267 research outputs found

    Application of unified invariants for cyber physical systems in smart grids

    Get PDF
    Cyber-Physical Systems (CPS) are complex engineered systems which consist of physical components with an underlying cyber network. The three main components of a cyber-physical System are: physical system, networking and communications element and a distributed cyber system. The primary challenge for cyber-physical systems is to understand what happens when various sub-systems, which have been developed in an isolated environment, are integrated. CPS studies need to ensure sub-systems that had been designed in isolation to meet certain specifications, when combined, do not cause the overall system to fail. The crux of cyber-physical research is thus to find a common platform to bind all these different components, so as to monitor the overall system performance. This dissertation discusses how to unify these different aspects and tackles the issue of synthesizing, verifying and monitoring highly diverse environments by introducing the concept of Unified Invariants. In this dissertation, a smart grid has been used to implement and validate this concept of Unified Invariants towards building a robust cyber-physical system. There are several ways to compromise the reliable operation of a smart grid. Examples of such contingent events are voltage collapse, line overloading and dynamic instability. Physical system invariants have been developed to identify and thwart such events which threaten the integrity of the physical system. These physical invariants have be integrated with cyber controllers to ensure a safe, stable and reliable operation of the smart grid. This is an unique concept and differs from previous methods in the fact that while earlier methods have tried to compose functionality of each domain of the cyber-physical world, the Unified Invariant method serves as a transformative approach to express and impose system properties that are common to all the domains (cyber, physical, networking). The net outcome of such an approach is that the resulting CPSs will be safe and stable at the system level, rather than just the sub-system level. --Abstract, page iii

    Towards learning and verifying invariants of cyber-physical systems by code mutation

    Get PDF
    Cyber-physical systems (CPS), which integrate algorithmic control with physical processes, often consist of physically distributed components communicating over a network. A malfunctioning or compromised component in such a CPS can lead to costly consequences, especially in the context of public infrastructure. In this short paper, we argue for the importance of constructing invariants (or models) of the physical behaviour exhibited by CPS, motivated by their applications to the control, monitoring, and attestation of components. To achieve this despite the inherent complexity of CPS, we propose a new technique for learning invariants that combines machine learning with ideas from mutation testing. We present a preliminary study on a water treatment system that suggests the efficacy of this approach, propose strategies for establishing confidence in the correctness of invariants, then summarise some research questions and the steps we are taking to investigate them.Comment: Short paper accepted by the 21st International Symposium on Formal Methods (FM 2016

    Unified knowledge model for stability analysis in cyber physical systems

    Get PDF
    The amalgamation and coordination between computational processes and physical components represent the very basis of cyber-physical systems. A diverse range of CPS challenges had been addressed through numerous workshops and conferences over the past decade. Finding a common semantic among these diverse components which promotes system synthesis, verification and monitoring is a significant challenge in the cyber-physical research domain. Computational correctness, network timing and frequency response are system aspects that conspire to impede design, verification and monitoring. The objective of cyber-physical research is to unify these diverse aspects by developing common semantics that span each aspect of a CPS. The work of this thesis revolves around the design of a typical smart grid-type system with three PV sources built with PSCADʼ. A major amount of effort in this thesis had been focused on studying the system behavior in terms of stability when subjected to load fluctuations from the PV side. The stability had been primarily reflected in the frequency of the generator of the system. The concept of droop control had been analyzed and the parameterization of the droop constant in the shape of an invariant forms an essential part of the thesis as it predicts system behavior and also guides the system within its stable restraints. As an extension of a relationship between stability and frequency, the present study goes one step ahead in describing the sojourn of the system from stability to instability by doing an analysis with the help of tools called Lyapunov-like functions. Lyapunov-like functions are, for switched systems, a class of functions that are used to measure the stability for non linear systems. The use of Lyapunov-like functions to judge the stability of this system had been tested and discussed in detail in this thesis and simulation results provided --Abstract, page iii

