Consensus-based Networked Tracking in Presence of Heterogeneous Time-Delays

We propose a distributed (single) target tracking scheme based on networked estimation and consensus algorithms over static sensor networks. The tracking part is based on linear time-difference-of-arrival (TDOA) measurement proposed in our previous works. This paper, in particular, develops delay-tolerant distributed filtering solutions over sparse data-transmission networks. We assume general arbitrary heterogeneous delays at different links. This may occur in many realistic large-scale applications where the data-sharing between different nodes is subject to latency due to communication-resource constraints or large spatially distributed sensor networks. The solution we propose in this work shows improved performance (verified by both theory and simulations) in such scenarios. Another privilege of such distributed schemes is the possibility to add localized fault-detection and isolation (FDI) strategies along with survivable graph-theoretic design, which opens many follow-up venues to this research. To our best knowledge no such delay-tolerant distributed linear algorithm is given in the existing distributed tracking literature.Comment: ICRoM2

State of the art of cyber-physical systems security: An automatic control perspective

Cyber-physical systems are integrations of computation, networking, and physical processes. Due to the tight cyber-physical coupling and to the potentially disrupting consequences of failures, security here is one of the primary concerns. Our systematic mapping study sheds light on how security is actually addressed when dealing with cyber-physical systems from an automatic control perspective. The provided map of 138 selected studies is defined empirically and is based on, for instance, application fields, various system components, related algorithms and models, attacks characteristics and defense strategies. It presents a powerful comparison framework for existing and future research on this hot topic, important for both industry and academia

Context-Aware Sensor Fusion For Securing Cyber-Physical Systems

The goal of this dissertation is to provide detection and estimation techniques in order to ensure the safety and security of modern Cyber-Physical Systems (CPS) even in the presence of arbitrary sensors faults and attacks. We leverage the fact that modern CPS are equipped with various sensors that provide redundant information about the system\u27s state. In such a setting, the system can limit its dependence on any individual sensor, thereby providing guarantees about its safety even in the presence of arbitrary faults and attacks. In order to address the problem of safety detection, we develop sensor fusion techniques that make use of the sensor redundancy available in modern CPS. First of all, we develop a multidimensional sensor fusion algorithm that outputs a bounded fusion set which is guaranteed to contain the true state even in the presence of attacks and faults. Furthermore, we provide two approaches for strengthening sensor fusion\u27s worst-case guarantees: 1) incorporating historical measurements as well as 2) analyzing sensor transmission schedules (e.g., in a time-triggered system using a shared bus) in order to minimize the attacker\u27s available information and impact on the system. In addition, we modify the sensor fusion algorithm in order to provide guarantees even when sensors might experience transient faults in addition to attacks. Finally, we develop an attack detection technique (also in the presence of transient faults) in order to discard attacked sensors. In addition to standard plant sensors, we note that modern CPS also have access to multiple environment sensors that provide information about the system\u27s context (e.g., a camera recognizing a nearby building). Since these context measurements are related to the system\u27s state, they can be used for estimation and detection purposes, similar to standard measurements. In this dissertation, we first develop a nominal context-aware filter (i.e., with no faults or attacks) for binary context measurements (e.g., a building detection). Finally, we develop a technique for incorporating context measurements into sensor fusion, thus providing guarantees about system safety even in cases where more than half of standard sensors might be under attack

Enhanching Security in the Future Cyber Physical Systems

Cyber Physical System (CPS) is a system where cyber and physical components work in a complex co-ordination to provide better performance. By exploiting the communication infrastructure among the sensors, actuators, and control systems, attackers may compromise the security of a CPS. In this dissertation, security measures for different types of attacks/ faults in two CPSs, water supply system (WSS) and smart grid system, are presented. In this context, I also present my study on energy management in Smart Grid. The techniques for detecting attacks/faults in both WSS and Smart grid system adopt Kalman Filter (KF) and χ2 detector. The χ2 -detector can detect myriad of system fault- s/attacks such as Denial of Service (DoS) attack, short term and long term random attacks. However, the study shows that the χ2 -detector is unable to detect the intelligent False Data Injection attack (FDI). To overcome this limitation, I present a Euclidean detector for smart grid which can effectively detect such injection attacks. Along with detecting attack/faults I also present the isolation of the attacked/faulty nodes for smart grid. For isolation the Gen- eralized Observer Scheme (GOS) implementing Kalman Filter is used. As GOS is effective in isolating attacks/faults on a single sensor, it is unable to isolate simultaneous attacks/faults on multiple sensors. To address this issue, an Iterative Observer Scheme (IOS) is presented which is able to detect attack on multiple sensors. Since network is an integral part of the future CPSs, I also present a scheme for pre- serving privacy in the future Internet architecture, namely MobilityFirst architecture. The proposed scheme, called Anonymity in MobilityFirst (AMF), utilizes the three-tiered ap- proach to effectively exploit the inherent properties of MF Network such as Globally Unique Flat Identifier (GUID) and Global Name Resolution Service (GNRS) to provide anonymity to the users. While employing new proposed schemes in exchanging of keys between different tiers of routers to alleviate trust issues, the proposed scheme uses multiple routers in each tier to avoid collaboration amongst the routers in the three tiers to expose the end users