SISSA: Real-time Monitoring of Hardware Functional Safety and Cybersecurity with In-vehicle SOME/IP Ethernet Traffic

Scalable service-Oriented Middleware over IP (SOME/IP) is an Ethernet communication standard protocol in the Automotive Open System Architecture (AUTOSAR), promoting ECU-to-ECU communication over the IP stack. However, SOME/IP lacks a robust security architecture, making it susceptible to potential attacks. Besides, random hardware failure of ECU will disrupt SOME/IP communication. In this paper, we propose SISSA, a SOME/IP communication traffic-based approach for modeling and analyzing in-vehicle functional safety and cyber security. Specifically, SISSA models hardware failures with the Weibull distribution and addresses five potential attacks on SOME/IP communication, including Distributed Denial-of-Services, Man-in-the-Middle, and abnormal communication processes, assuming a malicious user accesses the in-vehicle network. Subsequently, SISSA designs a series of deep learning models with various backbones to extract features from SOME/IP sessions among ECUs. We adopt residual self-attention to accelerate the model's convergence and enhance detection accuracy, determining whether an ECU is under attack, facing functional failure, or operating normally. Additionally, we have created and annotated a dataset encompassing various classes, including indicators of attack, functionality, and normalcy. This contribution is noteworthy due to the scarcity of publicly accessible datasets with such characteristics.Extensive experimental results show the effectiveness and efficiency of SISSA

Machine Learning Framework for Power System Security Assessment

Power system security assessment is crucial for the planning, operation, and managementof electrical grids. As the integration of renewable energy resources accelerates, along with grid modernization to accommodate distributed resources and the liberalization of electricity markets, power systems are experiencing unprecedented size, complexity, uncertainty, and unpredictability. Consequently, these systems often operate near or beyond their operational limits, making it chal- lenging to adhere to the N-1 criterion without preventive measures, ultimately posing a significant threat to the grid&rsquo;s secure operation. In light of this, traditional security assessment methods may prove inadequate in achieving satisfactory assessment, especially when addressing the dynamic phe- nomena arising after disturbances, a concern exacerbated by the ongoing grid structural changes. Therefore, developing innovative methods to evaluate power system security from the static, dynamic, and transient perspectives after contingencies are essential, ensuring security while avoiding investments in redundant infrastructure. In recent years, data-driven approaches, particularly machine learning algorithms, have emerged as potent alternatives to traditional power system security assessment methods. These algorithms offer remarkable approximation capabilities, real-time predictions, flexibility, and the capacity to handle vast amounts of data. Researchers have explored various algorithms and frameworks, each exhibiting unique strengths and weaknesses concerning the accuracy, speed, interpretability, data requirements, and other performance metrics. This thesis introduces a novel machine-learning-based framework for dynamic power system security assessment, aiming to provide an accurate, reliable, and resilient solution that also offers valuable insights into the algorithm&rsquo;s results for operators. To promote reproducibility and bench- marking in this field, we conduct a series of experiments involving multiple database generation techniques and an extensive range of machine learning algorithms. By sharing data, and code, and developing a Python package, we strive to contribute to the research community, thereby facilitating and expediting future research in this area.</p