Quantitative dependability and interdependency models for large-scale cyber-physical systems

Cyber-physical systems link cyber infrastructure with physical processes through an integrated network of physical components, sensors, actuators, and computers that are interconnected by communication links. Modern critical infrastructures such as smart grids, intelligent water distribution networks, and intelligent transportation systems are prominent examples of cyber-physical systems. Developed countries are entirely reliant on these critical infrastructures, hence the need for rigorous assessment of the trustworthiness of these systems. The objective of this research is quantitative modeling of dependability attributes -- including reliability and survivability -- of cyber-physical systems, with domain-specific case studies on smart grids and intelligent water distribution networks. To this end, we make the following research contributions: i) quantifying, in terms of loss of reliability and survivability, the effect of introducing computing and communication technologies; and ii) identifying and quantifying interdependencies in cyber-physical systems and investigating their effect on fault propagation paths and degradation of dependability attributes. Our proposed approach relies on observation of system behavior in response to disruptive events. We utilize a Markovian technique to formalize a unified reliability model. For survivability evaluation, we capture temporal changes to a service index chosen to represent the extent of functionality retained. In modeling of interdependency, we apply correlation and causation analyses to identify links and use graph-theoretical metrics for quantifying them. The metrics and models we propose can be instrumental in guiding investments in fortification of and failure mitigation for critical infrastructures. To verify the success of our proposed approach in meeting these goals, we introduce a failure prediction tool capable of identifying system components that are prone to failure as a result of a specific disruptive event. Our prediction tool can enable timely preventative actions and mitigate the consequences of accidental failures and malicious attacks --Abstract, page iii

Cyber-Physical Power System (CPPS): A Review on Modelling, Simulation, and Analysis with Cyber Security Applications

Cyber-Physical System (CPS) is a new kind of digital technology that increases its attention across academia, government, and industry sectors and covers a wide range of applications like agriculture, energy, medical, transportation, etc. The traditional power systems with physical equipment as a core element are more integrated with information and communication technology, which evolves into the Cyber-Physical Power System (CPPS). The CPPS consists of a physical system tightly integrated with cyber systems (control, computing, and communication functions) and allows the two-way flows of electricity and information for enabling smart grid technologies. Even though the digital technologies monitoring and controlling the electric power grid more efficiently and reliably, the power grid is vulnerable to cybersecurity risk and involves the complex interdependency between cyber and physical systems. Analyzing and resolving the problems in CPPS needs the modelling methods and systematic investigation of a complex interaction between cyber and physical systems. The conventional way of modelling, simulation, and analysis involves the separation of physical domain and cyber domain, which is not suitable for the modern CPPS. Therefore, an integrated framework needed to analyze the practical scenario of the unification of physical and cyber systems. A comprehensive review of different modelling, simulation, and analysis methods and different types of cyber-attacks, cybersecurity measures for modern CPPS is explored in this paper. A review of different types of cyber-attack detection and mitigation control schemes for the practical power system is presented in this paper. The status of the research in CPPS around the world and a new path for recommendations and research directions for the researchers working in the CPPS are finally presented.publishedVersio

Introduction to the Selected Papers from ICCPS 2016

Since their inception more than a decade ago, terms such as “cyber-physical systems” (CPS) or “cooperating objects” have come to describe research and engineering efforts that tightly conjoin real-world physical processes and computing systems. The integration of physical processes and computing is not new; embedded computing systems have been in place for decades controlling physical processes. The revolution is steaming from the extensive networking of embedded computing devices and the holistic cyber-physical co-design that integrates sensing, actuation, computation, networking, and physical processes. Such systems pose many broad scientific and technical challenges, ranging from distributed programming paradigms to networking protocols, as well as systems theory that combines physical models and networked embedded systems. Notably, as the physical interactions imply that timing requirements are considered, real-time computing systems methodologies and technologies are also pivotal in many of those systems. Moreover, many of these systems are often safety-critical, and therefore it is fundamental to guarantee other nonfunctional properties (such as safety, security, and reliability), which often interplay among them and with timeliness requirements. CPS is a growing key strategic research, development, and innovation area, and it is becoming pivotal for boosting the development of the future generation of highly complex and automated computing systems, which will be pervasive in virtually all application domains. Notable examples are aeronautics, aerospace and defence systems, robotics, autonomous transportation systems, the Internet of Things, energy-aware and green computing, smart factory automation, smart grids, and advanced medical devices and applications. This special issue contains a selection of extended versions of the best papers presented at the Seventh ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS 2016), which was held with the Cyber-Physical Systems Week in Vienna, Austria, on 11–14 April 2016. This selection reflects effectively the growing pervasiveness of these systems in various applications domains. These papers excel at describing the diversity of methodologies used to design and verify various non-functional properties of these complex systems.info:eu-repo/semantics/publishedVersio

