38,618 research outputs found
Observer-based Anomaly Diagnosis and Mitigation for Cyber-Physical Systems
Cyber-Physical Systems (CPS) seamlessly integrate computational devices, communication networks, and physical processes. The performance and functionality of many critical infrastructures such as power, traffic, and health-care networks and smart cities rely on advances in CPS. However, higher connectivity increases the vulnerability of CPS because it exposes them to threats from both the cyber domain and the physical domain. An attack or a fault within the cyber or physical domain can subsequently affect the cyber domain, the physical domain, or both, resulting in anomalies. An attack or a fault on CPS can have serious or even lethal consequences. Traditional anomaly diagnosis techniques mainly focus on cyber-to-cyber or physical-to-physical interactions. However, in practice they can often be subverted in the face of cross-domain attacks or faults. In summary, the safety and reliability of CPS become more and more crucial every day and existing techniques to diagnose or mitigate CPS attacks and faults are not sufficient to eliminate vulnerability.
The motivation of this dissertation is to enhance anomaly diagnosis and mitigation for CPS, covering physical-to-physical and cyber-to-physical attacks or faults. With the advantage of dealing with system uncertainties and providing system state estimation, observer-based anomaly diagnosis is of great interest. The first task is to design a multiple observers framework to diagnose sensor anomalies for continuous systems. Since CPS contain both continuous and discrete variables, CPS are modeled as hybrid systems. Utilizing the relationship between the continuous and discrete variables, a conflict-driven hybrid observer-based anomaly detection method is proposed, which checks for conflicts between the continuous and discrete variables to detect anomalies. Lastly, the observer design for hybrid systems is improved to enable observer-based anomaly diagnosis for a wider class of hybrid systems.
The novel observer-based anomaly diagnosis and mitigation approaches introduced in this dissertation can not only diagnose anomalies caused by traditional faults, but also anomalies caused by sophisticated attacks. This research work can benefit the overall security of critical infrastructures, preventing disastrous consequences and reducing economic loss. The effectiveness of the proposed approaches is demonstrated mathematically and illustrated through applications to various simulated systems, including a suspension system, the Positive Train Control system and a microgrid system.PHDMechanical EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/147576/1/zhengwa_1.pd
A Systematic Review of Smart City Infrastructure Threat Modelling Methodologies: A Bayesian Focused Review
Smart city infrastructure and the related theme of critical national infrastructure have attracted growing interest in recent years in academic literature, notably how cyber-security can be effectively applied within the environment, which involves using cyber-physical systems. These operate cross-domain and have massively improved functionality and complexity, especially in threat modelling cyber-security analysisâthe disparity between current cyber-security proficiency and the requirements for an effective cyber-security systems implementation. Analysing risk across the entire analysed system can be associated with many different cyber security methods for overall cyber risk analysis or identifying vulnerability for individually modelled objects. One method for performing risk analysis proposed in the literature is by applying Bayesian-based threat modelling methodologies. This paper performs a systematic literature review of Bayesian networks and unique alternative methodologies for smart city infrastructure analysis and related critical national infrastructures. A comparative analysis of the different methodological approaches, considering the many intricacies, metrics, and methods behind them, with suggestions made for future research in the field of cyber-physical threat modelling for smart city infrastructure
Threat Scenarios and Monitoring Requirements for Cyber-Physical Systems of Flexibility Markets
The ongoing integration of renewable generation and distributed energy
resources introduces new challenges to distribution network operation. Due to
the increasing volatility and uncertainty, distribution system operators (DSOs)
are seeking concepts to enable more active management and control. Flexibility
markets (FMs) offer a platform for economically efficient trading of
electricity flexibility between DSOs and other participants. The integration of
cyber, physical and market domains of multiple participants makes FMs a system
of cyber-physical systems (CPSs). While cross-domain integration sets the
foundation for efficient deployment of flexibility, it introduces new physical
and cyber vulnerabilities to participants. This work systematically formulates
threat scenarios for the CPSs of FMs, revealing several remaining security
challenges across all domains. Based on the threat scenarios, unresolved
monitoring requirements for secure participation of DSOs in FMs are identified,
providing the basis for future works that address these gaps with new technical
concepts.Comment: Published in the proceedings of the 2022 IEEE PES Generation,
Transmission and Distribution Conference and Exposition - Latin America (IEEE
PES GTD Latin America
Bond graph modeling of critical infrastructures for cyber-physical security implementation
âIn developed societies, there exists infrastructure vital to everyday life. This includes water and power systems. Technology is quickly evolving and being implemented on these utilities. This technology can range from smart metering in neighborhoods to volume sensors in local waste water treatment facilities. When networking, sensing, monitoring, or control devices are integrated with infrastructure it is considered a cyber physical system, or CPS. When information about an important physical system is connected to the virtual world, it is opened up to security risks. Cyber security can be provided to the CPS by monitoring the physical state of the system and detecting virtual attacks when unexpected changes occur. However, these systems mentioned cross multiple domains: electrical, mechanical, and hydraulic amongst others. This creates a challenge, as each domain has its own unique language, terminology, and topology. To combat this challenge, a universal representation of these systems is implemented through the use of bond graphs. Bond graphs take advantage of the commonalities found in all physical scientific domains. These similarities are found in the energy interactions throughout a given system, and bond graphs allow these relationships to be mapped graphically and mathematically. This unifying notation creates a clear picture of the energy movement throughout a physical system.
Information about the unifying bond graph method is discussed, and previous work and examples are relayed. To demonstrate the use of bond graphs on a power system, a realistic microgrid model was converted into a bond graph, simulated, and validatedâ--Abstract, page iv
Securing the Participation of Safety-Critical SCADA Systems in the Industrial Internet of Things
In the past, industrial control systems were âair gappedâ and
isolated from more conventional networks. They used
specialist protocols, such as Modbus, that are very different
from TCP/IP. Individual devices used proprietary operating
systems rather than the more familiar Linux or Windows.
However, things are changing. There is a move for greater
connectivity â for instance so that higher-level enterprise
management systems can exchange information that helps
optimise production processes. At the same time, industrial
systems have been influenced by concepts from the Internet
of Things; where the information derived from sensors and
actuators in domestic and industrial components can be
addressed through network interfaces. This paper identifies a
range of cyber security and safety concerns that arise from
these developments. The closing sections introduce potential
solutions and identify areas for future research
- âŠ