The Internet of Things Connectivity Binge: What are the Implications?

Despite wide concern about cyberattacks, outages and privacy violations, most experts believe the Internet of Things will continue to expand successfully the next few years, tying machines to machines and linking people to valuable resources, services and opportunities

A framework for proving the self-organization of dynamic systems

This paper aims at providing a rigorous definition of self- organization, one of the most desired properties for dynamic systems (e.g., peer-to-peer systems, sensor networks, cooperative robotics, or ad-hoc networks). We characterize different classes of self-organization through liveness and safety properties that both capture information re- garding the system entropy. We illustrate these classes through study cases. The first ones are two representative P2P overlays (CAN and Pas- try) and the others are specific implementations of \Omega (the leader oracle) and one-shot query abstractions for dynamic settings. Our study aims at understanding the limits and respective power of existing self-organized protocols and lays the basis of designing robust algorithm for dynamic systems

A Framework for Incident Detection and notification in Vehicular Ad-Hoc Networks

The US Department of Transportation (US-DOT) estimates that over half of all congestion events are caused by highway incidents rather than by rush-hour traffic in big cities. The US-DOT also notes that in a single year, congested highways due to traffic incidents cost over $75 billion in lost worker productivity and over 8.4 billion gallons of fuel. Further, the National Highway Traffic Safety Administration (NHTSA) indicates that congested roads are one of the leading causes of traffic accidents, and in 2005 an average of 119 persons died each day in motor vehicle accidents. Recently, Vehicular Ad-hoc Networks (VANET) employing a combination of Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) wireless communication have been proposed to alert drivers to traffic events including accidents, lane closures, slowdowns, and other traffic-safety issues. In this thesis, we propose a novel framework for incident detection and notification dissemination in VANETs. This framework consists of three main components: a system architecture, a traffic incident detection engine and a notification dissemination mechanism. The basic idea of our framework is to collect and aggregate traffic-related data from passing cars and to use the aggregated information to detect traffic anomalies. Finally, the suitably filtered aggregated information is disseminated to alert drivers about traffic delays and incidents. The first contribution of this thesis is an architecture for the notification of traffic incidents, NOTICE for short. In NOTICE, sensor belts are embedded in the road at regular intervals, every mile or so. Each belt consists of a collection of pressure sensors, a simple aggregation and fusion engine, and a few small transceivers. The pressure sensors in each belt allow every message to be associated with a physical vehicle passing over that belt. Thus, no one vehicle can pretend to be multiple vehicles and then, is no need for an ID to be assigned to vehicles. Vehicles in NOTICE are fitted with a tamper-resistant Event Data Recorder (EDR), very much like the well-known black-boxes onboard commercial aircraft. EDRs are responsible for storing vehicles behavior between belts such as acceleration, deceleration and lane changes. Importantly, drivers can provide input to the EDR, using a simple menu, either through a dashboard console or through verbal input. The second contribution of this thesis is to develop incident detection techniques that use the information provided by cars in detecting possible incidents and traffic anomalies using intelligent inference techniques. For this purpose, we developed deterministic and probabilistic techniques to detect both blocking incidents, accidents for examples, as well as non-blocking ones such as potholes. To the best of our knowledge, our probabilistic technique is the first VANET based automatic incident detection technique that is capable of detecting both blocking and non blocking incidents. Our third contribution is to provide an analysis for vehicular traffic proving that VANETs tend to be disconnected in many highway scenarios, consisting of a collection of disjoint clusters. We also provide an analytical way to compute the expected cluster size and we show that clusters are quite stable over time. To the best of our knowledge, we are the first in the VANET community to prove analytically that disconnection is the norm rather than the exceptions in VANETs. Our fourth contribution is to develop data dissemination techniques specifically adapted to VANETs. With VANETs disconnection in mind, we developed data dissemination approaches that efficiently propagate messages between cars and belts on the road. We proposed two data dissemination techniques, one for divided roads and another one for undivided roads. We also proposed a probabilistic technique used by belts to determine how far should an incident notification be sent to alert approaching drivers. Our fifth contribution is to propose a security technique to avoid possible attacks from malicious drivers as well as preserving driver\u27s privacy in data dissemination and notification delivery in NOTICE. We also proposed a belt clustering scheme to reduce the probability of having a black-hole in the message dissemination while reducing also the operational burden if a belt is compromised

Impact Assessment, Detection, and Mitigation of False Data Attacks in Electrical Power Systems

