Information fusion architectures for security and resource management in cyber physical systems

Data acquisition through sensors is very crucial in determining the operability of the observed physical entity. Cyber Physical Systems (CPSs) are an example of distributed systems where sensors embedded into the physical system are used in sensing and data acquisition. CPSs are a collaboration between the physical and the computational cyber components. The control decisions sent back to the actuators on the physical components from the computational cyber components closes the feedback loop of the CPS. Since, this feedback is solely based on the data collected through the embedded sensors, information acquisition from the data plays an extremely vital role in determining the operational stability of the CPS. Data collection process may be hindered by disturbances such as system faults, noise and security attacks. Hence, simple data acquisition techniques will not suffice as accurate system representation cannot be obtained. Therefore, more powerful methods of inferring information from collected data such as Information Fusion have to be used. Information fusion is analogous to the cognitive process used by humans to integrate data continuously from their senses to make inferences about their environment. Data from the sensors is combined using techniques drawn from several disciplines such as Adaptive Filtering, Machine Learning and Pattern Recognition. Decisions made from such combination of data form the crux of information fusion and differentiates it from a flat structured data aggregation. In this dissertation, multi-layered information fusion models are used to develop automated decision making architectures to service security and resource management requirements in Cyber Physical Systems --Abstract, page iv

Model Predictive Control for Mitigating Sensor Attacks on Multilevel Inverters

Nowadays, multilevel power inverters have become a hot research topic which are being widely used in smart grids. They are also driving devices for conveyors, compressors, motors, and can enable uninterruptible power supply for critical loads such as database centers or telecommunications base stations. In the future, smart grids will play an important role to achieve higher efficiency, smarter control and better performance. Such an ambitious goal can only be achieved by inverters with higher voltage and power levels. The smart grids are the typical cyber-physical systems that is composed of physical processes and computation units combined by sensors, actuators, and communication devices. The smart grids are apt to errors and vicious attacks on their physical construction leading to considerable damage, such as false data injection (FDI), denial of service (DOS). The vicious data injection can effectively bypass the detection of system and cause serious effects on the grid. In recent years, some advanced control approaches have been proposed to perform inverter current control. Among them, model predictive control (MPC) is a promising one that makes use of explicit system models to predict its future response and optimize system performance. It has unique advantages that can accurately forecast the future response of the system and have fast response. However, the effectiveness and the accuracy of the conventional MPC rely on whether the system model is accurate. Uncertainty and false data injection in the system model sometimes lead to unresponsive or even unstable control systems. Conventional MPC is hard to keep the system stable when the uncertainty and malicious attack happen. In existing studies, although various attacks have been investigated, the undetectable false data injection aiming at the inverter system was rarely studied. In the thesis, the model of the cascaded H-bridge inverter is established and conventional MPC to achieve load current control is applied. It shows great performance to achieve load current control and has fast dynamic control. Then considering various attack signals such as step attack signals, pulse attack signals to the sensors in the system, the conventional MPC loses the ability to achieve a stable and effective current control. According to simulation results, Kalman Filter model is built which can filter some Gaussian noises from the sensors in the system. Then from the perspective of attacker, a special FDI attack is designed that can effectively bypass the Kalman Filter. For the system that targeted by the FDI and DOS attack, a new controller is designed based on the K-Nearest Neighbor (KNN) algorithm and MPC strategy which can achieve the load current control with high output quality. Finally, the new control method based on KNN and MPC is compared with conventional MPC. The simulation results are analyzed and conclusion have been made. A modified MPC combined with KNN algorithm proposed in this thesis can detect bad data that can enter the system without triggering alarms. The case studies show the modified MPC based on KNN algorithm can achieve current control accurately when the system is injected by various attack signals showing better performance of current control with low total harmonic distortion (THD)

