Biblio

In this paper, an Intrusion Detection System (IDS) in the Controller Area Network (CAN) bus of modern vehicles has been proposed. NESLIDS is an anomaly detection algorithm based on the supervised Deep Neural Network (DNN) architecture that is designed to counter three critical attack categories: Denial-of-service (DoS), fuzzy, and impersonation attacks. Our research scope included modifying DNN parameters, e.g. number of hidden layer neurons, batch size, and activation functions according to how well it maximized detection accuracy and minimized the false positive rate (FPR) for these attacks. Our methodology consisted of collecting CAN Bus data from online and in real-time, injecting attack data after data collection, preprocessing in Python, training the DNN, and testing the model with different datasets. Results show that the proposed IDS effectively detects all attack types for both types of datasets. NESLIDS outperforms existing approaches in terms of accuracy, scalability, and low false alarm rates.

This paper studies the current status and future directions of RTOS (Real-Time Operating Systems) for time-sensitive CPS (Cyber-Physical Systems). GPOS (General Purpose Operating Systems) existed before RTOS but did not meet performance requirements for time sensitive CPS. Many GPOS have put forward adaptations to meet the requirements of real-time performance, and this paper compares RTOS and GPOS and shows their pros and cons for CPS applications. Furthermore, comparisons among select RTOS such as VxWorks, RTLinux, and FreeRTOS have been conducted in terms of scheduling, kernel, and priority inversion. Various tools for WCET (Worst-Case Execution Time) estimation are discussed. This paper also presents a CPS use case of RTOS, i.e. JetOS for avionics, and future advancements in RTOS such as multi-core RTOS, new RTOS architecture and RTOS security for CPS.

Compressive sensing (CS) is beneficial for unmanned reconnaissance systems to obtain high-quality images with limited resources. The existing prediction methods for block-based compressive sensing of images can be regarded as the particular coefficients of weighted predictive coding. To find better prediction coefficients for BCS, this paper proposes two weighted prediction methods. The first method converts the prediction model of measurements into a prediction model of image blocks. The prediction weights are obtained by training the prediction model of image blocks offline, which avoiding the influence of the sampling rates on the prediction model of measurements. Another method is to calculate the prediction coefficients adaptively based on the average energy of measurements, which can adjust the weights based on the measurements. Compared with existing methods, the proposed prediction methods for BCS of images can further improve the reconstruction image quality.

Adversary emulation is an offensive exercise that provides a comprehensive assessment of a system’s resilience against cyber attacks. However, adversary emulation is typically a manual process, making it costly and hard to deploy in cyber-physical systems (CPS) with complex dynamics, vulnerabilities, and operational uncertainties. In this paper, we develop an automated, domain-aware approach to adversary emulation for CPS. We formulate a Markov Decision Process (MDP) model to determine an optimal attack sequence over a hybrid attack graph with cyber (discrete) and physical (continuous) components and related physical dynamics. We apply model-based and model-free reinforcement learning (RL) methods to solve the discrete-continuous MDP in a tractable fashion. As a baseline, we also develop a greedy attack algorithm and compare it with the RL procedures. We summarize our findings through a numerical study on sensor deception attacks in buildings to compare the performance and solution quality of the proposed algorithms.

Cyber-Physical Systems (CPS) have gained considerable interest in the last decade from both industry and academia. Such systems have proven particularly complex and provide considerable challenges to master their design and ensure their functionalities. In this paper, we intend to tackle some of these challenges related to the security and the resilience of CPS at the design level. We initiate a CPS modeling approach to specify such systems structure and behaviors, analyze their inherent properties and to overcome threats in terms of security and correctness. In this initiative, we consider a CPS as a network of entities that communicate through physical and logical channels, and which purpose is to achieve a set of tasks expressed as an ordered tree. Our modeling approach proposes a combination of the Coq theorem prover and the Maude rewriting system to ensure the soundness and correctness of CPS design. The introduced solution is illustrated through an automobile manufacturing case study.

Securing cyber-physical systems (CPS) and Internet of Things (IoT) systems requires the identification of how interdependence among existing atomic vulnerabilities may be exploited by an adversary to stitch together an attack that can compromise the system. Therefore, accurate attack graphs play a significant role in systems security. A manual construction of the attack graphs is tedious and error-prone, this paper proposes a model-checking-based automated attack graph generator and visualizer (A2G2V). The proposed A2G2V algorithm uses existing model-checking tools, an architecture description tool, and our own code to generate an attack graph that enumerates the set of all possible sequences in which atomic-level vulnerabilities can be exploited to compromise system security. The architecture description tool captures a formal representation of the networked system, its atomic vulnerabilities, their pre-and post-conditions, and security property of interest. A model-checker is employed to automatically identify an attack sequence in the form of a counterexample. Our own code integrated with the model-checker parses the counterexamples, encodes those for specification relaxation, and iterates until all attack sequences are revealed. Finally, a visualization tool has also been incorporated with A2G2V to generate a graphical representation of the generated attack graph. The results are illustrated through application to computer as well as control (SCADA) networks.

