Application of unified invariants for cyber physical systems in smart grids

Cyber-Physical Systems (CPS) are complex engineered systems which consist of physical components with an underlying cyber network. The three main components of a cyber-physical System are: physical system, networking and communications element and a distributed cyber system. The primary challenge for cyber-physical systems is to understand what happens when various sub-systems, which have been developed in an isolated environment, are integrated. CPS studies need to ensure sub-systems that had been designed in isolation to meet certain specifications, when combined, do not cause the overall system to fail. The crux of cyber-physical research is thus to find a common platform to bind all these different components, so as to monitor the overall system performance. This dissertation discusses how to unify these different aspects and tackles the issue of synthesizing, verifying and monitoring highly diverse environments by introducing the concept of Unified Invariants. In this dissertation, a smart grid has been used to implement and validate this concept of Unified Invariants towards building a robust cyber-physical system. There are several ways to compromise the reliable operation of a smart grid. Examples of such contingent events are voltage collapse, line overloading and dynamic instability. Physical system invariants have been developed to identify and thwart such events which threaten the integrity of the physical system. These physical invariants have be integrated with cyber controllers to ensure a safe, stable and reliable operation of the smart grid. This is an unique concept and differs from previous methods in the fact that while earlier methods have tried to compose functionality of each domain of the cyber-physical world, the Unified Invariant method serves as a transformative approach to express and impose system properties that are common to all the domains (cyber, physical, networking). The net outcome of such an approach is that the resulting CPSs will be safe and stable at the system level, rather than just the sub-system level. --Abstract, page iii

Unified knowledge model for stability analysis in cyber physical systems

The amalgamation and coordination between computational processes and physical components represent the very basis of cyber-physical systems. A diverse range of CPS challenges had been addressed through numerous workshops and conferences over the past decade. Finding a common semantic among these diverse components which promotes system synthesis, verification and monitoring is a significant challenge in the cyber-physical research domain. Computational correctness, network timing and frequency response are system aspects that conspire to impede design, verification and monitoring. The objective of cyber-physical research is to unify these diverse aspects by developing common semantics that span each aspect of a CPS. The work of this thesis revolves around the design of a typical smart grid-type system with three PV sources built with PSCADʼ. A major amount of effort in this thesis had been focused on studying the system behavior in terms of stability when subjected to load fluctuations from the PV side. The stability had been primarily reflected in the frequency of the generator of the system. The concept of droop control had been analyzed and the parameterization of the droop constant in the shape of an invariant forms an essential part of the thesis as it predicts system behavior and also guides the system within its stable restraints. As an extension of a relationship between stability and frequency, the present study goes one step ahead in describing the sojourn of the system from stability to instability by doing an analysis with the help of tools called Lyapunov-like functions. Lyapunov-like functions are, for switched systems, a class of functions that are used to measure the stability for non linear systems. The use of Lyapunov-like functions to judge the stability of this system had been tested and discussed in detail in this thesis and simulation results provided --Abstract, page iii

Learning from mutants: Using code mutation to learn and monitor invariants of a cyber-physical system

Cyber-physical systems (CPS) consist of sensors, actuators, and controllers all communicating over a network; if any subset becomes compromised, an attacker could cause significant damage. With access to data logs and a model of the CPS, the physical effects of an attack could potentially be detected before any damage is done. Manually building a model that is accurate enough in practice, however, is extremely difficult. In this paper, we propose a novel approach for constructing models of CPS automatically, by applying supervised machine learning to data traces obtained after systematically seeding their software components with faults ("mutants"). We demonstrate the efficacy of this approach on the simulator of a real-world water purification plant, presenting a framework that automatically generates mutants, collects data traces, and learns an SVM-based model. Using cross-validation and statistical model checking, we show that the learnt model characterises an invariant physical property of the system. Furthermore, we demonstrate the usefulness of the invariant by subjecting the system to 55 network and code-modification attacks, and showing that it can detect 85% of them from the data logs generated at runtime.Comment: Accepted by IEEE S&P 201

