Optimal Attack against Cyber-Physical Control Systems with Reactive Attack Mitigation

This paper studies the performance and resilience of a cyber-physical control system (CPCS) with attack detection and reactive attack mitigation. It addresses the problem of deriving an optimal sequence of false data injection attacks that maximizes the state estimation error of the system. The results provide basic understanding about the limit of the attack impact. The design of the optimal attack is based on a Markov decision process (MDP) formulation, which is solved efficiently using the value iteration method. Using the proposed framework, we quantify the effect of false positives and mis-detections on the system performance, which can help the joint design of the attack detection and mitigation. To demonstrate the use of the proposed framework in a real-world CPCS, we consider the voltage control system of power grids, and run extensive simulations using PowerWorld, a high-fidelity power system simulator, to validate our analysis. The results show that by carefully designing the attack sequence using our proposed approach, the attacker can cause a large deviation of the bus voltages from the desired setpoint. Further, the results verify the optimality of the derived attack sequence and show that, to cause maximum impact, the attacker must carefully craft his attack to strike a balance between the attack magnitude and stealthiness, due to the simultaneous presence of attack detection and mitigation

Sequential Monte Carlo Based Data Assimilation Framework and Toolkit for Dynamic System Simulations

Assimilating real-time sensor data into simulations is an effective approach for improving predictive abilities. However, integrating complex simulation models, e.g., discrete event simulation models and agent-based simulation models, is a challenging task. That is because classical data assimilation techniques, such as Kalman Filter, rely on the analytical forms of system transition distribution, which these models do not have. Sequential Monte Carlo methods are a class of most extensively used data assimilation algorithms which recursively estimate system states using Bayesian inference and sampling technique. They are non-parametric filters and thus can work effectively with complex simulation models. Despite of the advantages of Sequential Monte Carlo methods, simulation systems do not automatically fit in data assimilation framework. In most cases, it is a difficult and tedious task to carry out data assimilation for complex simulation models. In addition, Sequential Monte Carlo methods are statistical methods developed by mathematicians while simulation systems are developed by researchers in particular research fields other than math. There is a need to bridge the gap of theory and application and to make it easy to apply SMC methods to simulation applications. This dissertation presents a general framework integrating simulation models and data assimilation, and provides guidance of how to carry out data assimilation for dynamic system simulations. The developed framework formalizes the data assimilation process by defining specifications for both simulation models and data assimilation algorithms. It implements the standard Bootstrap Particle Filtering algorithm and a new \emph{Sensor Informed Particle Filter}, (SenSim) to support effective data assimilation. The developed framework is evaluated based on the application of wildfire spread simulation, and experiment results show the effectiveness of data assimilation. Besides the framework, we also developed an open source software toolkit named as Data Assimilation Framework Toolkit to make it easy for researchers to carry out data assimilation for their own simulation applications. A tutorial example is provided to demonstrate the data assimilation process using this data assimilation toolkit

Secure Distributed Dynamic State Estimation in Wide-Area Smart Grids

Smart grid is a large complex network with a myriad of vulnerabilities, usually operated in adversarial settings and regulated based on estimated system states. In this study, we propose a novel highly secure distributed dynamic state estimation mechanism for wide-area (multi-area) smart grids, composed of geographically separated subregions, each supervised by a local control center. We firstly propose a distributed state estimator assuming regular system operation, that achieves near-optimal performance based on the local Kalman filters and with the exchange of necessary information between local centers. To enhance the security, we further propose to (i) protect the network database and the network communication channels against attacks and data manipulations via a blockchain (BC)-based system design, where the BC operates on the peer-to-peer network of local centers, (ii) locally detect the measurement anomalies in real-time to eliminate their effects on the state estimation process, and (iii) detect misbehaving (hacked/faulty) local centers in real-time via a distributed trust management scheme over the network. We provide theoretical guarantees regarding the false alarm rates of the proposed detection schemes, where the false alarms can be easily controlled. Numerical studies illustrate that the proposed mechanism offers reliable state estimation under regular system operation, timely and accurate detection of anomalies, and good state recovery performance in case of anomalies

Differentially Private Event Stream Filtering with an Application to Traffic Estimation

RÉSUMÉ Beaucoup de systèmes à grande échelle tels que les systèmes de transport intelligents, les réseaux intelligents ou les bâtiments intelligents requièrent que des individus contribuent leurs flux de données privées afin d’amasser, stocker, manipuler et analyser les informations pour le traitement du signal et à des fins de prise de décision. Dans un scénario typique, un essaim de capteurs produit des signaux d’entrée à valeurs discrètes décrivant l’occurrence d’événements relatifs à ces individus. En conséquence, des statistiques utiles doivent être publiées continuellement et en temps réel. Cependant, cela peut engendrer une perte de confidentialité pour les utilisateurs. Cette thèse considère le problème de fournir des garanties de confidentialité différentielle pour ces systèmes multi-sorties multi-entrées fonctionnant en continu. En particulier, nous considérons la question de confidentialité dans le contexte de la théorie des systèmes et nous étudions le problème de génération de signaux qui respectent la confidentialité des utilisateurs qui activent les capteurs. Nous présentons une nouvelle architecture d’estimation des flux de trafic préservant la confidentialité des conducteurs. Nous introduisons aussi une surveillance différentiellement confidentielle d’occupation dans un bâtiment équipé d’un dense réseau de capteurs de détection de mouvement, qui sera utile par exemple pour commander le système HVAC.----------ABSTRACT Many large-scale systems such as intelligent transportation systems, smart grids or smart buildings require individuals to contribute their private data streams in order to amass, store, manipulate and analyze information for signal processing and decision-making purposes. In a typical scenario, swarms of sensors produce discrete-valued input signals that describe the occurrence of events involving these users and several statistics of interest need to be continuously published in real-time. This can however engender a privacy loss for the users in exchange of the utility provided by the application. This thesis considers the problem of providing dierential privacy guarantees for such multi-input multi-output systems operating continuously. In particular, we consider the privacy issues in a system theoretic context, and address the problem of releasing filtered signals that respect the privacy of users who activate the sensors. As a result of this thesis we present a new architecture for privacy preserving estimation of trac flows. We also introduce dierentially private monitoring and forecasting occupancy in a building equipped with a dense network of motion detection sensors, which is useful for example to control its HVAC system

