Biblio

Integrated with various electronic control units (ECUs), vehicles are becoming more intelligent with the assistance of essential connections. However, the interaction with the outside world raises great concerns on cyber-attacks. As a main standard for in-vehicle network, Controller Area Network (CAN) does not have any built-in security mechanisms to guarantee a secure communication. This increases risks of denial of service, remote control attacks by an attacker, posing serious threats to underlying vehicles, property and human lives. As a result, it is urgent to develop an effective in-vehicle network intrusion detection system (IDS) for better security. In this paper, we propose a Feature-based Sliding Window (FSW) to extract the feature of CAN Data Field and CAN IDs. Then we construct a convolutional encoder network (CEN) to detect network intrusion of CAN networks. The proposed FSW-CEN method is evaluated on real-world datasets. The experimental results show that compared to traditional data processing methods and convolutional neural networks, our method is able to detect attacks with a higher accuracy in terms of detection accuracy and false negative rate.

Trustworthy and secure operation of the cyber-power system calls for resilience against malicious and accidental failures. The objective of a resilient system is to withstand and recover operation of the system to supply critical loads despite multiple contingencies in the system. To take timely actions, we need to continuously measure the cyberphysical security of the system. We propose a cyber-physical security assessment metric (CP-SAM) based on quantitative factors affecting resiliency and utilizing concepts from graph theoretic analysis, probabilistic model of availability, attack graph metrics, and vulnerabilities across different layers of the microgrid system. These factors are integrated into a single metric using a multi-criteria decision making (MCDM) technique, Choquet Integral to compute CP-SAM. The developed metric will be valuable for i) monitoring the microgrid resiliency considering a holistic cyber-physical model; and ii) enable better decision-making to select best possible mitigation strategies towards resilient microgrid system. Developed CP-SAM can be extended for active distribution system and has been validated in a real-world power-grid test-bed to monitor the microgrid resiliency.

Learning-enabled components (LECs) are widely used in cyber-physical systems (CPS) since they can handle the uncertainty and variability of the environment and increase the level of autonomy. However, it has been shown that LECs such as deep neural networks (DNN) are not robust and adversarial examples can cause the model to make a false prediction. The paper considers the problem of efficiently detecting adversarial examples in LECs used for regression in CPS. The proposed approach is based on inductive conformal prediction and uses a regression model based on variational autoencoder. The architecture allows to take into consideration both the input and the neural network prediction for detecting adversarial, and more generally, out-of-distribution examples. We demonstrate the method using an advanced emergency braking system implemented in an open source simulator for self-driving cars where a DNN is used to estimate the distance to an obstacle. The simulation results show that the method can effectively detect adversarial examples with a short detection delay.

Anomaly detection classification technology based on deep learning is one of the crucial technologies supporting network security. However, as the data increasing, this traditional model cannot guarantee that the false alarm rate is minimized while meeting the high detection rate. Additionally, distribution of imbalanced abnormal samples will lead to an increase in the error rate of the classification results. In this work, since CNN is effective in network intrusion classification, we embed a compressed feature layer in CNN (Convolutional Neural Networks). The purpose is to improve the efficiency of network intrusion detection. After our model was trained for 55 epochs and we set the learning rate of the model to 0.01, the detection rate reaches over 98%.

Cyber-Physical Systems (CPS) are monitored and controlled by Supervisory Control and Data Acquisition (SCADA) systems that use advanced computing, sensors, control systems, and communication networks. At first, CPS and SCADA systems were protected and secured by isolation. However, with recent industrial technology advances, the increased connectivity of CPSs and SCADA systems to enterprise networks has uncovered them to new cybersecurity threats and made them a primary target for cyber-attacks with the potential of causing catastrophic economic, social, and environmental damage. Recent research focuses on new methodologies for risk modeling and assessment using game theory and reinforcement learning. This paperwork proposes to frame CPS security on two different levels, strategic and battlefield, by meeting ideas from game theory and Multi-Agent Reinforcement Learning (MARL). The strategic level is modeled as imperfect information, extensive form game. Here, the human administrator and the malware author decide on the strategies of defense and attack, respectively. At the battlefield level, strategies are implemented by machine learning agents that derive optimal policies for run-time decisions. The outcomes of these policies manifest as the utility at a higher level, where we aim to reach a Nash Equilibrium (NE) in favor of the defender. We simulate the scenario of a virus spreading in the context of a CPS network. We present experiments using the MiniCPS simulator and the OpenAI Gym toolkit and discuss the results.