    Control Behavior Integrity for Distributed Cyber-Physical Systems

    Get PDF
    Cyber-physical control systems, such as industrial control systems (ICS), are increasingly targeted by cyberattacks. Such attacks can potentially cause tremendous damage, affect critical infrastructure or even jeopardize human life when the system does not behave as intended. Cyberattacks, however, are not new and decades of security research have developed plenty of solutions to thwart them. Unfortunately, many of these solutions cannot be easily applied to safety-critical cyber-physical systems. Further, the attack surface of ICS is quite different from what can be commonly assumed in classical IT systems. We present Scadman, a system with the goal to preserve the Control Behavior Integrity (CBI) of distributed cyber-physical systems. By observing the system-wide behavior, the correctness of individual controllers in the system can be verified. This allows Scadman to detect a wide range of attacks against controllers, like programmable logic controller (PLCs), including malware attacks, code-reuse and data-only attacks. We implemented and evaluated Scadman based on a real-world water treatment testbed for research and training on ICS security. Our results show that we can detect a wide range of attacks--including attacks that have previously been undetectable by typical state estimation techniques--while causing no false-positive warning for nominal threshold values.Comment: 15 pages, 8 figure

    Data-driven Detection of Stealth Cyber-attacks in DC Microgrids

    Get PDF

    Models of leader elections and their applications

    Get PDF
    New research about cyber-physical systems is rapidly changing the way we think about critical infrastructures such as the power grid. Changing requirements for the generation, storage, and availability of power are all driving the development of the smart-grid. Many smart-grid projects disperse power generation across a wide area and control devices with a distributed system. However, in a distributed system, the state of processes is hard to determine due to isolation of memory. By using information flow security models, we reason about a process\u27s beliefs of the system state in a distributed system. Information flow analysis aided in the creation of Markov models for the expected behavior of a cyber controller in a smart-grid system using a communication network with omission faults. The models were used as part of an analysis of the distributed system behavior when there are communication faults. With insight gained from these models, existing congestion management techniques were extended to create a feedback mechanism, allowing the cyber-physical system to better react to issues in the communication network --Abstract, page iii

    Photonic Physical Unclonable Functions: From the Concept to Fully Functional Device Operating in the Field

    Full text link
    The scope of this paper is to demonstrate a fully working and compact photonic Physical Unclonable Function (PUF) device capable of operating in real life scenarios as an authentication mechanism and random number generator. For this purpose, an extensive experimental investigation of a Polymer Optical Fiber (POF) and a diffuser as PUF tokens is performed and the most significant properties are evaluated using the proper mathematical tools. Two different software algorithms, the Random Binary Method (RBM) and Singular Value Decomposition (SVD), were tested for optimized key extraction and error correction codes have been incorporated for enhancing key reproducibility. By taking into consideration the limitations and overall performance derived by the experimental evaluation of the system, the designing details towards the implementation of a miniaturized, energy efficient and low-cost device are extensively discussed. The performance of the final device is thoroughly evaluated, demonstrating a long-term stability of 1 week, an operating temperature range of 50C, an exponentially large pool of unique Challenge-Response Pairs (CRPs), recovery after power failure and capability of generating NIST compliant true random numbers

    A Distributed Observer-Based Cyber-Attack Identification Scheme in Cooperative Networked Systems under Switching Communication Topologies

    Get PDF
    This paper studies an approach for detecting cyber attacks against networked cooperative systems (NCS) that are assumed to be working in a cyber-physical environment. NCS are prone to anomalies both due to cyber and physical attacks and faults. Cyber-attacks being more hazardous given the cooperative nature of the NCS may lead to disastrous consequences and thus need to be detected as soon as they occur by all systems in the network. Our approach deals with two types of malicious attacks aimed at compromising the stability of the NCS: intrusion attacks/local malfunctions on individual systems and deception/cyber-attacks on the communication between the systems. In order to detect and identify such attacks under switching communication topologies, this paper proposes a new distributed methodology that solves global state estimation of the NCS where the aim is identifying anomalies in the networked system using residuals generated by monitoring agents such that coverage of the entire network is assured. A cascade of predefined-time sliding mode switched observers is introduced for each agent to achieve a fast estimate of the global state whereby the settling time is an a priori defined parameter independently of the initial conditions. Then, using the conventional consensus algorithm, a set of residuals are generated by the agents that is capable of detecting and isolating local intrusion attacks and communication cyber-attacks in the network using only locally exchanged information. In order to prove the effectiveness of the proposed method, the framework is tested for a velocity synchronization seeking network of mobile robots
    • …
    corecore