Biblio

In this paper, we consider a sequential stochastic Stackelberg game with two players, a leader, and a follower. The follower observes the state of the system privately while the leader does not. Players play Stackelberg equilibrium where the follower plays best response to the leader's strategy. In such a scenario, the leader has the advantage of committing to a policy that maximizes its returns given the knowledge that the follower is going to play the best response to its policy. Such a pair of strategies of both the players is defined as Stackelberg equilibrium of the game. Recently, [1] provided a sequential decomposition algorithm to compute the Stackelberg equilibrium for such games which allow for the computation of Markovian equilibrium policies in linear time as opposed to double exponential, as before. In this paper, we extend that idea to the case when the state update dynamics are not known to the players, to propose an reinforcement learning (RL) algorithm based on Expected Sarsa that learns the Stackelberg equilibrium policy by simulating a model of the underlying Markov decision process (MDP). We use particle filters to estimate the belief update for a common agent that computes the optimal policy based on the information which is common to both the players. We present a security game example to illustrate the policy learned by our algorithm.

The paper considers the issue of assessing threats to information security in industrial automation and telecommunication systems in order to improve the efficiency of their security systems. A method for determining a quantitative indicator of threats is proposed, taking into account the probabilistic nature of the process of implementing negative impacts on objects of both industrial and telecommunications systems. The factors that contribute and (or) initiate them are also determined, the dependences of the formal definition of the quantitative indicator of threats are obtained. Methods for a quantitative threat assessment as well as the degree of this threat are presented in the form of a mathematical model in order to substantiate and describe the method for determining a threat to industrial automation systems. Recommendations necessary for obtaining expert assessments of negative impacts on the informatisation objects and information security systems counteracting are formulated to facilitate making decisions on the protection of industrial and telecommunication systems.

Static security assessment is of great significance to ensure the stable transmission of electric power and steady operation of load. The scale of power system trends to expand due to the development of interconnected grid, and the security analysis of the entire network has become time-consuming. On the basis of synthesizing the efficiency and accuracy, a new method is developed. This method adopts a novel dynamic power flow (DPF) model considering the influence of governor deadband and amplitude-limit on the steady state quantitatively. In order to reduce the computation cost, a contingency screening algorithm based on binary search method is proposed. Static security assessment based on the proposed DPF models is applied to calculate the security margin constrained by severe contingencies. The ones with lower margin are chosen for further time-domain (TD) simulation analysis. The case study of a practical grid verifies the accuracy of the proposed model compared with the conventional one considering no governor nonlinearity. Moreover, the test of a practical grid in China, along with the TD simulation, demonstrates that the proposed method avoids massive simulations of all contingencies as well as provides detail information of severe ones, which is effective for security analysis of practical power grids.

In this paper, we propose a method of stochastic model predictive control for energy management systems including human-in-the-loop. Here, we consider an air-conditioning system consisting of some rooms. Human decision making about the set temperature is modeled by a discrete-time Markov chain. The finite-time optimal control problem solved in the controller is reduced to a mixed integer linear programming problem.

Today's companies are increasingly relying on Internet of Everything (IoE) to modernize their operations. The very complexes characteristics of such system expose their applications and their exchanged data to multiples risks and security breaches that make them targets for cyber attacks. The aim of our work in this paper is to provide an cybersecurity strategy whose objective is to prevent and anticipate threats related to the IoE. An economic approach is used in order to help to take decisions according to the reduction of the risks generated by the non definition of the appropriate levels of security. The considered problem have been resolved by exploiting a combinatorial optimization approach with a practical case of knapsack. We opted for a bi-objective modeling under uncertainty with a constraint of cardinality and a given budget to be respected. To guarantee a robustness of our strategy, we have also considered the criterion of uncertainty by taking into account all the possible threats that can be generated by a cyber attacks over IoE. Our strategy have been implemented and simulated under MATLAB environement and its performance results have been compared to those obtained by NSGA-II metaheuristic. Our proposed cyber security strategy recorded a clear improvment of efficiency according to the optimization of the security level and cost parametrs.

