4,009 research outputs found
Optimal Attack against Cyber-Physical Control Systems with Reactive Attack Mitigation
This paper studies the performance and resilience of a cyber-physical control
system (CPCS) with attack detection and reactive attack mitigation. It
addresses the problem of deriving an optimal sequence of false data injection
attacks that maximizes the state estimation error of the system. The results
provide basic understanding about the limit of the attack impact. The design of
the optimal attack is based on a Markov decision process (MDP) formulation,
which is solved efficiently using the value iteration method. Using the
proposed framework, we quantify the effect of false positives and
mis-detections on the system performance, which can help the joint design of
the attack detection and mitigation. To demonstrate the use of the proposed
framework in a real-world CPCS, we consider the voltage control system of power
grids, and run extensive simulations using PowerWorld, a high-fidelity power
system simulator, to validate our analysis. The results show that by carefully
designing the attack sequence using our proposed approach, the attacker can
cause a large deviation of the bus voltages from the desired setpoint. Further,
the results verify the optimality of the derived attack sequence and show that,
to cause maximum impact, the attacker must carefully craft his attack to strike
a balance between the attack magnitude and stealthiness, due to the
simultaneous presence of attack detection and mitigation
Coexistence of continuous variable QKD with intense DWDM classical channels
We demonstrate experimentally the feasibility of continuous variable quantum
key distribution (CV-QKD) in dense-wavelength-division multiplexing networks
(DWDM), where QKD will typically have to coexist with several co- propagating
(forward or backward) C-band classical channels whose launch power is around
0dBm. We have conducted experimental tests of the coexistence of CV-QKD
multiplexed with an intense classical channel, for different input powers and
different DWDM wavelengths. Over a 25km fiber, a CV-QKD operated over the
1530.12nm channel can tolerate the noise arising from up to 11.5dBm classical
channel at 1550.12nm in forward direction (9.7dBm in backward). A positive key
rate (0.49kb/s) can be obtained at 75km with classical channel power of
respectively -3dBm and -9dBm in forward and backward. Based on these
measurements, we have also simulated the excess noise and optimized channel
allocation for the integration of CV-QKD in some access networks. We have, for
example, shown that CV-QKD could coexist with 5 pairs of channels (with nominal
input powers: 2dBm forward and 1dBm backward) over a 25km WDM-PON network. The
obtained results demonstrate the outstanding capacity of CV-QKD to coexist with
classical signals of realistic intensity in optical networks.Comment: 19 pages, 9 figures. Revised version, to appear in New Journal of
Physic
On the Control of Microgrids Against Cyber-Attacks: A Review of Methods and Applications
Nowadays, the use of renewable generations, energy storage systems (ESSs) and microgrids (MGs) has been developed due to better controllability of distributed energy resources (DERs) as well as their cost-effective and emission-aware operation. The development of MGs as well as the use of hierarchical control has led to data transmission in the communication platform. As a result, the expansion of communication infrastructure has made MGs as cyber-physical systems (CPSs) vulnerable to cyber-attacks (CAs). Accordingly, prevention, detection and isolation of CAs during proper control of MGs is essential. In this paper, a comprehensive review on the control strategies of microgrids against CAs and its defense mechanisms has been done. The general structure of the paper is as follows: firstly, MGs operational conditions, i.e., the secure or insecure mode of the physical and cyber layers are investigated and the appropriate control to return to a safer mode are presented. Then, the common MGs communication system is described which is generally used for multi-agent systems (MASs). Also, classification of CAs in MGs has been reviewed. Afterwards, a comprehensive survey of available researches in the field of prevention, detection and isolation of CA and MG control against CA are summarized. Finally, future trends in this context are clarified
Enhanching Security in the Future Cyber Physical Systems
Cyber Physical System (CPS) is a system where cyber and physical components work in a complex co-ordination to provide better performance. By exploiting the communication infrastructure among the sensors, actuators, and control systems, attackers may compromise the security of a CPS. In this dissertation, security measures for different types of attacks/ faults in two CPSs, water supply system (WSS) and smart grid system, are presented. In this context, I also present my study on energy management in Smart Grid. The techniques for detecting attacks/faults in both WSS and Smart grid system adopt Kalman Filter (KF) and χ2 detector. The χ2 -detector can detect myriad of system fault- s/attacks such as Denial of Service (DoS) attack, short term and long term random attacks. However, the study shows that the χ2 -detector is unable to detect the intelligent False Data Injection attack (FDI). To overcome this limitation, I present a Euclidean detector for smart grid which can effectively detect such injection attacks. Along with detecting attack/faults I also present the isolation of the attacked/faulty nodes for smart grid. For isolation the Gen- eralized Observer Scheme (GOS) implementing Kalman Filter is used. As GOS is effective in isolating attacks/faults on a single sensor, it is unable to isolate simultaneous attacks/faults on multiple sensors. To address this issue, an Iterative Observer Scheme (IOS) is presented which is able to detect attack on multiple sensors. Since network is an integral part of the future CPSs, I also present a scheme for pre- serving privacy in the future Internet architecture, namely MobilityFirst architecture. The proposed scheme, called Anonymity in MobilityFirst (AMF), utilizes the three-tiered ap- proach to effectively exploit the inherent properties of MF Network such as Globally Unique Flat Identifier (GUID) and Global Name Resolution Service (GNRS) to provide anonymity to the users. While employing new proposed schemes in exchanging of keys between different tiers of routers to alleviate trust issues, the proposed scheme uses multiple routers in each tier to avoid collaboration amongst the routers in the three tiers to expose the end users
Comparing Kalman Filters and Observers for Power System Dynamic State Estimation with Model Uncertainty and Malicious Cyber Attacks
Kalman filters and observers are two main classes of dynamic state estimation
(DSE) routines. Power system DSE has been implemented by various Kalman
filters, such as the extended Kalman filter (EKF) and the unscented Kalman
filter (UKF). In this paper, we discuss two challenges for an effective power
system DSE: (a) model uncertainty and (b) potential cyber attacks. To address
this, the cubature Kalman filter (CKF) and a nonlinear observer are introduced
and implemented. Various Kalman filters and the observer are then tested on the
16-machine, 68-bus system given realistic scenarios under model uncertainty and
different types of cyber attacks against synchrophasor measurements. It is
shown that CKF and the observer are more robust to model uncertainty and cyber
attacks than their counterparts. Based on the tests, a thorough qualitative
comparison is also performed for Kalman filter routines and observers.Comment: arXiv admin note: text overlap with arXiv:1508.0725
- …