Knowledge Tracing (KT) is a task that aims to assess students' mastery level of knowledge and predict their performance over questions, which has attracted widespread attention over the years. Recently, an increasing number of researches have applied deep learning techniques to knowledge tracing and have made a huge success over traditional Bayesian Knowledge Tracing methods. Most existing deep learning-based methods utilized either Recurrent Neural Networks (RNNs) or Convolutional Neural Networks (CNNs). However, it is worth noticing that these two sorts of models are complementary in modeling abilities. Thus, in this paper, we propose a novel knowledge tracing model by taking advantage of both two models via combining them into a single integrated model, named Convolutional Recurrent Knowledge Tracing (CRKT). Extensive experiments show that our model outperforms the state-of-the-art models in multiple KT datasets.

The determination of the damper cage health is a matter of great importance in those industries that use large synchronous motors in their processes. In the past, unexpected damages of that element implied economic losses amounting up to several million \$. The problem is that, in the technical literature, there is a lack of non-invasive techniques enabling the reliable condition monitoring of this element. This explains the fact that, in industry, rudimentary methods are still employed to determine its condition. This paper proposes the analysis of the stray flux as a way to determine the condition of the damper cage. The paper shows that the analysis of the stray flux under starting yields characteristic time-frequency signatures of the fault components that can be used to reliably determine the condition of the damper. Moreover, the analysis of the stray flux at steady-state operation under asynchronous mode could give useful information to this end. The paper also analyses the influence of the remanent magnetism in the rotor of some synchronous motors, which can make the damper cage diagnosis more difficult; some solutions to this problem are also suggested in the paper.

Well-known approaches to risk analysis suggest considering the level of an information system risk as one frame in a film. This means that we only can perform a risk assessment for the current point in time. This article explores the idea of risk assessment in a future period, as a prediction of what we will see in the film later. In other words, the article presents an approach to predicting a potential future risk and suggests the idea of relying on forecasting the likelihood of an attack on information system assets. To establish the risk level at a selected time interval in the future, one has to perform a mathematical decomposition. To do this, we need to select the required information system parameters for the predictions and their statistical data for risk assessment. This method can be used to ensure more detailed budget planning when ensuring the protection of the information system. It can be also applied in case of a change of the information protection configuration to satisfy the accepted level of risk associated with projected threats and vulnerabilities.

Trusted Platform Modules (TPMs) are specialized chips that store RSA keys specific to the host system for hardware authentication. The RSA keys refer to an encryption technology developed by RSA Data Security. The RSA algorithm accounts for the fact that there is no efficient way to factor extremely large numbers. Each TPM chip contains an RSA Key pair known as the Endorsement Key that cannot be accessed by software. The TPM contains an additional key, called the Attestation Identity Key that protects the device itself against unauthorized firmware and software modification by implementing hash functions on critical sections of the software and firmware before execution. As a result, the TPM can be used as a chip for handling encryption for a larger system to offer an additional layer of security. Furthermore, the TPM can also be used for managing encryption keys, as a Storage Root Key is created when a user or administrator takes ownership of the system. However, merging the TPM into a system does come with additional costs along with potential benefits. This paper focuses on integrating a TPM into a system implemented on an ARM processor that engages with power electronics, and then presents the security benefits associated with a TPM.

With the increasing popularity of the Internet, mobile Internet and the Internet of Things, the current network environment continues to become more complicated. Due to the increasing variety and severity of cybersecurity threats, traditional means of network security protection have ushered in a huge challenge. The network security posture prediction can effectively predict the network development trend in the future time based on the collected network history data, so this paper proposes an algorithm based on simulated annealing-particle swarm algorithm to optimize improved Elman neural network parameters to achieve posture prediction for network security. Taking advantage of the characteristic that the value of network security posture has periodicity, a simulated annealing algorithm is introduced along with an improved particle swarm algorithm to solve the problem that neural network training is prone to fall into a local optimal solution and achieve accurate prediction of the network security posture. Comparison of the proposed scheme with existing prediction methods validates that the scheme has a good posture prediction accuracy.

A novel efficiency-shifting radial-axial hybrid permanent magnet synchronous motor that can realize two high-efficiency regions at low and high speeds is developed to extend the maximum driving distance and track the reference speed more accurately for electric vehicle application. The motor has two stators, which are radial and axial, to rotate one shared rotor. The rotor employs two combined topologies, i.e., inner surface-inset-mounted and outer V-shaped interior-mounted. For both outer and inner permanent magnets, Nd-Fe-B, having the remanent flux density of 1.23 T and coercivity of 890 kA/m, is used. The simulation result shows that the designed motor exhibits not only high maximum torque of 400 Nm and the maximum speed of 18,000 rpm but also two high-efficiency regions of 97.6 % and 92.0 % at low and high speed, respectively. Lastly, the developed motor shows better performance than corresponding separated radial and axial permanent magnet motor.