Survivability modeling for cyber-physical systems subject to data corruption

Cyber-physical critical infrastructures are created when traditional physical infrastructure is supplemented with advanced monitoring, control, computing, and communication capability. More intelligent decision support and improved efficacy, dependability, and security are expected. Quantitative models and evaluation methods are required for determining the extent to which a cyber-physical infrastructure improves on its physical predecessors. It is essential that these models reflect both cyber and physical aspects of operation and failure. In this dissertation, we propose quantitative models for dependability attributes, in particular, survivability, of cyber-physical systems. Any malfunction or security breach, whether cyber or physical, that causes the system operation to depart from specifications will affect these dependability attributes. Our focus is on data corruption, which compromises decision support -- the fundamental role played by cyber infrastructure. The first research contribution of this work is a Petri net model for information exchange in cyber-physical systems, which facilitates i) evaluation of the extent of data corruption at a given time, and ii) illuminates the service degradation caused by propagation of corrupt data through the cyber infrastructure. In the second research contribution, we propose metrics and an evaluation method for survivability, which captures the extent of functionality retained by a system after a disruptive event. We illustrate the application of our methods through case studies on smart grids, intelligent water distribution networks, and intelligent transportation systems. Data, cyber infrastructure, and intelligent control are part and parcel of nearly every critical infrastructure that underpins daily life in developed countries. Our work provides means for quantifying and predicting the service degradation caused when cyber infrastructure fails to serve its intended purpose. It can also serve as the foundation for efforts to fortify critical systems and mitigate inevitable failures --Abstract, page iii

Safety and Security through the Design of Autonomous Intelligent Vehicle Systems and Intelligent Infrastructure in the Smart City

Our article is discussing the methodical basics of planning smart mobility. Smart mobility is one the main elements of a smart system. According to the methodology presented in our article, transportation in a smart city can be developed in a safe form, focusing on two main elements: safety and security planning of smart mobility. Intelligent (transportation) infrastructures and autonomous intelligent vehicles will be integrated in a common system in order to achieve the digital transformation of the transportation system. The aim of this research is to examine questions raised in relation to the control and communication of autonomous vehicles and vehicle systems. The development of autonomous intelligent vehicles and vehicle systems is based on the further development of the cooperating intelligent transportation systems to achieve smart mobility. The research aims to find such methods and procedures which help the safety planning of increasingly complex cyber-physical systems and system elements used in autonomous intelligent vehicles and transport systems, in view of aspects of safety and operational risks

Privacy-Preserving Observation in Public Spaces

One method of privacy-preserving accounting or billing in cyber-physical systems, such as electronic toll collection or public transportation ticketing, is to have the user present an encrypted record of transactions and perform the accounting or billing computation securely on them. Honesty of the user is ensured by spot checking the record for some selected surveyed transactions. But how much privacy does that give the user, i.e. how many transactions need to be surveyed? It turns out that due to collusion in mass surveillance all transactions need to be observed, i.e. this method of spot checking provides no privacy at all. In this paper we present a cryptographic solution to the spot checking problem in cyber-physical systems. Users carry an authentication device that authenticates only based on fair random coins. The probability can be set high enough to allow for spot checking, but in all other cases privacy is perfectly preserved. We analyze our protocol for computational efficiency and show that it can be efficiently implemented even on plat- forms with limited computing resources, such as smart cards and smart phones

Heterogeneous Dynamic Spectrum Access in Cognitive Radio enabled Vehicular Networks Using Network Softwarization

Dynamic spectrum access (DSA) in cognitive radio networks (CRNs) is regarded as an emerging technology to solve the spectrum scarcity problem created by static spectrum allocation. In DSA, unlicensed users access idle channels opportunistically, without creating any harmful interference to licensed users. This method will also help to incorporate billions of wireless devices for different applications such as Internet-of-Things, cyber-physical systems, smart grids, etc. Vehicular networks for intelligent transportation cyber-physical systems is emerging concept to improve transportation security and reliability. IEEE 802.11p standard comprising of 7 channels is dedicated for vehicular communications. These channels could be highly congested and may not be able to provide reliable communications in urban areas. Thus, vehicular networks are expected to utilize heterogeneous wireless channels for reliable communications. In this thesis, real-time opportunistic spectrum access in cloud based cognitive radio network (ROAR) architecture is used for energy efficiency and dynamic spectrum access in vehicular networks where geolocation of vehicles is used to find idle channels. Furthermore, a three step mechanism to detect geolocation falsification attacks is presented. Performance is evaluated using simulation results