Microservices-based architectures gain more and more attention in industry and academia due to their tremendous advantages such as providing resiliency, scalability, composability, etc. To benefit from these advantages, a proper architectural design is very important. The decomposition model of services into microservices and the granularity of these microservices affect the different aspects of the system such as flexibility, maintainability, performance, and security. An inappropriate service decomposition into microservices (improper granularity) may increase the attack surface of the system and lower its security level. In this paper, first, we study the probability of compromising services before and after decomposition. Then we formulate the impacts of possible service decomposition models on confidentiality, integrity, and availability attributes of the system. To do so, we provide equations for measuring confidentiality, integrity, and availability risks of the decomposed services in the system. It is also shown that the number of entry points to the decomposed services and the size of the microservices affect the security attributes of the system. As a use case, we propose three different service decomposition models for the 5G NRF (Network Repository Function) and calculate the impacts of these decomposition models on the confidentiality, integrity, and availability of the system using the provided equations.

Recent cyber attacks on the power grid have been of increasing complexity and sophistication. In order to understand the impact of cyber-attacks on the power system resiliency, it is important to consider an holistic cyber-physical system specially with increasing industrial automation. In this work, device level resilience properties of the various controllers and their impact on the microgrid resiliency is studied. In addition, a cyber-physical resiliency metric considering vulnerabilities, system model, and device level properties is proposed. A use case is presented inspired by the recent Ukraine cyber-attack. A use case has been presented to demonstrate application of the developed cyber-physical resiliency metric to enhance situational awareness of the operator, and enable better control actions to improve resiliency.

This paper is about the estimation of the cyber-resilience of CPS. We define two new resilience estimation metrics: k-steerability and l-monitorability. They aim at assisting designers to evaluate and increase the cyber-resilience of CPS when facing stealthy attacks. The k-steerability metric reflects the ability of a controller to act on individual plant state variables when, at least, k different groups of functionally diverse input signals may be processed. The l-monitorability metric indicates the ability of a controller to monitor individual plant state variables with l different groups of functionally diverse outputs. Paired together, the metrics lead to CPS reaching (k,l)-resilience. When k and l are both greater than one, a CPS can absorb and adapt to control-theoretic attacks manipulating input and output signals. We also relate the parameters k and l to the recoverability of a system. We define recoverability strategies to mitigate the impact of perpetrated attacks. We show that the values of k and l can be augmented by combining redundancy and diversity in hardware and software, in order to apply the moving target paradigm. We validate the approach via simulation and numeric results.

With the advent of motorization, result in traffic system more congested, how to make the traffic system more effective and also take safety into account, namely build a intelligent transportation system, has become a hot spot of society. The vehicle distance control system studied in this paper is an important function in intelligent transportation system, through introducing cyber-physical systems (CPS) technology into it, set up system model, make the vehicles maintain a preset safety distance, thereby not only help improve the effective utilization of traffic system, but also help avoid the collision due to the speed change. Finally, use Simulink software to simulate and analyze the performance of the system, the result shows that the model can effectively cope with the distance change which is due to speed change, and ensure the vehicles maintain a preset safety distance within a short period of time.

Cyber-physical systems (CPS) is an integration of computation with physical systems and physical processes. It is widely used in energy, health and other industrial areas. Modeling and simulation is of the greatest challenges in CPS research. Modelica has a great potentiality in the modeling and simulation of CPS. We analyze the characteristics and requirements of CPS modeling, and also the features of Modelica in the paper. In respect of information model, physical model and model interface, this paper introduces a unified modeling method for CPS, based on Modelica. The method provides a reliable foundation for the design, analysis and verification of CPS.

