Visible to the public Biblio

Filters: Keyword is Observability  [Clear All Filters]
2022-12-09
Alboqmi, Rami, Jahan, Sharmin, Gamble, Rose F..  2022.  Toward Enabling Self-Protection in the Service Mesh of the Microservice Architecture. 2022 IEEE International Conference on Autonomic Computing and Self-Organizing Systems Companion (ACSOS-C). :133—138.
The service mesh is a dedicated infrastructure layer in a microservice architecture. It manages service-to-service communication within an application between decoupled or loosely coupled microservices (called services) without modifying their implementations. The service mesh includes APIs for security, traffic and policy management, and observability features. These features are enabled using a pre-defined configuration, which can be changed at runtime with human intervention. However, it has no autonomy to self-manage changes to the microservice application’s operational environment. A better configuration is one that can be customized according to environmental conditions during execution to protect the application from potential threats. This customization requires enabling self-protection mechanisms within the service mesh that evaluate the risk of environmental condition changes and enable appropriate configurations to defend the application from impending threats. In this paper, we design an assessment component into a service mesh that includes a security assurance case to define the threat model and dynamically assess the application given environment changes. We experiment with a demo application, Bookinfo, using an open-source service mesh platform, Istio, to enable self-protection. We consider certain parameters extracted from the service request as environmental conditions. We evaluate those parameters against the threat model and determine the risk of violating a security requirement for controlled and authorized information flow.
2022-10-20
Châtel, Romain, Mouaddib, Abdel-Illah.  2021.  An augmented MDP approach for solving Stochastic Security Games. 2021 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS). :6405—6410.
We propose a novel theoretical approach for solving a Stochastic Security Game using augmented Markov Decison Processes and an experimental evaluation. Most of the previous works mentioned in the literature focus on Linear Programming techniques seeking Strong Stackelberg Equilibria through the defender and attacker’s strategy spaces. Although effective, these techniques are computationally expensive and tend to not scale well to very large problems. By fixing the set of the possible defense strategies, our approach is able to use the well-known augmented MDP formalism to compute an optimal policy for an attacker facing a defender patrolling. Experimental results on fully observable cases validate our approach and show good performances in comparison with optimistic and pessimistic approaches. However, these results also highlight the need of scalability improvements and of handling the partial observability cases.
2022-05-19
Su, Yu, Shen, Haihua, Lu, Renjie, Ye, Yunying.  2021.  A Stealthy Hardware Trojan Design and Corresponding Detection Method. 2021 IEEE International Symposium on Circuits and Systems (ISCAS). :1–6.
For the purpose of stealthiness, trigger-based Hardware Trojans(HTs) tend to have at least one trigger signal with an extremely low transition probability to evade the functional verification. In this paper, we discuss the correlation between poor testability and low transition probability, and then propose a kind of systematic Trojan trigger model with extremely low transition probability but reasonable testability, which can disable the Controllability and Observability for hardware Trojan Detection (COTD) technique, an efficient HT detection method based on circuits testability. Based on experiments and tests on circuits, we propose that the more imbalanced 0/1-controllability can indicate the lower transition probability. And a trigger signal identification method using the imbalanced 0/1-controllability is proposed. Experiments on ISCAS benchmarks show that the proposed method can obtain a 100% true positive rate and average 5.67% false positive rate for the trigger signal.
2022-02-04
Chowdhury, Subhajit Dutta, Zhang, Gengyu, Hu, Yinghua, Nuzzo, Pierluigi.  2021.  Enhancing SAT-Attack Resiliency and Cost-Effectiveness of Reconfigurable-Logic-Based Circuit Obfuscation. 2021 IEEE International Symposium on Circuits and Systems (ISCAS). :1–5.
Logic locking is a well-explored defense mechanism against various types of hardware security attacks. Recent approaches to logic locking replace portions of a circuit with reconfigurable blocks such as look-up tables (LUTs) and switch boxes (SBs) to primarily achieve logic and routing obfuscation, respectively. However, these techniques may incur significant design overhead, and methods that can mitigate the implementation cost for a given security level are desirable. In this paper, we address this challenge by proposing an algorithm for deciding the location and inputs of the LUTs in LUT-based obfuscation to enhance security and reduce design overhead. We then introduce a locking method that combines LUTs with SBs to further robustify LUT-based obfuscation, largely independently of the specific LUT locations. We illustrate the effectiveness of the proposed approaches on a set of ISCAS benchmark circuits.
2021-12-02
Anwar, Adnan, Abir, S. M. Abu Adnan.  2020.  Measurement Unit Placement Against Injection Attacks for the Secured Operation of an IIoT-Based Smart Grid. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :767–774.
Carefully constructed cyber-attacks directly influence the data integrity and the operational functionality of the smart energy grid. In this paper, we have explored the data integrity attack behaviour in a wide-area sensor-enabled IIoT-SCADA system. We have demonstrated that an intelligent cyber-attacker can inject false information through the sensor devices that may remain stealthy in the traditional detection module and corrupt estimated system states at the utility control centres. Next, to protect the operation, we defined a set of critical measurements that need to be protected for the resilient operation of the grid. Finally, we placed the measurement units using an optimal allocation strategy by ensuring that a limited number of nodes are protected against the attack while the system observability is satisfied. Under such scenarios, a wide range of experiments has been conducted to evaluate the performance considering IEEE 14-bus, 24 bus-reliability test system, 85-bus, 141-bus and 145-bus test systems. Results show that by ensuring the protection of around 25% of the total nodes, the IIoT-SCADA enabled energy grid can be protected against injection attacks while observability of the network is well-maintained.