The global energy market has seen a massive increase in investment and capital flow in the last few decades. This has completely transformed the way power grids operate - legacy systems are now being replaced by advanced smart grid infrastructures that attest to better connectivity and increased reliability. One popular example is the extensive deployment of phasor measurement units, which is referred to PMUs, that constantly provide time-synchronized phasor measurements at a high resolution compared to conventional meters. This enables system operators to monitor in real-time the vast electrical network spanning thousands of miles. However, a targeted cyber attack on PMUs can prompt operators to take wrong actions that can eventually jeopardize the power system reliability. Such threats originating from the cyber-space continue to increase as power grids become more dependent on PMU communication networks. Additionally, these threats are becoming increasingly efficient in remaining undetected for longer periods while gaining deep access into the power networks. An attack on the energy sector immediately impacts national defense, emergency services, and all aspects of human life. Cyber attacks against the electric grid may soon become a tactic of high-intensity warfare between nations in near future and lead to social disorder. Within this context, this dissertation investigates the cyber security of PMUs that affects critical decision-making for a reliable operation of the power grid. In particular, this dissertation focuses on false data attacks, a key vulnerability in the PMU architecture, that inject, alter, block, or delete data in devices or in communication network channels. This dissertation addresses three important cyber security aspects - (1) impact assessment, (2) detection, and (3) mitigation of false data attacks. A comprehensive background of false data attack models targeting various steady-state control blocks is first presented. By investigating inter-dependencies between the cyber and the physical layers, this dissertation then identifies possible points of ingress and categorizes risk at different levels of threats. In particular, the likelihood of cyber attacks against the steady-state power system control block causing the worst-case impacts such as cascading failures is investigated. The case study results indicate that false data attacks do not often lead to widespread blackouts, but do result in subsequent line overloads and load shedding. The impacts are magnified when attacks are coordinated with physical failures of generators, transformers, or heavily loaded lines. Further, this dissertation develops a data-driven false data attack detection method that is independent of existing in-built security mechanisms in the state estimator. It is observed that a convolutional neural network classifier can quickly detect and isolate false measurements compared to other deep learning and traditional classifiers. Finally, this dissertation develops a recovery plan that minimizes the consequence of threats when sophisticated attacks remain undetected and have already caused multiple failures. Two new controlled islanding methods are developed that minimize the impact of attacks under the lack of, or partial information on the threats. The results indicate that the system operators can successfully contain the negative impacts of cyber attacks while creating stable and observable islands. Overall, this dissertation presents a comprehensive plan for fast and effective detection and mitigation of false data attacks, improving cyber security preparedness, and enabling continuity of operations

Impact Assessment, Detection, And Mitigation Of False Data Attacks In Electrical Power Systems

The global energy market has seen a massive increase in investment and capital flow in the last few decades. This has completely transformed the way power grids operate - legacy systems are now being replaced by advanced smart grid infrastructures that attest to better connectivity and increased reliability. One popular example is the extensive deployment of phasor measurement units, which is referred to PMUs, that constantly provide time-synchronized phasor measurements at a high resolution compared to conventional meters. This enables system operators to monitor in real-time the vast electrical network spanning thousands of miles. However, a targeted cyber attack on PMUs can prompt operators to take wrong actions that can eventually jeopardize the power system reliability. Such threats originating from the cyber-space continue to increase as power grids become more dependent on PMU communication networks. Additionally, these threats are becoming increasingly efficient in remaining undetected for longer periods while gaining deep access into the power networks. An attack on the energy sector immediately impacts national defense, emergency services, and all aspects of human life. Cyber attacks against the electric grid may soon become a tactic of high-intensity warfare between nations in near future and lead to social disorder. Within this context, this dissertation investigates the cyber security of PMUs that affects critical decision-making for a reliable operation of the power grid. In particular, this dissertation focuses on false data attacks, a key vulnerability in the PMU architecture, that inject, alter, block, or delete data in devices or in communication network channels. This dissertation addresses three important cyber security aspects - (1) impact assessment, (2) detection, and (3) mitigation of false data attacks. A comprehensive background of false data attack models targeting various steady-state control blocks is first presented. By investigating inter-dependencies between the cyber and the physical layers, this dissertation then identifies possible points of ingress and categorizes risk at different levels of threats. In particular, the likelihood of cyber attacks against the steady-state power system control block causing the worst-case impacts such as cascading failures is investigated. The case study results indicate that false data attacks do not often lead to widespread blackouts, but do result in subsequent line overloads and load shedding. The impacts are magnified when attacks are coordinated with physical failures of generators, transformers, or heavily loaded lines. Further, this dissertation develops a data-driven false data attack detection method that is independent of existing in-built security mechanisms in the state estimator. It is observed that a convolutional neural network classifier can quickly detect and isolate false measurements compared to other deep learning and traditional classifiers. Finally, this dissertation develops a recovery plan that minimizes the consequence of threats when sophisticated attacks remain undetected and have already caused multiple failures. Two new controlled islanding methods are developed that minimize the impact of attacks under the lack of, or partial information on the threats. The results indicate that the system operators can successfully contain the negative impacts of cyber attacks while creating stable and observable islands. Overall, this dissertation presents a comprehensive plan for fast and effective detection and mitigation of false data attacks, improving cyber security preparedness, and enabling continuity of operations