In recent years, neural networks have been implemented while solving various tasks. Deep learning algorithms provide state of the art performance in computer vision, NLP, speech recognition, speaker recognition and many other fields. In spite of the good performance, neural networks have significant drawback- they have been found to be vulnerable to adversarial examples resulting from adding small-magnitude perturbations to inputs. While being imperceptible to a human eye, such perturbations lead to significant drop in classification accuracy. It is demonstrated by many studies related to neural network security. Considering the pros and cons of neural networks, as well as a variety of their applications, developing of the methods to improve the robustness of neural networks against adversarial attacks becomes an urgent task. In the article authors propose the “minimalistic” attacker model of the decision support system identification unit, adaptive recommendations on security enhancing, and a set of protective methods. Suggested methods allow for significant increase in classification accuracy under adversarial attacks, as it is demonstrated by an experiment outlined in this article.

Novel magneto-optical isolator and self-holding optical switch with an a-Si:H microring resonator are demonstrated. The devices are driven by the remanence of integrated thin-film magnet and, therefore, maintain their state without any power supply.

In this paper, we present the concept of boosting the resiliency of optimization-based observers for cyber-physical systems (CPS) using auxiliary sources of information. Due to the tight coupling of physics, communication and computation, a malicious agent can exploit multiple inherent vulnerabilities in order to inject stealthy signals into the measurement process. The problem setting considers the scenario in which an attacker strategically corrupts portions of the data in order to force wrong state estimates which could have catastrophic consequences. The goal of the proposed observer is to compute the true states in-spite of the adversarial corruption. In the formulation, we use a measurement prior distribution generated by the auxiliary model to refine the feasible region of a traditional compressive sensing-based regression problem. A constrained optimization-based observer is developed using l1-minimization scheme. Numerical experiments show that the solution of the resulting problem recovers the true states of the system. The developed algorithm is evaluated through a numerical simulation example of the IEEE 14-bus system.

Software-Defined Networking (SDN) simplifies network management by separating the control plane from the data forwarding plane. However, the plane separation technology introduces many new loopholes in the SDN data plane. In order to facilitate taking proactive measures to reduce the damage degree of network security events, this paper proposes a security situation prediction method based on particle swarm optimization algorithm and long-short-term memory neural network for network security events on the SDN data plane. According to the statistical information of the security incident, the analytic hierarchy process is used to calculate the SDN data plane security situation risk value. Then use the historical data of the security situation risk value to build an artificial neural network prediction model. Finally, a prediction model is used to predict the future security situation risk value. Experiments show that this method has good prediction accuracy and stability.

Interface transformer used in asynchronous networking was a kind of special transformer which's different from normal power transformer. During no-load switch-in, the magnitude of inrush current will be high, and the waveform distortion also be severity. Maybe the protections will be activated, even worse may lead the lockdown of the DC system. In this paper, field-circuit coupled finite element method was used for the study of transient characteristic of no-load switch-in, remanence simulation methods were presented. Quantitative analysis of the effect of closing making angle and core remanence on inrush current peak value, meanwhile, the distribution of magnetic field inside the tank during the transient process. The result indicated that the closing making angle and core remanence have obvious effect on inrush current peak value. The research results of this paper can be used to guide the formulation of no-load switch-in strategy of interface transformer, which was of great significance to ensure the smooth operation of HVDC Flexible system.

The article is devoted to the choice of personal means of the 5G defense in dependence of hard- and software available to the user. The universal module MS 127.04 and its software compatible unit can be universally configured for use. An intelligent hardware and software platform is proposed for multi-core setting of policies for the automatic encryption of confidential data and selective blocking related to the implementation of computing security and confidentiality of data transfer, using such additional specially. A platform that resists the external influences is described. The platform is based on a universal module MS 127.05 (produced in Russia), that is a heterogeneous multiprocessor system on a chip), the system features 16 processor cores (NeuroMatrix Core 4) and five ARM Cortex-A5 units (ULSI 1879VM8Ya.