Model Predictive Control for Mitigating Sensor Attacks on Multilevel Inverters

Nowadays, multilevel power inverters have become a hot research topic which are being widely used in smart grids. They are also driving devices for conveyors, compressors, motors, and can enable uninterruptible power supply for critical loads such as database centers or telecommunications base stations. In the future, smart grids will play an important role to achieve higher efficiency, smarter control and better performance. Such an ambitious goal can only be achieved by inverters with higher voltage and power levels. The smart grids are the typical cyber-physical systems that is composed of physical processes and computation units combined by sensors, actuators, and communication devices. The smart grids are apt to errors and vicious attacks on their physical construction leading to considerable damage, such as false data injection (FDI), denial of service (DOS). The vicious data injection can effectively bypass the detection of system and cause serious effects on the grid. In recent years, some advanced control approaches have been proposed to perform inverter current control. Among them, model predictive control (MPC) is a promising one that makes use of explicit system models to predict its future response and optimize system performance. It has unique advantages that can accurately forecast the future response of the system and have fast response. However, the effectiveness and the accuracy of the conventional MPC rely on whether the system model is accurate. Uncertainty and false data injection in the system model sometimes lead to unresponsive or even unstable control systems. Conventional MPC is hard to keep the system stable when the uncertainty and malicious attack happen. In existing studies, although various attacks have been investigated, the undetectable false data injection aiming at the inverter system was rarely studied. In the thesis, the model of the cascaded H-bridge inverter is established and conventional MPC to achieve load current control is applied. It shows great performance to achieve load current control and has fast dynamic control. Then considering various attack signals such as step attack signals, pulse attack signals to the sensors in the system, the conventional MPC loses the ability to achieve a stable and effective current control. According to simulation results, Kalman Filter model is built which can filter some Gaussian noises from the sensors in the system. Then from the perspective of attacker, a special FDI attack is designed that can effectively bypass the Kalman Filter. For the system that targeted by the FDI and DOS attack, a new controller is designed based on the K-Nearest Neighbor (KNN) algorithm and MPC strategy which can achieve the load current control with high output quality. Finally, the new control method based on KNN and MPC is compared with conventional MPC. The simulation results are analyzed and conclusion have been made. A modified MPC combined with KNN algorithm proposed in this thesis can detect bad data that can enter the system without triggering alarms. The case studies show the modified MPC based on KNN algorithm can achieve current control accurately when the system is injected by various attack signals showing better performance of current control with low total harmonic distortion (THD)

Enhanching Security in the Future Cyber Physical Systems

Cyber Physical System (CPS) is a system where cyber and physical components work in a complex co-ordination to provide better performance. By exploiting the communication infrastructure among the sensors, actuators, and control systems, attackers may compromise the security of a CPS. In this dissertation, security measures for different types of attacks/ faults in two CPSs, water supply system (WSS) and smart grid system, are presented. In this context, I also present my study on energy management in Smart Grid. The techniques for detecting attacks/faults in both WSS and Smart grid system adopt Kalman Filter (KF) and χ2 detector. The χ2 -detector can detect myriad of system fault- s/attacks such as Denial of Service (DoS) attack, short term and long term random attacks. However, the study shows that the χ2 -detector is unable to detect the intelligent False Data Injection attack (FDI). To overcome this limitation, I present a Euclidean detector for smart grid which can effectively detect such injection attacks. Along with detecting attack/faults I also present the isolation of the attacked/faulty nodes for smart grid. For isolation the Gen- eralized Observer Scheme (GOS) implementing Kalman Filter is used. As GOS is effective in isolating attacks/faults on a single sensor, it is unable to isolate simultaneous attacks/faults on multiple sensors. To address this issue, an Iterative Observer Scheme (IOS) is presented which is able to detect attack on multiple sensors. Since network is an integral part of the future CPSs, I also present a scheme for pre- serving privacy in the future Internet architecture, namely MobilityFirst architecture. The proposed scheme, called Anonymity in MobilityFirst (AMF), utilizes the three-tiered ap- proach to effectively exploit the inherent properties of MF Network such as Globally Unique Flat Identifier (GUID) and Global Name Resolution Service (GNRS) to provide anonymity to the users. While employing new proposed schemes in exchanging of keys between different tiers of routers to alleviate trust issues, the proposed scheme uses multiple routers in each tier to avoid collaboration amongst the routers in the three tiers to expose the end users