Crowdsourcing traffic data for travel time estimation

Travel time estimation is a fundamental measure used in routing and navigation applications, in particular in emerging intelligent transportation systems (ITS). For example, many users may prefer the fastest route to their destination and would rely on real-time predicted travel times. It also helps real-time traffic management and traffic light control. Accurate estimation of travel time requires collecting a lot of real-time data from road networks. This data can be collected using a wide variety of sources like inductive loop detectors, video cameras, radio frequency identification (RFID) transponders etc. But these systems include deployment of infrastructure which has some limitations and drawbacks. The main drawbacks in these modes are the high cost and the high probability of error caused by prevalence of equipment malfunctions and in the case of sensor based methods, the problem of spatial coverage.;As an alternative to traditional way of collecting data using expensive equipment, development of cellular & mobile technology allows for leveraging embedded GPS sensors in smartphones carried by millions of road users. Crowd-sourcing GPS data will allow building traffic monitoring systems that utilize this opportunity for the purpose of accurate and real-time prediction of traffic measures. However, the effectiveness of these systems have not yet been proven or shown in real applications. In this thesis, we study some of the current available data sets and identify the requirements for accurate prediction. In our work, we propose the design for a crowd-sourcing traffic application, including an android-based mobile client and a server architecture. We also develop map-matching method. More importantly, we present prediction methods using machine learning techniques such as support vector regression.;Machine learning provides an alternative to traditional statistical method such as using averaged historic data for estimation of travel time. Machine Learning techniques played a key role in estimation in the last two decades. They are proved by providing better accuracy in estimation and in classification. However, employing a machine learning technique in any application requires creative modeling of the system and its sensory data. In this thesis, we model the road network as a graph and train different models for different links on the road. Modeling a road network as graph with nodes and links enables the learner to capture patterns occurring on each segment of road, thereby providing better accuracy. To evaluate the prediction models, we use three sets of data out of which two sets are collected using mobile probing and one set is generated using VISSIM traffic simulator. The results show that crowdsourcing is only more accurate than traditional statistical methods if the input values for input data are very close to the actual values. In particular, when speed of vehicles on a link are concerned, we need to provide the machine learning model with data that is only few minutes old; using average speed of vehicles, for example from the past half hour, as is usually seen in many web based traffic information sources may not allow for better performance

Probabilistic models for data efficient reinforcement learning

Trial-and-error based reinforcement learning (RL) has seen rapid advancements in recent times, especially with the advent of deep neural networks. However, the standard deep learning methods often overlook the progress made in control theory by treating systems as black-box. We propose a model-based RL framework based on probabilistic Model Predictive Control (MPC). In particular, we propose to learn a probabilistic transition model using Gaussian Processes (GPs) to incorporate model uncertainty into long-term predictions, thereby, reducing the impact of model errors. We provide theoretical guarantees for first-order optimality in the GP-based transition models with deterministic approximate inference for long-term planning. We demonstrate that our approach not only achieves the state-of-the-art data efficiency, but also is a principled way for RL in constrained environments. When the true state of the dynamical system cannot be fully observed the standard model based methods cannot be directly applied. For these systems an additional step of state estimation is needed. We propose distributed message passing for state estimation in non-linear dynamical systems. In particular, we propose to use expectation propagation (EP) to iteratively refine the state estimate, i.e., the Gaussian posterior distribution on the latent state. We show two things: (a) Classical Rauch-Tung-Striebel (RTS) smoothers, such as the extended Kalman smoother (EKS) or the unscented Kalman smoother (UKS), are special cases of our message passing scheme; (b) running the message passing scheme more than once can lead to significant improvements over the classical RTS smoothers. We show the explicit connection between message passing with EP and well-known RTS smoothers and provide a practical implementation of the suggested algorithm. Furthermore, we address convergence issues of EP by generalising this framework to damped updates and the consideration of general -divergences. Probabilistic models can also be used to generate synthetic data. In model based RL we use ’synthetic’ data as a proxy to real environments and in order to achieve high data efficiency. The ability to generate high-fidelity synthetic data is crucial when available (real) data is limited as in RL or where privacy and data protection standards allow only for limited use of the given data, e.g., in medical and financial data-sets. Current state-of-the-art methods for synthetic data generation are based on generative models, such as Generative Adversarial Networks (GANs). Even though GANs have achieved remarkable results in synthetic data generation, they are often challenging to interpret. Furthermore, GAN-based methods can suffer when used with mixed real and categorical variables. Moreover, the loss function (discriminator loss) design itself is problem specific, i.e., the generative model may not be useful for tasks it was not explicitly trained for. In this paper, we propose to use a probabilistic model as a synthetic data generator. Learning the probabilistic model for the data is equivalent to estimating the density of the data. Based on the copula theory, we divide the density estimation task into two parts, i.e., estimating univariate marginals and estimating the multivariate copula density over the univariate marginals. We use normalising flows to learn both the copula density and univariate marginals. We benchmark our method on both simulated and real data-sets in terms of density estimation as well as the ability to generate high-fidelity synthetic data.Open Acces