The ever-growing advances in science and technology have led to a rapid increase in the complexity of most engineered systems. Cyber-physical Systems (CPSs) are the result of this technology advancement that involves new paradigms, architectures and functionalities derived from different engineering domains. Due to the nature of CPSs, which are composed of many heterogeneous components that constantly interact one another and with the environment, it is difficult to study, explain hypothesis and evaluate design alternatives without using Modeling and Simulation (M&S) approaches. M&S is increasingly used in the CPS domain with different objectives; however, its adoption is not easy and straightforward but can lead to pitfalls that need to be recognized and addressed. This paper identifies some important pitfalls deriving from the application of M&S approaches to the CPS study and presents remedies, which are already available in the literature, to prevent and face them.

Cyber-physical systems are particularly difficult to model and simulate because their components mix many different system modalities. In this paper we address the main technical challenges on system simulation taking into account by new characters of CPS, and provide a comprehensive view of the simulation modeling methods for integration of continuous-discrete model. Regards to UML and Simulink, two most widely accepted modeling methods in industrial designs, we study on three methods to perform the cooperation of these two kinds of heterogeneous models for co-simulation. The solution of an implementation of co-simulation method for CPS was designed under three levels architecture.

Cyber-Physical System(CPS) is now a new evolutional morphology of embedded systems. With features of merging computation and physical processes together, the traditional verification and simulation methods have being challenged recently. After analyzed the state-of-art of related research, a new simulation environment is studied according to the characters of a special autonomous cyber-physical system-Unmanned Aerial Vehicle, and designed to be scene-driven, modeling and reconfigurable. In this environment, a novel CPS-in-loop architecture, which can support simulations under different customized scenes, is studied firstly to ensure its opening and flexibility. And as another foundation, some dynamics models of CPS and atmospheric ones of relative sensors are introduced to simulate the motion of CPS and the change of its posture. On the basis above, the reconfigurable scene-driven mechanisms that are Based on hybrid events are mainly excogitated. Then, different scenes can be configured in terms of special verification requirements, and then each scene will be decomposed into a spatio-temporal event sequence and scheduled by a scene executor. With this environment, not only the posture of CPS, but also the autonomy of its behavior can be verified and observed. It will be meaningful for the design of such autonomous CPS.

A real or potential threat to various large and small security objects, which comes from both internal and external attackers, determines one or another activities to ensure internal and external security. These actions depend on the spheres of life of state and society, which are targeted by the security threats. These threats can be conveniently classified into political threats (or threats to the existing constitutional order), economic, military, informational, technogenic, environmental, corporate, and other threats. The article discusses a model of an information system, which main criterion is the system security based on the concept of risk. When considering the model, it was determined that it possess multi-criteria aspects. Therefore the establishing the quantitative and qualitative characteristics is a complex and dynamic task. The paper proposes to use the mathematical apparatus of the teletraffic theory in one of the elements of the protected system, namely, in the end-to-end security subsystem.

One of the measures to prevent multi-pass social engineering attacks is to identify the chains of user, which are most susceptible to such attacks. The aim of the study is to combine a mathematical model for estimating the probability of success of the propagation of a multi-pass social engineering attack between users with a model for calculating information influence. Namely, it is proposed to include in estimating the intensity of interactions between users (which used in the model of the propagation of a multi-pass social engineering attack) estimating of power of influence actions of agents. The scientific significance of the work consists in the development of a mathematical structure for modeling the actions of an attacker-social engineer and creating a foundation for the subsequent analysis of the social graph of the organization's employees. The practical significance lies in the formation of opportunities for decision-makers. Therefore, they will be able to take more precise measures for increase the level of security as individual employees as the organization generally.

Distributed Denial of Service (DDoS) attacks are among the most harmful cyberattack types in the Internet. The main goal of a DDoS defense mechanism is to reduce the attack's effect as close as possible to their sources to prevent malicious traffic in the Internet. In this work, we examine the DDoS attacks as a rate management and congestion control problem and propose a collaborative fair rate throttling mechanism to combat DDoS attacks. Additionally, we propose anomaly detection mechanisms to detect attacks at the victim site, early attack detection mechanisms by intermediate Autonomous Systems (ASes), and feedback mechanisms between ASes to achieve distributed defense against DDoS attacks. To reduce additional vulnerabilities for the feedback mechanism, we use a secure, private, and authenticated communication channel between AS monitors to control the process. Our mathematical model presents proactive resource management, where the victim site sends rate adjustment requests to upstream routers. We conducted several experiments using a real-world dataset to demonstrate the efficiency of our approach under DDoS attacks. Our results show that the proposed method can significantly reduce the impact of DDoS attacks with minimal overhead to routers. Moreover, the proposed anomaly detection techniques can help ASes to detect possible attacks and early attack detection by intermediate ASes.