High Availability and Scalability Schemes for Software- Defined Networks (SDN)

Title from PDF of title page, viewed on September 8, 2015Dissertation advisor: Baek-Young ChoiVitaIncludes bibliographic references (pages 127-136)Thesis (Ph.D.)--School of Computing and Engineering. University of Missouri--Kansas City, 2015A proliferation of network-enabled devices and network-intensive applications require the underlying networks not only to be agile despite of complex and heterogeneous environments, but also to be highly available and scalable in order to guarantee service integrity and continuity. The Software-Defined Network (SDN) has recently emerged to address the problem of the ossified Internet protocol architecture and to enable agile and flexible network evolvement. SDN, however, heavily relies on control messages between a controller and the forwarding devices for the network operation. Thus, it becomes even more critical to guarantee network high availability (HA) and scalability between a controller and its forwarding devices in the SDN architecture. In this dissertation, we address HA and scalability issues that are inherent in the current OpenFlow specification and SDN architecture; and solve the problems using practical techniques. With extensive experiments using real systems, we have identified that iii the significant issues of HA and scalability in operations of a SDN such as single point of failure of multiple logical connections, multiple redundant configuration, unrecoverable interconnection failure, interface flapping, new flow attack, and event storm. We have designed and implemented the management frameworks that deal with SDN HA and scalability issues that we have observed from a real system. The proposed frameworks include various SDN HA and scalability strategies. For SDN HA, we have developed several SDN control path HA algorithms such as ensuring logical control path redundancy, transparency of a controller cluster, and fast and accurate failure detection. We validate the functionalities of the proposed SDN HA schemes with real network experiments. The proposed SDN control path HA algorithms overcome the limitations of the current Open- Flow specification and enhance performance as well as simplify management of SDN control path HA. For SDN scalability, we have proposed and developed our management framework in two different platforms; an embedded approach in the OpenFlow switch and an agent-based approach with the SUMA platform that is located near the Open- Flow switch. These platforms include various algorithms that enhance scalability of SDN such as Detect and Mitigate Abnormality (DMA), Modify and Annotate Control (MAC), and Message Prioritization and Classification (MPC). We have shown that the proposed framework effectively detects and filters malicious and abnormal network behaviors such as new flow attack, interface flapping, and event storm.Introduction -- Related work -- Measurement and Analysis of an Access Network’s Availability -- SDN Control Path High Availability -- SDN Scalable Network Management -- Summary and Future Wor

Fault-tolerant computing with unreliable channels

We study implementations of basic fault-tolerant primitives, such as consensus and registers, in message-passing systems subject to process crashes and a broad range of communication failures. Our results characterize the necessary and sufficient conditions for implementing these primitives as a function of the connectivity constraints and synchrony assumptions. Our main contribution is a new algorithm for partially synchronous consensus that is resilient to process crashes and channel failures and is optimal in its connectivity requirements. In contrast to prior work, our algorithm assumes the most general model of message loss where faulty channels are flaky, i.e., can lose messages without any guarantee of fairness. This failure model is particularly challenging for consensus algorithms, as it rules out standard solutions based on leader oracles and failure detectors. To circumvent this limitation, we construct our solution using a new variant of the recently proposed view synchronizer abstraction, which we adapt to the crash-prone setting with flaky channels

Production of the CMS Tracker End Cap sub-structures

The production and qualification of the 288 petals needed to build both CMS Tracker End Caps (TECs) is summarized. There will be first a description of a petal, integrating many components, the most important ones being the silicon modules. The organization of the production, involving 7 Institutes all over Europe, will then be explained. The petal assembly and testing procedure will be quickly described. The quality assurance put in place at each production step has resulted in a very high petal quality, as some overall plots will attest. Finally some details about part failures will be given