Restoration in multi-domain GMPLS-based networks

In this paper, we evaluate the efficiency of using restoration mechanisms in a dynamic multi-domain GMPLS network. Major challenges and solutions are introduced and two well-known restoration schemes (End-to-End and Local-to-End) are evaluated. Additionally, new restoration mechanisms are introduced: one based on the position of a failed link, called Location-Based, and another based on minimizing the additional resources consumed during restoration, called Shortest-New. A complete set of simulations in different network scenarios show where each mechanism is more efficient in terms, such as, resource overbuild or recovery delayPart of this work was supported by the Government of Catalonia (DURSI SGR-1202), and by the Spanish Science and Innovation Ministry (TRION TEC2009-10724

Quantitative dependability and interdependency models for large-scale cyber-physical systems

Cyber-physical systems link cyber infrastructure with physical processes through an integrated network of physical components, sensors, actuators, and computers that are interconnected by communication links. Modern critical infrastructures such as smart grids, intelligent water distribution networks, and intelligent transportation systems are prominent examples of cyber-physical systems. Developed countries are entirely reliant on these critical infrastructures, hence the need for rigorous assessment of the trustworthiness of these systems. The objective of this research is quantitative modeling of dependability attributes -- including reliability and survivability -- of cyber-physical systems, with domain-specific case studies on smart grids and intelligent water distribution networks. To this end, we make the following research contributions: i) quantifying, in terms of loss of reliability and survivability, the effect of introducing computing and communication technologies; and ii) identifying and quantifying interdependencies in cyber-physical systems and investigating their effect on fault propagation paths and degradation of dependability attributes. Our proposed approach relies on observation of system behavior in response to disruptive events. We utilize a Markovian technique to formalize a unified reliability model. For survivability evaluation, we capture temporal changes to a service index chosen to represent the extent of functionality retained. In modeling of interdependency, we apply correlation and causation analyses to identify links and use graph-theoretical metrics for quantifying them. The metrics and models we propose can be instrumental in guiding investments in fortification of and failure mitigation for critical infrastructures. To verify the success of our proposed approach in meeting these goals, we introduce a failure prediction tool capable of identifying system components that are prone to failure as a result of a specific disruptive event. Our prediction tool can enable timely preventative actions and mitigate the consequences of accidental failures and malicious attacks --Abstract, page iii

A Constrained, Possibilistic Logical Approach for Software System Survivability Evaluation

In this paper, we present a logical framework to facilitate users in assessing a software system in terms of the required survivability features. Survivability evaluation is essential in linking foreign software components to an existing system or obtaining software systems from external sources. It is important to make sure that any foreign components/systems will not compromise the current system’s survivability properties. Given the increasing large scope and complexity of modern software systems, there is a need for an evaluation framework to accommodate uncertain, vague, or even ill-known knowledge for a robust evaluation based on multi-dimensional criteria. Our framework incorporates user-defined constrains on survivability requirements. Necessity-based possibilistic uncertainty and user survivability requirement constraints are effectively linked to logic reasoning. A proof-of-concept system has been developed to validate the proposed approach. To our best knowledge, our work is the first attempt to incorporate vague, imprecise information into software system survivability evaluation

False data injection attack detection in smart grid

Smart grid is a distributed and autonomous energy delivery infrastructure that constantly monitors the operational state of its overall network using smart techniques and state estimation. State estimation is a powerful technique that is used to determine the overall operational state of the system based on a limited set of measurements collected through metering systems. Cyber-attacks pose serious risks to a smart grid state estimation that can cause disruptions and power outages resulting in huge economical losses and are therefore a big concern to a reliable national grid operation. False data injection attacks (FDIAs), engineered on the basis of the knowledge of the network configuration, are difficult to detect using the traditional data detection mechanisms. These detection schemes have been found vulnerable and failed to detect these FDIAs. FDIAs specifically target the state data and can manipulate the state measurements in such a way that these false measurements appear real to the main control systems. This research work explores the possibility of FDIA detection using state estimation in a distributed and partitioned smart grid. In order to detect FDIAs we use measurements for residual-based testing which creates an objective function; and the probability of erroneous data is determined from this residual test. In this test, a preset threshold is determined based on the prior history of the state data. FDIA cases are simulated within a smart grid considering that the Chi-square detection state estimator fails in identifying such attacks. We compute the objective function using the standard weighted least problem and then test the objective function against the value in the Chi-square table. The gain matrix and the Jacobian matrix are computed. The state variables are computed in the form of a voltage magnitude. The state variables are computed after the inception of an attack to assess these state magnitude results. Different sizes of partitioning are used to improve the overall sensitivity of the Chi-square results. Our additional estimator is based on a Kalman estimation that consists of the state prediction and state correction steps. In the first step, it obtains the state and matrix covariance prediction, and in the second step, it calculates the Kalman gain and the state and matrix covariance update steps. The set of points is created for the state vector x at a time instant t. The initial vector and covariance matrix are based on a priori knowledge of the historical estimates. A set of sigma points is estimated by the state update function. Sigma points refer to the minimal set of sampling points that are selected and transformed using nonlinear function, and the new mean and the covariance are formed out of these transformed points. The idea behind this is that it is easier to compute a Gaussian distribution than an arbitrary nonlinear function. The filter gain, the mean and the covariance are used to estimate the next state. Our simulation results show that the combination of Kalman estimation and distributed state estimation improves the overall stability index and vulnerability assessment score of the smart grid. We built a stability index table for a smart grid based on the state estimates value after the inception of an FDIA. The vulnerability assessment score of the smart grid is based on common vulnerability scoring system (CVSS) and state estimates under the influence of an FDIA. The simulations are conducted in the MATPOWER program and different electrical bus systems such as IEEE 14, 30, 39, 118 and 300 are tested. All the contributions have been published in reputable journals and conferences.Doctor of Philosoph

