267 research outputs found
Application of unified invariants for cyber physical systems in smart grids
Cyber-Physical Systems (CPS) are complex engineered systems which consist of physical components with an underlying cyber network. The three main components of a cyber-physical System are: physical system, networking and communications element and a distributed cyber system. The primary challenge for cyber-physical systems is to understand what happens when various sub-systems, which have been developed in an isolated environment, are integrated. CPS studies need to ensure sub-systems that had been designed in isolation to meet certain specifications, when combined, do not cause the overall system to fail. The crux of cyber-physical research is thus to find a common platform to bind all these different components, so as to monitor the overall system performance.
This dissertation discusses how to unify these different aspects and tackles the issue of synthesizing, verifying and monitoring highly diverse environments by introducing the concept of Unified Invariants. In this dissertation, a smart grid has been used to implement and validate this concept of Unified Invariants towards building a robust cyber-physical system. There are several ways to compromise the reliable operation of a smart grid. Examples of such contingent events are voltage collapse, line overloading and dynamic instability. Physical system invariants have been developed to identify and thwart such events which threaten the integrity of the physical system. These physical invariants have be integrated with cyber controllers to ensure a safe, stable and reliable operation of the smart grid. This is an unique concept and differs from previous methods in the fact that while earlier methods have tried to compose functionality of each domain of the cyber-physical world, the Unified Invariant method serves as a transformative approach to express and impose system properties that are common to all the domains (cyber, physical, networking). The net outcome of such an approach is that the resulting CPSs will be safe and stable at the system level, rather than just the sub-system level. --Abstract, page iii
Towards learning and verifying invariants of cyber-physical systems by code mutation
Cyber-physical systems (CPS), which integrate algorithmic control with
physical processes, often consist of physically distributed components
communicating over a network. A malfunctioning or compromised component in such
a CPS can lead to costly consequences, especially in the context of public
infrastructure. In this short paper, we argue for the importance of
constructing invariants (or models) of the physical behaviour exhibited by CPS,
motivated by their applications to the control, monitoring, and attestation of
components. To achieve this despite the inherent complexity of CPS, we propose
a new technique for learning invariants that combines machine learning with
ideas from mutation testing. We present a preliminary study on a water
treatment system that suggests the efficacy of this approach, propose
strategies for establishing confidence in the correctness of invariants, then
summarise some research questions and the steps we are taking to investigate
them.Comment: Short paper accepted by the 21st International Symposium on Formal
Methods (FM 2016
Unified knowledge model for stability analysis in cyber physical systems
The amalgamation and coordination between computational processes and physical components represent the very basis of cyber-physical systems. A diverse range of CPS challenges had been addressed through numerous workshops and conferences over the past decade. Finding a common semantic among these diverse components which promotes system synthesis, verification and monitoring is a significant challenge in the cyber-physical research domain. Computational correctness, network timing and frequency response are system aspects that conspire to impede design, verification and monitoring. The objective of cyber-physical research is to unify these diverse aspects by developing common semantics that span each aspect of a CPS. The work of this thesis revolves around the design of a typical smart grid-type system with three PV sources built with PSCADʼ. A major amount of effort in this thesis had been focused on studying the system behavior in terms of stability when subjected to load fluctuations from the PV side. The stability had been primarily reflected in the frequency of the generator of the system. The concept of droop control had been analyzed and the parameterization of the droop constant in the shape of an invariant forms an essential part of the thesis as it predicts system behavior and also guides the system within its stable restraints. As an extension of a relationship between stability and frequency, the present study goes one step ahead in describing the sojourn of the system from stability to instability by doing an analysis with the help of tools called Lyapunov-like functions. Lyapunov-like functions are, for switched systems, a class of functions that are used to measure the stability for non linear systems. The use of Lyapunov-like functions to judge the stability of this system had been tested and discussed in detail in this thesis and simulation results provided --Abstract, page iii
Control Behavior Integrity for Distributed Cyber-Physical Systems
Cyber-physical control systems, such as industrial control systems (ICS), are
increasingly targeted by cyberattacks. Such attacks can potentially cause
tremendous damage, affect critical infrastructure or even jeopardize human life
when the system does not behave as intended. Cyberattacks, however, are not new
and decades of security research have developed plenty of solutions to thwart
them. Unfortunately, many of these solutions cannot be easily applied to
safety-critical cyber-physical systems. Further, the attack surface of ICS is
quite different from what can be commonly assumed in classical IT systems.