This research paper presented a design that will address the challenges brought by remanence in ground-fault current interrupter devices (gfci). Remanence or residual magnetism is the magnetization left behind in a ferromagnetic material (such as iron) after an external magnetic field is removed. Remanence will make the gfci devices less accurate and less reliable in tripping the current above threshold in just five (5) years. It affects the performance of the device in terms of efficiency, accuracy, and response time. In this research, the problems caused by remanence were alleviated by using two identical transformers in detecting residual current both for hot and neutral wires. The difference of the current detected by the two transformers will be the basis of the signal threshold in tripping the device. By doing so, the problems caused by remanence phenomenon will be solved without compromising the response time of the circuit which is around 16 mS. The design will extend the life span of GFCI devices up to 15 years.

The security problem of networked control systems (NCSs) suffering denial of service(DoS) attacks with incomplete information is investigated in this paper. Data transmission among different components in NCSs may be blocked due to DoS attacks. We use the concept of security level to describe the degree of security of different components in an NCS. Intrusion detection system (IDS) is used to monitor the invalid data generated by DoS attacks. At each time slot, the defender considers which component to monitor while the attacker considers which place for invasion. A one-shot game between attacker and defender is built and both the complete information case and the incomplete information case are considered. Furthermore, a repeated game model with updating beliefs is also established based on the Bayes' rule. Finally, a numerical example is provided to illustrate the effectiveness of the proposed method.

Implementations of Cyber-Physical Systems (CPS), like the Internet of Things, Smart Factories or Smart Grid gain more and more impact in their fields of application, as they extend the functionality and quality of the offered services significantly. However, the coupling of safety-critical embedded systems and services of the cyber-space domain introduce many new challenges for system engineers. Especially, the goal to achieve a high level of security throughout CPS presents a major challenge. However, it is necessary to develop and deploy secure CPS, as vulnerabilities and threats may lead to a non- or maliciously modified functionality of the CPS. This could ultimately cause harm to life of involved actors, or at least sensitive information can be leaked or lost. Therefore, it is essential that system engineers are aware of the level of security of the deployed CPS. For this purpose, security metrics and security evaluation frameworks can be utilized, as they are able to quantitatively express security, based on different measurements and rules. However, existing security scoring solutions may not be able to generate accurate security scores for CPS, as they insufficiently consider the typical CPS characteristics, like the communication of heterogeneous systems of physical- and cyber-space domain in an unpredictable manner. Therefore, we propose a security analysis framework, called Security Qualification Matrix (SQM). The SQM is capable to analyses multiple attacks on a System-of-Systems level simultaneously. With this approach, dependencies, potential side effects and the impact of mitigation concepts can quickly be identified and evaluated.

Cyber-physical systems (CPSs) are implemented in many industrial and embedded control applications. Where these systems are safety-critical, correct and safe behavior is of paramount importance. Malicious attacks on such CPSs can have far-reaching repercussions. For instance, if elements of a power grid behave erratically, physical damage and loss of life could occur. Currently, there is a trend toward increased complexity and connectivity of CPS. However, as this occurs, the potential attack vectors for these systems grow in number, increasing the risk that a given controller might become compromised. In this article, we examine how the dangers of compromised controllers can be mitigated. We propose a novel application of runtime enforcement that can secure the safety of real-world physical systems. Here, we synthesize enforcers to a new hardware architecture within programmable logic controller I/O modules to act as an effective line of defence between the cyber and the physical domains. Our enforcers prevent the physical damage that a compromised control system might be able to perform. To demonstrate the efficacy of our approach, we present several benchmarks, and show that the overhead for each system is extremely minimal.

The emergence of Cyber-Physical Systems (CPSs) is a potential paradigm shift for the usage of Information and Communication Technologies (ICT). From predominantly a facilitator of information and communication services, the role of ICT in the present age has expanded to the management of objects and resources in the physical world. Thus, it is imperative to devise mechanisms to ensure the trustworthiness of data to secure vulnerable devices against security threats. This work presents an analytical framework based on non-cooperative game theory to evaluate the trustworthiness of individual sensor nodes that constitute the CPS. The proposed game-theoretic model captures the factors impacting the trustworthiness of CPS sensor nodes. Further, the model is used to estimate the Nash equilibrium solution of the game, to derive a trust threshold criterion. The trust threshold represents the minimum trust score required to be maintained by individual sensor nodes during CPS operation. Sensor nodes with trust scores below the threshold are potentially malicious and may be removed or isolated to ensure the secure operation of CPS.