Control Behavior Integrity for Distributed Cyber-Physical Systems

Cyber-physical control systems, such as industrial control systems (ICS), are increasingly targeted by cyberattacks. Such attacks can potentially cause tremendous damage, affect critical infrastructure or even jeopardize human life when the system does not behave as intended. Cyberattacks, however, are not new and decades of security research have developed plenty of solutions to thwart them. Unfortunately, many of these solutions cannot be easily applied to safety-critical cyber-physical systems. Further, the attack surface of ICS is quite different from what can be commonly assumed in classical IT systems. We present Scadman, a system with the goal to preserve the Control Behavior Integrity (CBI) of distributed cyber-physical systems. By observing the system-wide behavior, the correctness of individual controllers in the system can be verified. This allows Scadman to detect a wide range of attacks against controllers, like programmable logic controller (PLCs), including malware attacks, code-reuse and data-only attacks. We implemented and evaluated Scadman based on a real-world water treatment testbed for research and training on ICS security. Our results show that we can detect a wide range of attacks--including attacks that have previously been undetectable by typical state estimation techniques--while causing no false-positive warning for nominal threshold values.Comment: 15 pages, 8 figure

Cyber-physical security of a chemical plant

The increasing number of cyber attacks on industries demands immediate attention for providing more secure mechanisms to safeguard industries and minimize risks. A supervisory control and data acquisition (SCADA) system employing the distributed networks of sensors and actuators that interact with the physical environment is vulnerable to attacks that target the interface between the cyber and physical subsystems. These cyber attacks are typically malicious actions that cause undesired results in the cyber physical world, for example, the Stuxnet attack that targeted Iran\u27s nuclear centrifuges. An attack that hijacks the sensors in an attempt to provide false readings to the controller can be used to feign normal system operation for the control system, while the attacker can hijack the actuators to send the system beyond its safety range. Cyber physical systems (CPS) being used in industries such as oil and gas, chemical process plants and the like are termed Industrial Control Systems (ICS). Control system security is aimed at preventing intentional or unintentional interference with the proper operation of ICS. This thesis proposes a process-aware approach with the use of invariant equations based on the physical and chemical properties of the process and a Multiple Security Domain Nondeducibility (MSDND) framework to detect when a sensor signal is being maliciously manipulated. We have taken a benzene production plant as case study to illustrate our approach and its effectiveness in determining the state of the system. A system without any MSDND secure information flows between the CPS and cyber monitors has fewer weaknesses that can be exploited --Abstract, page iii

Quantification of information flow in cyber physical systems

In Cyber Physical Systems (CPSs), traditional security mechanisms such as cryptography and access control are not enough to ensure the security of the system since complex interactions between the cyber portion and physical portion happen frequently. In particular, the physical infrastructure is inherently observable; aggregated physical observations can lead to unintended cyber information leakage. Information flow analysis, which aims to control the way information flows among different entities, is better suited for CPSs than the access control security mechanism. However, quantifying information leakage in CPSs can be challenging due to the flow of implicit information between the cyber portion, the physical portion, and the outside world. Within algorithmic theory, the online problem considers inputs that arrive one by one and deals with extracting the algorithmic solution through an advice tape without knowing some parts of the input. This dissertation focuses on statistical methods to quantify information leakage in CPSs due to algorithmic leakages, especially CPSs that allocate constrained resources. The proposed framework is based on the advice tape concept of algorithmically quantifying information leakage and statistical analysis. With aggregated physical observations, the amount of information leakage of the constrained resource due to the cyber algorithm can be quantified through the proposed algorithms. An electric smart grid has been used as an example to develop confidence intervals of information leakage within a real CPS. The characteristic of the physical system, which is represented as an invariant, is also considered and influences the information quantification results. The impact of this work is that it allows the user to express an observer\u27s uncertainty about a secret as a function of the revealed part. Thus, it can be used as an algorithmic design in a CPS to allocate resources while maximizing the uncertainty of the information flow to an observer --Abstract, page iii

Cyber-physical security of an electric microgrid

Cyber-physical systems (CPSs) are physical systems that are controlled or monitored by computer-based systems. CPSs are a combination of computation, networking, and physical processes. As CPSs are a combination of various diverse components, they are vulnerable to several security threats. Moreover, there are many different security domains (not just high/low, nor necessarily hierarchical). This paper utilizes previously developed multiple security domain nondeducibility (MSDND) to uncover potential integrity vulnerabilities in an electric microgrid. Invariants are manually generated using the insights obtained through MSDND analysis and use linear regression to automate the generation of invariants. The vulnerabilities are then mitigated, to the extent possible, by adding executable invariants on system operation. Implementation on the Electric Power and Intelligent Control (EPIC) testbed at the Singapore University of Technology and Design is reported. Limitations of the design and successes/shortcomings of attack mitigation are reported --Abstract, page iii