This paper presents a study and analysis of flux linkage performance on 12/8 pole doubly salient permanent magnet machine in square envelope conventional. Analyzed model was using a finite element method. The investigated model was constructed by changing the size of the structure as the main parameters of the speed 500 rpm, PM coercivity 910 kA/m, PM remanence 1.2 T, copper loss 30 W, turns per coil 45, and stator side length 100 mm. The study and analysis of flux linkage, induced voltage, and torque are also included in this paper.

There are a lot of emerging security equipment required to be tested on detection rate (DR) and false alarm rate (FAR) for prohibited items. This article imports Bayesian approach to accept or reject DR and FAR. The detailed quantitative predictions can be made through the posterior distribution obtained by Markov chain Monte Carlo method. Based on this, HDI + ROPE decision rule is established. For the tests that need to make early decision, HDI + ROPE stopping rule is presented with biased estimate value, and criterial precision rule is presented with unbiased estimate value. Choosing the stopping rule according to the test purpose can achieve the balance of efficiency and accuracy.

Cyber-physical systems (CPS) depend on cybersecurity to ensure functionality, data quality, cyberattack resilience, etc. There are known and unknown cyber threats and attacks that pose significant risks. Information assurance and information security are critical. Many systems are vulnerable to intelligence exploitation and cyberattacks. By investigating cybersecurity risks and formal representation of CPS using spatiotemporal dynamic graphs and networks, this paper investigates topics and solutions aimed to examine and empower: (1) Cybersecurity capabilities; (2) Information assurance and system vulnerabilities; (3) Detection of cyber threat and attacks; (4) Situational awareness; etc. We introduce statistically-characterized dynamic graphs, novel entropy-centric algorithms and calculi which promise to ensure near-real-time capabilities.

As a typical cyber-physical system, smart grid has attracted growing attention due to the safe and efficient operation. The false data injection attack against energy management system is a new type of cyber-physical attack, which can bypass the bad data detector of the smart grid to influence the results of state estimation directly, causing the energy management system making wrong estimation and thus affects the stable operation of power grid. We transform the false data injection attack detection problem into binary classification problem in this paper, which use the long-term and short-term memory network (LSTM) to construct the detection model. After that, we use the BP algorithm to update neural network parameters and utilize the dropout method to alleviate the overfitting problem and to improve the detection accuracy. Simulation results prove that the LSTM-based detection method can achieve higher detection accuracy comparing with the BPNN-based approach.

With the increasing interdependence of critical infrastructures, the probability of a specific infrastructure to experience a complex cyber-physical attack is increasing. Thus it is important to analyze the risk of an attack and the dynamics of its propagation in order to design and deploy appropriate countermeasures. The attack trees, commonly adopted to this aim, have inherent shortcomings in representing interdependent, concurrent and sequential attacks. To overcome this, the work presented here proposes a stochastic methodology using Petri Nets and Continuous Time Markov Chain (CTMC) to analyze the attacks, considering the individual attack occurrence probabilities and their stochastic propagation times. A procedure to convert a basic attack tree into an equivalent CTMC is presented. The proposed method is applied in a case study to calculate the different attack propagation characteristics. The characteristics are namely, the probability of reaching the root node & sub attack nodes, the mean time to reach the root node and the mean time spent in the sub attack nodes before reaching the root node. Additionally, the method quantifies the effectiveness of specific defenses in reducing the attack risk considering the efficiency of individual defenses.

Inter-substation Generic Object Oriented Substation Events (GOOSE) communications that are used for critical protection functions have several cyber-security vulnerabilities. GOOSE messages are directly mapped to the Layer 2 Ethernet without network and transport layer headers that provide data encapsulation. The high-status-number attack is a malicious attack on GOOSE messages that allows hackers to completely take over intelligent electronic devices (IEDs) subscribing to GOOSE communications. The status-number parameter of GOOSE messages, stNum is tampered with in these attacks. Given the strict delivery time requirement of 3 ms for GOOSE messaging, it is infeasible to encrypt the GOOSE payload. This work proposes to secure the sensitive stNum parameter of the GOOSE payload using systematically encoded polynomial codes. Exploiting linear codes allows for the security features to be encoded in linear time, in contrast to complex hashing algorithms. At the subscribing IED, the security feature is used to verify that the stNum parameter has not been tampered with during transmission in the insecure medium. The decoding and verification using syndrome computation at the subscriber IED is also accomplished in linear time.