In more electrical aircraft, the embedded electrical network is handling more and more vital functions, being more and more strained as well. Attenuation of switching harmonics is a key step in the network reliability, thus filtering elements play a central role. To keep the weight of the embedded network reasonable, weakly damped high-order filters shall be preferred. Flatness-based control (FBC) can offer both high bandwidth regulation and large signal stability proof. This make FBC a good candidate to handle the inherent oscillating behavior of aforementioned filters. However, this control strategy can be tricky to implement, especially with high order systems. Moreover, FBC is more sensor demanding than classic PI-based control. This paper address these two drawbacks. First, a novel trajectory planning for high order systems is proposed. This method does not require multiple derivations. Then the input sensors are removed thanks to a parameters estimator. Feasibility and performances are verified with experimental results. Performances comparison with cascaded-loop topologies are given in final section to prove the relevance of the proposed control strategy.

The objective of this work is to study, using an analytical approach and a numerical simulation, the dynamic behavior of an oscillating liquid inside a fixed U-tube with open ends used as wave energy converter. By establishing a detailed liquid's motion equation and developing a numerical simulation, based on volume of fluid formulation, we quantified the available power that could be extracted for our configuration. A parametrical study using the analytical model showed the effect of each significant parameter on first peak power and subsequent dampening of this peak power, which constitutes a tool for choosing optimal designs. The numerical simulation gave a more realistic model, the obtained results are in good agreements with those of the analytical approach that underestimates the dampening of oscillations. We focused after on influence of the numerical model formulation, mesh type and mesh size on simulation results: no noticeable effect was observed.

Mathematical model of web server protection is being proposed based on filtering HTTP (Hypertext Transfer Protocol) packets that do not match the semantic parameters of the request standards of this protocol. The model is defined as a graph, and the relationship between the parameters - the sets of vulnerabilities of the corporate network, the methods of attacks and their consequences-is described by the Cartesian product, which provides the correct interpretation of a corporate network cyber attack. To represent the individual stages of simulated attacks, it is possible to separate graph models in order to model more complex attacks based on the existing simplest ones. The unity of the model proposed representation of cyber attack in three variants is shown, namely: graphic, text and formula.

Due to the insufficient awareness of decision makers on the security risks of industrial cyber-physical systems(ICPS) under cyber-attacks, it is difficult to take effective defensive measures according to the characteristics of different cyber-attacks in advance. To solve the above problem, this paper gives a qualitative analysis method of ICPS security risk from the perspective of defenders. The ICPS being attacked is modeled as a dynamic closed-loop fusion model where the mathematical models of the physical plant and the feedback controller are established. Based on the fusion model, the disruption resources generated by attacks are mathematically described. Based on the designed Kalman filter, the detection of attacks is judged according to the residual value of the system. According to the disruption resources and detectability, a general security risk level model is further established to evaluate the security risk level of the system under attacks. The simulation experiments are conducted by using Matlab to analyze the destructiveness and detectability of attacks, where the results show that the proposed qualitative analysis method can effectively describe the security risk under the cyber-attacks.

