analysis. As a result, alerts can be sent to the operator-in-the-loop. The operator can then take actions and make changes to the system based on the alerts in order to achieve minimal system downtime and increased system reliability. One technique used by the approach is data quality analysis using computational intelligence, which applies computational intelligence in evaluating data quality in an automated and efficient way in order to make sure the running system perform reliably as expected. Another technique used by the approach is self-tuning which automatically self-manages and self-configures the evaluation system to ensure that it adapts itself based on the changes in the system and feedback from the operator. To implement the proposed approach, I further present a system architecture called autonomic reliability improvement system (ARIS). This thesis investigates three hypotheses. First, I claim that the automated online evaluation empowered by data quality analysis using computational intelligence can effectively improve system reliability for cyber-physical systems in the domain of interest as indicated above. In order to prove this hypothesis, a prototype system needs to be developed and deployed in various cyber-physical systems while certain reliability metrics are required to measure the system reliability improvement quantitatively. Second, I claim that the self-tuning can effectively self-manage and self-configure the evaluation system based on the changes in the system and feedback from the operator-in-the-loop to improve system reliability. Third, I claim that the approach is efficient. It should not have a large impact on the overall system performance and introduce only minimal extra overhead to the cyberphysical system. Some performance metrics should be used to measure the efficiency and added overhead quantitatively. Additionally, in order to conduct efficient and cost-effective automated online evaluation for data-intensive CPS, which requires large volumes of data and devotes much of its processing time to I/O and data manipulation, this thesis presents COBRA, a cloud-based reliability assurance framework. COBRA provides automated multi-stage runtime reliability evaluation along the CPS workflow using data relocation services, a cloud data store, data quality analysis and process scheduling with self-tuning to achieve scalability, elasticity and efficiency. Finally, in order to provide a generic way to compare and benchmark system reliability for CPS and to extend the approach described above, this thesis presents FARE, a reliability benchmark framework that employs a CPS reliability model, a set of methods and metrics on evaluation environment selection, failure analysis, and reliability estimation. The main contributions of this thesis include validation of the above hypotheses and empirical studies of ARIS automated online evaluation system, COBRA cloud-based reliability assurance framework for data-intensive CPS, and FARE framework for benchmarking reliability of cyber-physical systems. This work has advanced the state of the art in the CPS reliability research, expanded the body of knowledge in this field, and provided some useful studies for further research

Critical infrastructure protection

Postgraduate seminar series with a title Critical Infrastructure Protection held at the Department of Military Technology of the National Defence University. This book is a collection of some of talks that were presented in the seminar. The papers address threat intelligence, a protection of critical supply chains, cyber security in the management of an electricity company, and privacy preserving data mining. This set of papers tries to give some insight to current issues of the critical infrastructure protection. The seminar has always made a publication of the papers but this has been an internal publication of the Finnish Defence Forces and has not hindered publication of the papers in international conferences. Publication of these papers in peer reviewed conferences has indeed been always the goal of the seminar, since it teaches writing conference level papers. We still hope that an internal publication in the department series is useful to the Finnish Defence Forces by offering an easy access to these papers

POWER DISTRIBUTION SYSTEM RELIABILITY AND RESILIENCY AGAINST EXTREME EVENTS

The objective of a power system is to provide electricity to its customers as economically as possible with an acceptable level of reliability while safeguarding the environment. Power system reliability has well-established quantitative metrics, regulatory standards, compliance incentives and jurisdictions of responsibilities. The increase in occurrence of extreme events like hurricane/tornadoes, floods, wildfires, storms, cyber-attacks etc. which are not considered in routine reliability evaluation has raised concern over the potential economic losses due to prolonged and large-scale power outages, and the overall sustainability and adaptability of power systems. This concern has motivated the utility planners, operators, and policy makers to acknowledge the importance of system resiliency against such events. However, power system resiliency evaluation is comparatively new, and lacks widely accepted standards, assessment methods and metrics. The thesis presents comparative review and analysis of power system resilience models, methodologies, and metrics in present literature and utility applications. It presents studies on two very different types of extreme events, (i) man-made and (ii) natural disaster, and analyzes their impacts on the resiliency of a distribution system. It draws conclusions on assessing and improving power system resiliency based on the impact of the extreme event, response from the distribution system, and effectiveness of the mitigating measures to tackle the extreme event. The advancement in technologies has seen an increasing integration of cyber and physical layer of the distribution system. The distribution system operators avails from the symbiotic relation of the cyber-physical layer, but the interdependency has also been its Achilles heel. The evolving infrastructure is being exposed to increase in cyber-attacks. It is of paramount importance to address the aforementioned issue by developing holistic approaches to comprehensibly upgrade the distribution system preventing huge financial loss and societal repercussions. The thesis models a type of cyber-attack using false data injection and evaluates its impact on the distribution system. It does so by developing a resilience assessment methodology accompanied by quantitative metrics. It also performs reliability evaluation to present the underlying principle and differences between reliability and resiliency. The thesis also introduces new indices to demonstrate the effectiveness of a bad-data detection strategy against such cyber-attacks. Extreme events like hurricane/tornadoes, floods, wildfires, storm, cyber-attack etc. are responsible for catastrophic damage to critical infrastructure and huge financial loss. Power distribution system is an important critical infrastructure driving the socio-economic growth of the country. High winds are one of the most common form of extreme events that are responsible for outages due to failure of poles, equipment damage etc. The thesis models effective extreme wind events with the help of fragility curves, and presents an analysis of their impacts on the distribution system. It also presents infrastructural and operational resiliency enhancement strategies and quantifies the effectiveness of the strategy with the metrics developed. It also demonstrates the dependency of resiliency of distribution system on the structural strength of transmission lines and presents measures to ensure the independency of the distribution system. The thesis presents effective resilience assessment methodology that can be valuable for distribution system utility planners, and operators to plan and ensure a resilient distribution system

Electronic security - risk mitigation in financial transactions : public policy issues

This paper builds on a previous series of papers (see Claessens, Glaessner, and Klingebiel, 2001, 2002) that identified electronic security as a key component to the delivery of electronic finance benefits. This paper and its technical annexes (available separately at http://www1.worldbank.org/finance/) identify and discuss seven key pillars necessary to fostering a secure electronic environment. Hence, it is intended for those formulating broad policies in the area of electronic security and those working with financial services providers (for example, executives and management). The detailed annexes of this paper are especially relevant for chief information and security officers responsible for establishing layered security. First, this paper provides definitions of electronic finance and electronic security and explains why these issues deserve attention. Next, it presents a picture of the burgeoning global electronic security industry. Then it develops a risk-management framework for understanding the risks and tradeoffs inherent in the electronic security infrastructure. It also provides examples of tradeoffs that may arise with respect to technological innovation, privacy, quality of service, and security in designing an electronic security policy framework. Finally, it outlines issues in seven interrelated areas that often need attention in building an adequate electronic security infrastructure. These are: 1) The legal framework and enforcement. 2) Electronic security of payment systems. 3) Supervision and prevention challenges. 4) The role of private insurance as an essential monitoring mechanism. 5) Certification, standards, and the role of the public and private sectors. 6) Improving the accuracy of information on electronic security incidents and creating better arrangements for sharing this information. 7) Improving overall education on these issues as a key to enhancing prevention.Knowledge Economy,Labor Policies,International Terrorism&Counterterrorism,Payment Systems&Infrastructure,Banks&Banking Reform,Education for the Knowledge Economy,Knowledge Economy,Banks&Banking Reform,International Terrorism&Counterterrorism,Governance Indicators