Analysis and optimization of highly reliable systems

In the field of network design, the survivability property enables the network to maintain a certain level of network connectivity and quality of service under failure conditions. In this thesis, survivability aspects of communication systems are studied. Aspects of reliability and vulnerability of network design are also addressed. The contributions are three-fold. First, a Hop Constrained node Survivable Network Design Problem (HCSNDP) with optional (Steiner) nodes is modelled. This kind of problems are N P-Hard. An exact integer linear model is built, focused on networks represented by graphs without rooted demands, considering costs in arcs and in Steiner nodes. In addition to the exact model, the calculation of lower and upper bounds to the optimal solution is included. Models were tested over several graphs and instances, in order to validate it in cases with known solution. An Approximation Algorithm is also developed in order to address a particular case of SNDP: the Two Node Survivable Star Problem (2NCSP) with optional nodes. This problem belongs to the class of N P-Hard computational problems too. Second, the research is focused on cascading failures and target/random attacks. The Graph Fragmentation Problem (GFP) is the result of a worst case analysis of a random attack. A fixed number of individuals for protection can be chosen, and a non-protected target node immediately destroys all reachable nodes. The goal is to minimize the expected number of destroyed nodes in the network. This problem belongs to the N P-Hard class. A mathematical programming formulation is introduced and exact resolution for small instances as well as lower and upper bounds to the optimal solution. In addition to exact methods, we address the GFP by several approaches: metaheuristics, approximation algorithms, polytime methods for specific instances and exact methods in exponential time. Finally, the concept of separability in stochastic binary systems is here introduced. Stochastic Binary Systems (SBS) represent a mathematical model of a multi-component on-off system subject to independent failures. The reliability evaluation of an SBS belongs to the N P-Hard class. Therefore, we fully characterize separable systems using Han-Banach separation theorem for convex sets. Using this new concept of separable systems and Markov inequality, reliability bounds are provided for arbitrary SBS

An energy-aware architecture : a practical implementation for autonomous underwater vehicles

Energy awareness, fault tolerance and performance estimation are important aspects for extending the autonomy levels of today’s autonomous vehicles. Those are related to the concepts of survivability and reliability, two important factors that often limit the trust of end users in conducting large-scale deployments of such vehicles. With the aim of preparing the way for persistent autonomous operations this work focuses its efforts on investigating those effects on underwater vehicles capable of long-term missions. A novel energy-aware architecture for autonomous underwater vehicles (AUVs) is presented. This, by monitoring at runtime the vehicle’s energy usage, is capable of detecting and mitigating failures in the propulsion subsystem, one of the most common sources of mission-time problems. Furthermore it estimates the vehicle’s performance when operating in unknown environments and in the presence of external disturbances. These capabilities are a great contribution for reducing the operational uncertainty that most underwater platforms face during their deployment. Using knowledge collected while conducting real missions the proposed architecture allows the optimisation of on-board resource usage. This improves the vehicle’s effectiveness when operating in unknown stochastic scenarios or when facing the problem of resource scarcity. The architecture has been implemented on a real vehicle, Nessie AUV, used for real sea experiments as part of multiple research projects. These gave the opportunity of evaluating the improvements of the proposed system when considering more complex autonomous tasks. Together with Nessie AUV, the commercial platform IVER3 AUV has been involved in the evaluating the feasibility of this approach. Results and operational experience, gathered both in real sea scenarios and in controlled environment experiments, are discussed in detail showing the benefits and the operational constraints of the introduced architecture, alongside suggestions for future research directions

Stateful requirements monitoring for self-repairing socio-technical systems

Socio-technical systems consist of human, hardware and software components that work in tandem to fulfil stakeholder requirements. By their very nature, such systems operate under uncertainty as components fail, humans act in unpredictable ways, and the environment of the system changes. Self-repair refers to the ability of such systems to restore fulfillment of their requirements by relying on monitoring, reasoning, and diagnosing on the current state of individual requirements. Self-repair is complicated by the multi-agent nature of socio-technical systems, which demands that requirements monitoring and self-repair be done in a decentralised fashion. In this paper, we propose a stateful requirements monitoring approach by maintaining an instance of a state machine for each requirement, represented as a goal, with runtime monitoring and compensation capabilities. By managing the interactions between the state machines, our approach supports hierarchical goal reasoning in both upward and downward directions. We have implemented a customisable Java framework that supports experimentation by simulating a socio-technical system. Results from our experiments suggest effective and precise support for a wide range of self-repairing decisions in a socio-technical setting