The application of network technology and high-tech equipment in power systems has increased the degree of grid intelligence, and malicious attacks on smart grids have also increased year by year. The wrong data injection attack launched by the attacker will destroy the integrity of the data by changing the data of the sensor and controller, which will lead to the wrong decision of the control system and even paralyze the power transmission network. This paper uses the measured values of smart grid sensors as samples, analyzes the attack vectors maliciously injected by attackers and the statistical characteristics of system data, and proposes a false data injection attack detection strategy. It is considered that the measured values of sensors have spatial distribution characteristics, the Gaussian mixture model of grid node feature vectors is obtained by training sample values, the test measurement values are input into the Gaussian mixture model, and the knowledge of clustering is used to detect whether the power grid is malicious data attacks. The power supplies of IEEE-18 and IEEE-30 simulation systems was tested, and the influence of the system statistical measurement characteristics on the detection accuracy was analyzed. The results show that the proposed strategy has better detection performance than the support vector machine method.

Demand response (DR) is one of the most economical methods for peak demand reduction, renewable energy integration and ancillary service support. Residential electrical energy consumption takes approximately 33% of the total electricity usage and hence has great potentials in DR applications. However, residential DR encounters various challenges such as small individual magnitude, stochastic consuming patterns and privacy issues. In this study, we propose a stochastic optimal mechanism to tackle these issues and try to reveal the benefits from residential DR implementation. Stochastic residential load (SRL) models, a generation cost prediction (GCP) model and a stochastic optimal load aggregation (SOLA) model are developed. A set of uniformly distributed scalers is introduced into the SOLA model to efficiently avoid the peak demand rebound problem in DR applications. The SOLA model is further transformed into a deterministic LP model. Time-of-Use (TOU) tariff is adopted as the price structure because of its similarity and popularity. Case studies show that the proposed mechanism can significantly reduce the peak-to-average power ratio (PAPR) of the load profile as well as the electrical energy cost. Furthermore, the impacts of consumers' participation levels in the DR program are investigated. Simulation results show that the 50% participation level appears as the best case in terms system stability. With the participation level of 80%, consumers' electrical energy cost is minimized. The proposed mechanism can be used by a residential load aggregator (LA) or a utility to plan a DR program, predict its impacts, and aggregate residential loads to minimize the electrical energy cost.

Hierarchical Text classification has recently become increasingly challenging with the growing number of classification labels. In this paper, we propose a hierarchical fine-tuning based approach for hierarchical text classification. We use the ordered neurons LSTM (ONLSTM) model by combining the embedding of text and parent category for hierarchical text classification with a large number of categories, which makes full use of the connection between the upper-level and lower-level labels. Extensive experiments show that our model outperforms the state-of-the-art hierarchical model at a lower computation cost.

Deep learning is becoming a basis of decision making systems in many application domains, such as autonomous vehicles, health systems, etc., where the risk of misclassification can lead to serious consequences. It is necessary to know to which extent are Deep Neural Networks (DNNs) robust against various types of adversarial conditions. In this paper, we experimentally evaluate DNNs implemented in embedded device by using laser fault injection, a physical attack technique that is mostly used in security and reliability communities to test robustness of various systems. We show practical results on four activation functions, ReLu, softmax, sigmoid, and tanh. Our results point out the misclassification possibilities for DNNs achieved by injecting faults into the hidden layers of the network. We evaluate DNNs by using several different attack strategies to show which are the most efficient in terms of misclassification success rates. Outcomes of this work should be taken into account when deploying devices running DNNs in environments where malicious attacker could tamper with the environmental parameters that would bring the device into unstable conditions. resulting into faults.

Many autonomous control systems are frequently exposed to attacks, so methods for attack identification are crucial for a safe operation. To preserve the privacy of the subsystems and achieve scalability in large-scale systems, identification algorithms should not require global model knowledge. We analyze a previously presented method for hierarchical attack identification, that is embedded in a distributed control setup for systems of systems with coupled nonlinear dynamics. It is based on the exchange of local sensitivity information and ideas from sparse signal recovery. In this paper, we prove sufficient conditions under which the method is guaranteed to identify all components affected by some unknown attack. Even though a general class of nonlinear dynamic systems is considered, our rigorous theoretical guarantees are applicable to practically relevant examples, which is underlined by numerical experiments with the IEEE 30 bus power system.