Cyber-Physical Systems (CPSs) play an increasingly significant role in many critical applications. These valuable applications attract various sophisticated attacks. This paper considers a stealthy estimation attack, which aims to modify the state estimation of the CPSs. The intelligent attackers can learn defense strategies and use clandestine attack strategies to avoid detection. To address the issue, we design a Chi-square detector in a Digital Twin (DT), which is an online digital model of the physical system. We use a Signaling Game with Evidence (SGE) to find the optimal attack and defense strategies. Our analytical results show that the proposed defense strategies can mitigate the impact of the attack on the physical estimation and guarantee the stability of the CPSs. Finally, we use an illustrative application to evaluate the performance of the proposed framework.

Transactive Energy (TE) is an emerging discipline that utilizes economic and control techniques for operating and managing the power grid effectively. Distributed Energy Resources (DERs) represent a fundamental shift away from traditionally centrally managed energy generation and storage to one that is rather distributed. However, integrating and managing DERs into the power grid is highly challenging owing to the TE implementation issues such as privacy, equity, efficiency, reliability, and security. The TE market structures allow utilities to transact (i.e., buy and sell) power services (production, distribution, and storage) from/to DER providers integrated as part of the grid. Flexible power pricing in TE enables power services transactions to dynamically adjust power generation and storage in a way that continuously balances power supply and demand as well as minimize cost of grid operations. Therefore, it has become important to analyze various market models utilized in different TE applications for their impact on above implementation issues.In this demo, we show-case the Transactive Energy Simulation and Analysis Toolsuite (TE-SAT) with its three publicly available design studios for experimenting with TE markets. All three design studios are built using metamodeling tool called the Web-based Graphical Modeling Environment (WebGME). Using a Git-like storage and tracking backend server, WebGME enables multi-user editing on models and experiments using simply a web-browser. This directly facilitates collaboration among different TE stakeholders for developing and analyzing grid operations and market models. Additionally, these design studios provide an integrated and scalable cloud backend for running corresponding simulation experiments.

Industrial Internet of Things (IIoT) has arisen as an emerging trend in the industrial sector. Millions of sensors present in IIoT networks generate a massive amount of data that can open the doors for several cyber-attacks. An intrusion detection system (IDS) monitors real-time internet traffic and identify the behavior and type of network attacks. In this paper, we presented a deep random neural (DRaNN) based scheme for intrusion detection in IIoT. The proposed scheme is evaluated by using a new generation IIoT security dataset UNSW-NB15. Experimental results prove that the proposed model successfully classified nine different types of attacks with a low false-positive rate and great accuracy of 99.54%. To validate the feasibility of the proposed scheme, experimental results are also compared with state-of-the-art deep learning-based intrusion detection schemes. The proposed model achieved a higher attack detection rate of 99.41%.

Wide integration of information and communication technology (ICT) in modern power grids has brought many benefits as well as the risk of cyber attacks. A critical step towards defending grid cyber security is to understand the cyber-physical causal chain, which describes the progression of intrusion in cyber-space leading to the formation of consequences on the physical power grid. In this paper, we develop an attack vector for a time delay attack at load frequency control in the power grid. Distinct from existing works, which are separately focused on cyber intrusion, grid response, or testbed validation, the proposed attack vector for the first time provides a full cyber-physical causal chain. It targets specific vulnerabilities in the protocols, performs a denial-of-service (DoS) attack, induces the delays in control loop, and destabilizes grid frequency. The proposed attack vector is proved in theory, presented as an attack tree, and validated in an experimental environment. The results will provide valuable insights to develop security measures and robust controls against time delay attacks.

A critical need exists for collaboration and action by government, industry, and academia to address cyber weaknesses or vulnerabilities inherent to embedded or cyber physical systems (CPS). These vulnerabilities are introduced as we leverage technologies, methods, products, and services from the global supply chain throughout a system's lifecycle. As adversaries are exploiting these weaknesses as access points for malicious purposes, solutions for system security and resilience become a priority call for action. The SAE G-32 Cyber Physical Systems Security Committee has been convened to address this complex challenge. The SAE G-32 will take a holistic systems engineering approach to integrate system security considerations to develop a Cyber Physical System Security Framework. This framework is intended to bring together multiple industries and develop a method and common language which will enable us to more effectively, efficiently, and consistently communicate a risk, cost, and performance trade space. The standard will allow System Integrators to make decisions utilizing a common framework and language to develop affordable, trustworthy, resilient, and secure systems.