2021-11-29
Qu, Yanfeng, Chen, Gong, Liu, Xin, Yan, Jiaqi, Chen, Bo, Jin, Dong.  2020.  Cyber-Resilience Enhancement of PMU Networks Using Software-Defined Networking. 2020 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm). :1–7.
Phasor measurement unit (PMU) networks are increasingly deployed to offer timely and high-precision measurement of today's highly interconnected electric power systems. To enhance the cyber-resilience of PMU networks against malicious attacks and system errors, we develop an optimization-based network management scheme based on the software-defined networking (SDN) communication infrastructure to recovery PMU network connectivity and restore power system observability. The scheme enables fast network recovery by optimizing the path generation and installation process, and moreover, compressing the SDN rules to be installed on the switches. We develop a prototype system and perform system evaluation in terms of power system observability, recovery speed, and rule compression using the IEEE 30-bus system and IEEE 118-bus system.
2021-06-28
Zhang, Ning, Lv, Zhiqiang, Zhang, Yanlin, Li, Haiyang, Zhang, Yixin, Huang, Weiqing.  2020.  Novel Design of Hardware Trojan: A Generic Approach for Defeating Testability Based Detection. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :162–173.
Hardware design, especially the very large scale integration(VLSI) and systems on chip design(SOC), utilizes many codes from third-party intellectual property (IP) providers and former designers. Hardware Trojans (HTs) are easily inserted in this process. Recently researchers have proposed many HTs detection techniques targeting the design codes. State-of-art detections are based on the testability including Controllability and Observability, which are effective to all HTs from TrustHub, and advanced HTs like DeTrust. Meanwhile, testability based detections have advantages in the timing complexity and can be easily integrated into recently industrial verification. Undoubtedly, the adversaries will upgrade their designs accordingly to evade these detection techniques. Designing a variety of complex trojans is a significant way to perfect the existing detection, therefore, we present a novel design of HTs to defeat the testability based detection methods, namely DeTest. Our approach is simple and straight forward, yet it proves to be effective at adding some logic. Without changing HTs malicious function, DeTest decreases controllability and observability values to about 10% of the original, which invalidates distinguishers like clustering and support vector machines (SVM). As shown in our practical attack results, adversaries can easily use DeTest to upgrade their HTs to evade testability based detections. Combined with advanced HTs design techniques like DeTrust, DeTest can evade previous detecions, like UCI, VeriTrust and FANCI. We further discuss how to extend existing solutions to reduce the threat posed by DeTest.
2021-06-02
Wang, Lei, Manchester, Ian R., Trumpf, Jochen, Shi, Guodong.  2020.  Initial-Value Privacy of Linear Dynamical Systems. 2020 59th IEEE Conference on Decision and Control (CDC). :3108—3113.
This paper studies initial-value privacy problems of linear dynamical systems. We consider a standard linear time-invariant system with random process and measurement noises. For such a system, eavesdroppers having access to system output trajectories may infer the system initial states, leading to initial-value privacy risks. When a finite number of output trajectories are eavesdropped, we consider a requirement that any guess about the initial values can be plausibly denied. When an infinite number of output trajectories are eavesdropped, we consider a requirement that the initial values should not be uniquely recoverable. In view of these two privacy requirements, we define differential initial-value privacy and intrinsic initial-value privacy, respectively, for the system as metrics of privacy risks. First of all, we prove that the intrinsic initial-value privacy is equivalent to unobservability, while the differential initial-value privacy can be achieved for a privacy budget depending on an extended observability matrix of the system and the covariance of the noises. Next, the inherent network nature of the considered linear system is explored, where each individual state corresponds to a node and the state and output matrices induce interaction and sensing graphs, leading to a network system. Under this network system perspective, we allow the initial states at some nodes to be public, and investigate the resulting intrinsic initial- value privacy of each individual node. We establish necessary and sufficient conditions for such individual node initial-value privacy, and also prove that the intrinsic initial-value privacy of individual nodes is generically determined by the network structure.
2020-09-04
Sree Ranjani, R, Nirmala Devi, M.  2018.  A Novel Logical Locking Technique Against Key-Guessing Attacks. 2018 8th International Symposium on Embedded Computing and System Design (ISED). :178—182.
Logical locking is the most popular countermeasure against the hardware attacks like intellectual property (IP) piracy, Trojan insertion and illegal integrated circuit (IC) overproduction. The functionality of the design is locked by the added logics into the design. Thus, the design is accessible only to the authorized users by applying the valid keys. However, extracting the secret key of the logically locked design have become an extensive effort and it is commonly known as key guessing attacks. Thus, the main objective of the proposed technique is to build a secured hardware against attacks like Brute force attack, Hill climbing attack and path sensitization attacks. Furthermore, the gates with low observability are chosen for encryption, this is to obtain an optimal output corruption of 50% Hamming distance with minimal design overhead and implementation complexity. The experimental results are validated on ISCAS'85 benchmark circuits, with a highly secured locking mechanism.
2019-02-14
Richard, D. S., Rashidzadeh, R., Ahmadi, M..  2018.  Secure Scan Architecture Using Clock and Data Recovery Technique. 2018 IEEE International Symposium on Circuits and Systems (ISCAS). :1-5.