In the past decade we have seen an active research community proposing attacks and defenses to Cyber-Physical Systems (CPS). Most of these attacks and defenses have been heuristic in nature, limiting the attacker to a set of predefined operations, and proposing defenses with unclear security guarantees. In this paper, we propose a generic adversary model that can capture any type of attack (our attacker is not constrained to follow specific attacks such as replay, delay, or bias) and use it to design security mechanisms with provable security guarantees. In particular, we propose a new secure design paradigm we call DARIA: Designing Actuators to Resist arbItrary Attacks. The main idea behind DARIA is the design of physical limits to actuators in order to prevent attackers from arbitrarily manipulating the system, irrespective of their point of attack (sensors or actuators) or the specific attack algorithm (bias, replay, delays, etc.). As far as we are aware, we are the first research team to propose the design of physical limits to actuators in a control loop in order to keep the system secure against attacks. We demonstrate the generality of our proposal on simulations of vehicular platooning and industrial processes.

The papers in this special section focus on resilient control in large-scae networked cyber-physical systems. These papers deal with the opportunities offered by these emerging technologies to mitigate undesired phenomena arising when intentional jamming and false data injections, categorized as cyber-attacks, infer communication channels. Recent advances in sensing, communication and computing have open the door to the deployment of largescale networks of sensors and actuators that allow fine-grain monitoring and control of a multitude of physical processes and infrastructures. The appellation used by field experts for these paradigms is Cyber-Physical Systems (CPS) because the dynamics among computers, networking media/resources and physical systems interact in a way that multi-disciplinary technologies (embedded systems, computers, communications and controls) are required to accomplish prescribed missions. Moreover, they are expected to play a significant role in the design and development of future engineering applications such as smart grids, transportation systems, nuclear plants and smart factories.

Reliable and secure grid operations become more and more challenging in context of increasing IT/OT convergence and decreasing dynamic margins in today's power systems. To ensure the correct operation of monitoring and control functions in control centres, an intelligent assessment of the different information sources is necessary to provide a robust data source in case of critical physical events as well as cyber-attacks. Within this paper, a holistic data stream assessment methodology is proposed using an expert knowledge based cyber-physical situational awareness for different steady and transient system states. This approach goes beyond existing techniques by combining high-resolution PMU data with SCADA information as well as Digital Twin and AI based anomaly detection functionalities.

With the popularity of Internet applications and rapid development, data using and sharing process may lead to the sensitive information divulgence. To deal with the privacy protection issue more effectively, in this paper, we propose the associated data sets protection model based on game theory from the point of view of realizing benefits from the access of privacy is about happen, quantify the extent to which visitors gain sensitive information, then compares the tolerance of the sensitive information owner and finally decides whether to allow the visitor to make an access request.

The massive adoption of mobile devices by both individuals and companies is raising many security concerns. The fact that such devices are handling sensitive data makes them a target for attackers. Many attack prevention mechanisms are deployed with a last line of defense that focuses on the containment principle. Currently, iOS treats each 3rd party application alike which may lead to security flaws. We propose a framework in which each application has a custom sandboxed environment. We investigated the current confinement architecture used by Apple and built a solution on top of it.

Cyber-physical systems are characterized by strong interactions between their physical and computation parts. The increasing complexity of such systems, now used in numerous application domains (e.g., aeronautics, healthcare), in conjunction with hard to predict surrounding environments or the use of non-traditional middleware and with the presence of non-deterministic or non-explainable software outputs, tend to make traditional Verification and Validation (V&V) techniques ineffective. This paper presents the H2020 ADVANCE project, which aims precisely at addressing the Verification and Validation challenges that the next-generation of cyber-physical systems bring, by exploring techniques, methods and tools for achieving the technical objective of improving the overall efficiency and effectiveness of the V&V process. From a strategic perspective, the goal of the project is to create an international network of expertise on the topic of V&V of cyber-physical systems.

The domain of securing in-vehicle networks has attracted both academic and industrial researchers due to high danger of attacks on drivers and passengers. While securing wired and wireless interfaces is important to defend against these threats, detecting attacks is still the critical phase to construct a robust secure system. There are only a few results on securing communication inside vehicles using anomaly-detection techniques despite their efficiencies in systems that need real-time detection. Therefore, we propose an intrusion detection system (IDS) based on Multi-Layer Perceptron (MLP) neural network for Controller Area Networks (CAN) bus. This IDS divides data according to the ID field of CAN packets using K-means clustering algorithm, then it extracts suitable features and uses them to train and construct the neural network. The proposed IDS works for each ID separately and finally it combines their individual decisions to construct the final score and generates alert in the presence of attack. The strength of our intrusion detection method is that it works simultaneously for two types of attacks which will eliminate the use of several separate IDS and thus reduce the complexity and cost of implementation.