Optimal Attack against Cyber-Physical Control Systems with Reactive Attack Mitigation

This paper studies the performance and resilience of a cyber-physical control system (CPCS) with attack detection and reactive attack mitigation. It addresses the problem of deriving an optimal sequence of false data injection attacks that maximizes the state estimation error of the system. The results provide basic understanding about the limit of the attack impact. The design of the optimal attack is based on a Markov decision process (MDP) formulation, which is solved efficiently using the value iteration method. Using the proposed framework, we quantify the effect of false positives and mis-detections on the system performance, which can help the joint design of the attack detection and mitigation. To demonstrate the use of the proposed framework in a real-world CPCS, we consider the voltage control system of power grids, and run extensive simulations using PowerWorld, a high-fidelity power system simulator, to validate our analysis. The results show that by carefully designing the attack sequence using our proposed approach, the attacker can cause a large deviation of the bus voltages from the desired setpoint. Further, the results verify the optimality of the derived attack sequence and show that, to cause maximum impact, the attacker must carefully craft his attack to strike a balance between the attack magnitude and stealthiness, due to the simultaneous presence of attack detection and mitigation

Coexistence of continuous variable QKD with intense DWDM classical channels

We demonstrate experimentally the feasibility of continuous variable quantum key distribution (CV-QKD) in dense-wavelength-division multiplexing networks (DWDM), where QKD will typically have to coexist with several co- propagating (forward or backward) C-band classical channels whose launch power is around 0dBm. We have conducted experimental tests of the coexistence of CV-QKD multiplexed with an intense classical channel, for different input powers and different DWDM wavelengths. Over a 25km fiber, a CV-QKD operated over the 1530.12nm channel can tolerate the noise arising from up to 11.5dBm classical channel at 1550.12nm in forward direction (9.7dBm in backward). A positive key rate (0.49kb/s) can be obtained at 75km with classical channel power of respectively -3dBm and -9dBm in forward and backward. Based on these measurements, we have also simulated the excess noise and optimized channel allocation for the integration of CV-QKD in some access networks. We have, for example, shown that CV-QKD could coexist with 5 pairs of channels (with nominal input powers: 2dBm forward and 1dBm backward) over a 25km WDM-PON network. The obtained results demonstrate the outstanding capacity of CV-QKD to coexist with classical signals of realistic intensity in optical networks.Comment: 19 pages, 9 figures. Revised version, to appear in New Journal of Physic

On the Control of Microgrids Against Cyber-Attacks: A Review of Methods and Applications

Nowadays, the use of renewable generations, energy storage systems (ESSs) and microgrids (MGs) has been developed due to better controllability of distributed energy resources (DERs) as well as their cost-effective and emission-aware operation. The development of MGs as well as the use of hierarchical control has led to data transmission in the communication platform. As a result, the expansion of communication infrastructure has made MGs as cyber-physical systems (CPSs) vulnerable to cyber-attacks (CAs). Accordingly, prevention, detection and isolation of CAs during proper control of MGs is essential. In this paper, a comprehensive review on the control strategies of microgrids against CAs and its defense mechanisms has been done. The general structure of the paper is as follows: firstly, MGs operational conditions, i.e., the secure or insecure mode of the physical and cyber layers are investigated and the appropriate control to return to a safer mode are presented. Then, the common MGs communication system is described which is generally used for multi-agent systems (MASs). Also, classification of CAs in MGs has been reviewed. Afterwards, a comprehensive survey of available researches in the field of prevention, detection and isolation of CA and MG control against CA are summarized. Finally, future trends in this context are clarified

Enhanching Security in the Future Cyber Physical Systems

Cyber Physical System (CPS) is a system where cyber and physical components work in a complex co-ordination to provide better performance. By exploiting the communication infrastructure among the sensors, actuators, and control systems, attackers may compromise the security of a CPS. In this dissertation, security measures for different types of attacks/ faults in two CPSs, water supply system (WSS) and smart grid system, are presented. In this context, I also present my study on energy management in Smart Grid. The techniques for detecting attacks/faults in both WSS and Smart grid system adopt Kalman Filter (KF) and χ2 detector. The χ2 -detector can detect myriad of system fault- s/attacks such as Denial of Service (DoS) attack, short term and long term random attacks. However, the study shows that the χ2 -detector is unable to detect the intelligent False Data Injection attack (FDI). To overcome this limitation, I present a Euclidean detector for smart grid which can effectively detect such injection attacks. Along with detecting attack/faults I also present the isolation of the attacked/faulty nodes for smart grid. For isolation the Gen- eralized Observer Scheme (GOS) implementing Kalman Filter is used. As GOS is effective in isolating attacks/faults on a single sensor, it is unable to isolate simultaneous attacks/faults on multiple sensors. To address this issue, an Iterative Observer Scheme (IOS) is presented which is able to detect attack on multiple sensors. Since network is an integral part of the future CPSs, I also present a scheme for pre- serving privacy in the future Internet architecture, namely MobilityFirst architecture. The proposed scheme, called Anonymity in MobilityFirst (AMF), utilizes the three-tiered ap- proach to effectively exploit the inherent properties of MF Network such as Globally Unique Flat Identifier (GUID) and Global Name Resolution Service (GNRS) to provide anonymity to the users. While employing new proposed schemes in exchanging of keys between different tiers of routers to alleviate trust issues, the proposed scheme uses multiple routers in each tier to avoid collaboration amongst the routers in the three tiers to expose the end users

Comparing Kalman Filters and Observers for Power System Dynamic State Estimation with Model Uncertainty and Malicious Cyber Attacks

Kalman filters and observers are two main classes of dynamic state estimation (DSE) routines. Power system DSE has been implemented by various Kalman filters, such as the extended Kalman filter (EKF) and the unscented Kalman filter (UKF). In this paper, we discuss two challenges for an effective power system DSE: (a) model uncertainty and (b) potential cyber attacks. To address this, the cubature Kalman filter (CKF) and a nonlinear observer are introduced and implemented. Various Kalman filters and the observer are then tested on the 16-machine, 68-bus system given realistic scenarios under model uncertainty and different types of cyber attacks against synchrophasor measurements. It is shown that CKF and the observer are more robust to model uncertainty and cyber attacks than their counterparts. Based on the tests, a thorough qualitative comparison is also performed for Kalman filter routines and observers.Comment: arXiv admin note: text overlap with arXiv:1508.0725