Design for Testability (DfT) techniques allow devices to be tested at various levels of the manufacturing process. Scan architecture is a dominantly used DfT technique, which supports a high level of fault coverage, observability and controllability. However, scan architecture can be used by hardware attackers to gain critical information stored within the device. The security threats due to an unrestricted access provided by scan architecture has to be addressed to ensure hardware security. In this work, a solution based on the Clock and Data Recovery (CDR) method has been presented to authenticate users and limit the access to the scan architecture to authorized users. As compared to the available solution the proposed method presents a robust performance and reduces the area overhead by more than 10%.

2018-08-23
Li, Q., Xu, B., Li, S., Liu, Y., Cui, D..  2017.  Reconstruction of measurements in state estimation strategy against cyber attacks for cyber physical systems. 2017 36th Chinese Control Conference (CCC). :7571–7576.

To improve the resilience of state estimation strategy against cyber attacks, the Compressive Sensing (CS) is applied in reconstruction of incomplete measurements for cyber physical systems. First, observability analysis is used to decide the time to run the reconstruction and the damage level from attacks. In particular, the dictionary learning is proposed to form the over-completed dictionary by K-Singular Value Decomposition (K-SVD). Besides, due to the irregularity of incomplete measurements, sampling matrix is designed as the measurement matrix. Finally, the simulation experiments on 6-bus power system illustrate that the proposed method achieves the incomplete measurements reconstruction perfectly, which is better than the joint dictionary. When only 29% available measurements are left, the proposed method has generality for four kinds of recovery algorithms.

2018-04-11
Matrosova, A., Mitrofanov, E., Ostanin, S., Nikolaeva, E..  2017.  Detection and Masking of Trojan Circuits in Sequential Logic. 2017 IEEE East-West Design Test Symposium (EWDTS). :1–4.

A technique of finding a set of sequential circuit nodes in which Trojan Circuits (TC) may be implanted is suggested. The technique is based on applying the precise (not heuristic) random estimations of internal node observability and controllability. Getting the estimations we at the same time derive and compactly represent all sequential circuit full states (depending on input and state variables) in which of that TC may be switched on. It means we obtain precise description of TC switch on area for the corresponding internal node v. The estimations are computed with applying a State Transition Graph (STG) description, if we suppose that TC may be inserted out of the working area (out of the specification) of the sequential circuit. Reduced Ordered Binary Decision Diagrams (ROBDDs) for the combinational part and its fragments are applied for getting the estimations by means of operations on ROBDDs. Techniques of masking TCs are proposed. Masking sub-circuits overhead is appreciated.

2018-03-19
Showkatbakhsh, M., Shoukry, Y., Chen, R. H., Diggavi, S., Tabuada, P..  2017.  An SMT-Based Approach to Secure State Estimation under Sensor and Actuator Attacks. 2017 IEEE 56th Annual Conference on Decision and Control (CDC). :157–162.

This paper addresses the problem of state estimation of a linear time-invariant system when some of the sensors or/and actuators are under adversarial attack. In our set-up, the adversarial agent attacks a sensor (actuator) by manipulating its measurement (input), and we impose no constraint on how the measurements (inputs) are corrupted. We introduce the notion of ``sparse strong observability'' to characterize systems for which the state estimation is possible, given bounds on the number of attacked sensors and actuators. Furthermore, we develop a secure state estimator based on Satisfiability Modulo Theory (SMT) solvers.

2015-05-05
Linda, O., Wijayasekara, D., Manic, M., McQueen, M..  2014.  Optimal placement of Phasor Measurement Units in power grids using Memetic Algorithms. Industrial Electronics (ISIE), 2014 IEEE 23rd International Symposium on. :2035-2041.

Wide area monitoring, protection and control for power network systems are one of the fundamental components of the smart grid concept. Synchronized measurement technology such as the Phasor Measurement Units (PMUs) will play a major role in implementing these components and they have the potential to provide reliable and secure full system observability. The problem of Optimal Placement of PMUs (OPP) consists of locating a minimal set of power buses where the PMUs must be placed in order to provide full system observability. In this paper a novel solution to the OPP problem using a Memetic Algorithm (MA) is proposed. The implemented MA combines the global optimization power of genetic algorithms with local solution tuning using the hill-climbing method. The performance of the proposed approach was demonstrated on IEEE benchmark power networks as well as on a segment of the Idaho region power network. It was shown that the proposed solution using a MA features significantly faster convergence rate towards the optimum solution.