Observer-based Anomaly Diagnosis and Mitigation for Cyber-Physical Systems

Cyber-Physical Systems (CPS) seamlessly integrate computational devices, communication networks, and physical processes. The performance and functionality of many critical infrastructures such as power, traffic, and health-care networks and smart cities rely on advances in CPS. However, higher connectivity increases the vulnerability of CPS because it exposes them to threats from both the cyber domain and the physical domain. An attack or a fault within the cyber or physical domain can subsequently affect the cyber domain, the physical domain, or both, resulting in anomalies. An attack or a fault on CPS can have serious or even lethal consequences. Traditional anomaly diagnosis techniques mainly focus on cyber-to-cyber or physical-to-physical interactions. However, in practice they can often be subverted in the face of cross-domain attacks or faults. In summary, the safety and reliability of CPS become more and more crucial every day and existing techniques to diagnose or mitigate CPS attacks and faults are not sufficient to eliminate vulnerability. The motivation of this dissertation is to enhance anomaly diagnosis and mitigation for CPS, covering physical-to-physical and cyber-to-physical attacks or faults. With the advantage of dealing with system uncertainties and providing system state estimation, observer-based anomaly diagnosis is of great interest. The first task is to design a multiple observers framework to diagnose sensor anomalies for continuous systems. Since CPS contain both continuous and discrete variables, CPS are modeled as hybrid systems. Utilizing the relationship between the continuous and discrete variables, a conflict-driven hybrid observer-based anomaly detection method is proposed, which checks for conflicts between the continuous and discrete variables to detect anomalies. Lastly, the observer design for hybrid systems is improved to enable observer-based anomaly diagnosis for a wider class of hybrid systems. The novel observer-based anomaly diagnosis and mitigation approaches introduced in this dissertation can not only diagnose anomalies caused by traditional faults, but also anomalies caused by sophisticated attacks. This research work can benefit the overall security of critical infrastructures, preventing disastrous consequences and reducing economic loss. The effectiveness of the proposed approaches is demonstrated mathematically and illustrated through applications to various simulated systems, including a suspension system, the Positive Train Control system and a microgrid system.PHDMechanical EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/147576/1/zhengwa_1.pd

A Systematic Review of Smart City Infrastructure Threat Modelling Methodologies: A Bayesian Focused Review

Smart city infrastructure and the related theme of critical national infrastructure have attracted growing interest in recent years in academic literature, notably how cyber-security can be effectively applied within the environment, which involves using cyber-physical systems. These operate cross-domain and have massively improved functionality and complexity, especially in threat modelling cyber-security analysis—the disparity between current cyber-security proficiency and the requirements for an effective cyber-security systems implementation. Analysing risk across the entire analysed system can be associated with many different cyber security methods for overall cyber risk analysis or identifying vulnerability for individually modelled objects. One method for performing risk analysis proposed in the literature is by applying Bayesian-based threat modelling methodologies. This paper performs a systematic literature review of Bayesian networks and unique alternative methodologies for smart city infrastructure analysis and related critical national infrastructures. A comparative analysis of the different methodological approaches, considering the many intricacies, metrics, and methods behind them, with suggestions made for future research in the field of cyber-physical threat modelling for smart city infrastructure

Threat Scenarios and Monitoring Requirements for Cyber-Physical Systems of Flexibility Markets

The ongoing integration of renewable generation and distributed energy resources introduces new challenges to distribution network operation. Due to the increasing volatility and uncertainty, distribution system operators (DSOs) are seeking concepts to enable more active management and control. Flexibility markets (FMs) offer a platform for economically efficient trading of electricity flexibility between DSOs and other participants. The integration of cyber, physical and market domains of multiple participants makes FMs a system of cyber-physical systems (CPSs). While cross-domain integration sets the foundation for efficient deployment of flexibility, it introduces new physical and cyber vulnerabilities to participants. This work systematically formulates threat scenarios for the CPSs of FMs, revealing several remaining security challenges across all domains. Based on the threat scenarios, unresolved monitoring requirements for secure participation of DSOs in FMs are identified, providing the basis for future works that address these gaps with new technical concepts.Comment: Published in the proceedings of the 2022 IEEE PES Generation, Transmission and Distribution Conference and Exposition - Latin America (IEEE PES GTD Latin America

Bond graph modeling of critical infrastructures for cyber-physical security implementation

“In developed societies, there exists infrastructure vital to everyday life. This includes water and power systems. Technology is quickly evolving and being implemented on these utilities. This technology can range from smart metering in neighborhoods to volume sensors in local waste water treatment facilities. When networking, sensing, monitoring, or control devices are integrated with infrastructure it is considered a cyber physical system, or CPS. When information about an important physical system is connected to the virtual world, it is opened up to security risks. Cyber security can be provided to the CPS by monitoring the physical state of the system and detecting virtual attacks when unexpected changes occur. However, these systems mentioned cross multiple domains: electrical, mechanical, and hydraulic amongst others. This creates a challenge, as each domain has its own unique language, terminology, and topology. To combat this challenge, a universal representation of these systems is implemented through the use of bond graphs. Bond graphs take advantage of the commonalities found in all physical scientific domains. These similarities are found in the energy interactions throughout a given system, and bond graphs allow these relationships to be mapped graphically and mathematically. This unifying notation creates a clear picture of the energy movement throughout a physical system. Information about the unifying bond graph method is discussed, and previous work and examples are relayed. To demonstrate the use of bond graphs on a power system, a realistic microgrid model was converted into a bond graph, simulated, and validated”--Abstract, page iv

Securing the Participation of Safety-Critical SCADA Systems in the Industrial Internet of Things

In the past, industrial control systems were ‘air gapped’ and isolated from more conventional networks. They used specialist protocols, such as Modbus, that are very different from TCP/IP. Individual devices used proprietary operating systems rather than the more familiar Linux or Windows. However, things are changing. There is a move for greater connectivity – for instance so that higher-level enterprise management systems can exchange information that helps optimise production processes. At the same time, industrial systems have been influenced by concepts from the Internet of Things; where the information derived from sensors and actuators in domestic and industrial components can be addressed through network interfaces. This paper identifies a range of cyber security and safety concerns that arise from these developments. The closing sections introduce potential solutions and identify areas for future research