Compressive Privacy for a Linear Dynamical System

We consider a linear dynamical system in which the state vector consists of both public and private states. One or more sensors make measurements of the state vector and sends information to a fusion center, which performs the final state estimation. To achieve an optimal tradeoff between the utility of estimating the public states and protection of the private states, the measurements at each time step are linearly compressed into a lower dimensional space. Under the centralized setting where all measurements are collected by a single sensor, we propose an optimization problem and an algorithm to find the best compression matrix. Under the decentralized setting where measurements are made separately at multiple sensors, each sensor optimizes its own local compression matrix. We propose methods to separate the overall optimization problem into multiple sub-problems that can be solved locally at each sensor. We consider the cases where there is no message exchange between the sensors; and where each sensor takes turns to transmit messages to the other sensors. Simulations and empirical experiments demonstrate the efficiency of our proposed approach in allowing the fusion center to estimate the public states with good accuracy while preventing it from estimating the private states accurately

False data injection attack detection in smart grid

Smart grid is a distributed and autonomous energy delivery infrastructure that constantly monitors the operational state of its overall network using smart techniques and state estimation. State estimation is a powerful technique that is used to determine the overall operational state of the system based on a limited set of measurements collected through metering systems. Cyber-attacks pose serious risks to a smart grid state estimation that can cause disruptions and power outages resulting in huge economical losses and are therefore a big concern to a reliable national grid operation. False data injection attacks (FDIAs), engineered on the basis of the knowledge of the network configuration, are difficult to detect using the traditional data detection mechanisms. These detection schemes have been found vulnerable and failed to detect these FDIAs. FDIAs specifically target the state data and can manipulate the state measurements in such a way that these false measurements appear real to the main control systems. This research work explores the possibility of FDIA detection using state estimation in a distributed and partitioned smart grid. In order to detect FDIAs we use measurements for residual-based testing which creates an objective function; and the probability of erroneous data is determined from this residual test. In this test, a preset threshold is determined based on the prior history of the state data. FDIA cases are simulated within a smart grid considering that the Chi-square detection state estimator fails in identifying such attacks. We compute the objective function using the standard weighted least problem and then test the objective function against the value in the Chi-square table. The gain matrix and the Jacobian matrix are computed. The state variables are computed in the form of a voltage magnitude. The state variables are computed after the inception of an attack to assess these state magnitude results. Different sizes of partitioning are used to improve the overall sensitivity of the Chi-square results. Our additional estimator is based on a Kalman estimation that consists of the state prediction and state correction steps. In the first step, it obtains the state and matrix covariance prediction, and in the second step, it calculates the Kalman gain and the state and matrix covariance update steps. The set of points is created for the state vector x at a time instant t. The initial vector and covariance matrix are based on a priori knowledge of the historical estimates. A set of sigma points is estimated by the state update function. Sigma points refer to the minimal set of sampling points that are selected and transformed using nonlinear function, and the new mean and the covariance are formed out of these transformed points. The idea behind this is that it is easier to compute a Gaussian distribution than an arbitrary nonlinear function. The filter gain, the mean and the covariance are used to estimate the next state. Our simulation results show that the combination of Kalman estimation and distributed state estimation improves the overall stability index and vulnerability assessment score of the smart grid. We built a stability index table for a smart grid based on the state estimates value after the inception of an FDIA. The vulnerability assessment score of the smart grid is based on common vulnerability scoring system (CVSS) and state estimates under the influence of an FDIA. The simulations are conducted in the MATPOWER program and different electrical bus systems such as IEEE 14, 30, 39, 118 and 300 are tested. All the contributions have been published in reputable journals and conferences.Doctor of Philosoph