We present Scadman, a system with the goal to preserve the Control Behavior
Integrity (CBI) of distributed cyber-physical systems. By observing the
system-wide behavior, the correctness of individual controllers in the system
can be verified. This allows Scadman to detect a wide range of attacks against
controllers, like programmable logic controller (PLCs), including malware
attacks, code-reuse and data-only attacks. We implemented and evaluated Scadman
based on a real-world water treatment testbed for research and training on ICS
security. Our results show that we can detect a wide range of
attacks--including attacks that have previously been undetectable by typical
state estimation techniques--while causing no false-positive warning for
nominal threshold values.Comment: 15 pages, 8 figure
Models of leader elections and their applications
New research about cyber-physical systems is rapidly changing the way we think about critical infrastructures such as the power grid. Changing requirements for the generation, storage, and availability of power are all driving the development of the smart-grid. Many smart-grid projects disperse power generation across a wide area and control devices with a distributed system. However, in a distributed system, the state of processes is hard to determine due to isolation of memory. By using information flow security models, we reason about a process\u27s beliefs of the system state in a distributed system. Information flow analysis aided in the creation of Markov models for the expected behavior of a cyber controller in a smart-grid system using a communication network with omission faults. The models were used as part of an analysis of the distributed system behavior when there are communication faults. With insight gained from these models, existing congestion management techniques were extended to create a feedback mechanism, allowing the cyber-physical system to better react to issues in the communication network --Abstract, page iii
Photonic Physical Unclonable Functions: From the Concept to Fully Functional Device Operating in the Field
The scope of this paper is to demonstrate a fully working and compact
photonic Physical Unclonable Function (PUF) device capable of operating in real
life scenarios as an authentication mechanism and random number generator. For
this purpose, an extensive experimental investigation of a Polymer Optical
Fiber (POF) and a diffuser as PUF tokens is performed and the most significant
properties are evaluated using the proper mathematical tools. Two different
software algorithms, the Random Binary Method (RBM) and Singular Value
Decomposition (SVD), were tested for optimized key extraction and error
correction codes have been incorporated for enhancing key reproducibility. By
taking into consideration the limitations and overall performance derived by
the experimental evaluation of the system, the designing details towards the
implementation of a miniaturized, energy efficient and low-cost device are
extensively discussed. The performance of the final device is thoroughly
evaluated, demonstrating a long-term stability of 1 week, an operating
temperature range of 50C, an exponentially large pool of unique
Challenge-Response Pairs (CRPs), recovery after power failure and capability of
generating NIST compliant true random numbers
A Distributed Observer-Based Cyber-Attack Identification Scheme in Cooperative Networked Systems under Switching Communication Topologies
This paper studies an approach for detecting cyber attacks against networked cooperative systems (NCS) that are assumed to be working in a cyber-physical environment. NCS are prone to anomalies both due to cyber and physical attacks and faults. Cyber-attacks being more hazardous given the cooperative nature of the NCS may lead to disastrous consequences and thus need to be detected as soon as they occur by all systems in the network. Our approach deals with two types of malicious attacks aimed at compromising the stability of the NCS: intrusion attacks/local malfunctions on individual systems and deception/cyber-attacks on the communication between the systems. In order to detect and identify such attacks under switching communication topologies, this paper proposes a new distributed methodology that solves global state estimation of the NCS where the aim is identifying anomalies in the networked system using residuals generated by monitoring agents such that coverage of the entire network is assured. A cascade of predefined-time sliding mode switched observers is introduced for each agent to achieve a fast estimate of the global state whereby the settling time is an a priori defined parameter independently of the initial conditions. Then, using the conventional consensus algorithm, a set of residuals are generated by the agents that is capable of detecting and isolating local intrusion attacks and communication cyber-attacks in the network using only locally exchanged information. In order to prove the effectiveness of the proposed method, the framework is tested for a velocity synchronization seeking network of mobile robots
- …