Low accuracy and slow speed of predictions for cyber security situational awareness. This paper proposes a network security situational awareness model based on accelerated accurate k-means radial basis function (RBF) neural network, the model uses the ball k-means clustering algorithm to cluster the input samples, to get the nodes of the hidden layer of the RBF neural network, speeding up the selection of the initial center point of the RBF neural network, and optimize the parameters of the RBF neural network structure. Finally, use the training data set to train the neural network, using the test data set to test the accuracy of this neural network structure, the results show that this method has a greater improvement in training speed and accuracy than other neural networks.

Attack graphs are commonly used to analyse the security of medium-sized to large networks. Based on a scan of the network and likelihood information of vulnerabilities, attack graphs can be transformed into Bayesian Attack Graphs (BAGs). These BAGs are used to evaluate how security controls affect a network and how changes in topology affect security. A challenge with these automatically generated BAGs is that cycles arise naturally, which make it impossible to use Bayesian network theory to calculate state probabilities. In this paper we provide a systematic approach to analyse and perform computations over cyclic Bayesian attack graphs. We present an interpretation of Bayesian attack graphs based on combinational logic circuits, which facilitates an intuitively attractive systematic treatment of cycles. We prove properties of the associated logic circuit and present an algorithm that computes state probabilities without altering the attack graphs (e.g., remove an arc to remove a cycle). Moreover, our algorithm deals seamlessly with any cycle without the need to identify their type. A set of experiments demonstrates the scalability of the algorithm on computer networks with hundreds of machines, each with multiple vulnerabilities.

Developing mission-centric impact assessment techniques to address cyber resiliency in the cyber-physical systems (CPSs) requires integrating system inter-dependencies to the risk and resilience analysis process. Generally, network administrators utilize attack graphs to estimate possible consequences in a networked environment. Attack graphs lack to incorporate the operations-specific dependencies. Localizing the dependencies among operational missions, tasks, and the hosting devices in a large-scale CPS is also challenging. In this work, we offer a graphical modeling technique to integrate the mission-centric impact assessment of cyberattacks by relating the effect to the operational resiliency by utilizing a combination of the logical attack graph and mission impact propagation graph. We propose formal techniques to compute cyberattacks’ impact on the operational mission and offer an optimization process to minimize the same, having budgetary restrictions. We also relate the effect to the system functional operability. We illustrate our modeling techniques using a SCADA (supervisory control and data acquisition) case study for the cyber-physical power systems. We believe our proposed method would help evaluate and minimize the impact of cyber attacks on CPS’s operational missions and, thus, enhance cyber resiliency.

Attack detection and recovery are fundamental elements for the operation of safe and resilient cyber-physical systems. Most of the literature focuses on attack-detection, while leaving attack-recovery as an open problem. In this paper, we propose novel attack-recovery control for securing cyber-physical systems. Our recovery control consists of new concepts required for a safe response to attacks, which includes the removal of poisoned data, the estimation of the current state, a prediction of the reachable states, and the online design of a new controller to recover the system. The synthesis of such recovery controllers for cyber-physical systems has barely investigated so far. To fill this void, we present a formal method-based approach to online compute a recovery control sequence that steers a system under an ongoing sensor attack from the current state to a target state such that no unsafe state is reachable on the way. The method solves a reach-avoid problem on a Linear Time-Invariant (LTI) model with the consideration of an error bound $ε$ $\geq$ 0. The obtained recovery control is guaranteed to work on the original system if the behavioral difference between the LTI model and the system's plant dynamics is not larger than $ε$. Since a recovery control should be obtained and applied at the runtime of the system, in order to keep its computational time cost as low as possible, our approach firstly builds a linear programming restriction with the accordingly constrained safety and target specifications for the given reach-avoid problem, and then uses a linear programming solver to find a solution. To demonstrate the effectiveness of our method, we provide (a) the comparison to the previous work over 5 system models under 3 sensor attack scenarios: modification, delay, and reply; (b) a scalability analysis based on a scalable model to evaluate the performance of our method on large-scale systems.