Facility location selection plays a critical role in the planning of logistics networks. It selects the addresses of facility nodes from a candidate set of locations to optimise multiple targets such as transportation efficiency and economic cost considering the practical constraints of the real world. Thus, it is often formulated as a combinational optimisation problem, which is solved by either mixed integer programing algorithms or heuristic methods. However, these approaches are limited by several issues such as a high computational cost and weak generalisation flexibility. In this work, a novel hierarchical clustering framework is proposed for facility location selection, which can flexibly support a wide variety of optimisation targets and the combinations of multiple practical constraints that are vital in the real logistics scenarios. Beyond the original hierarchical clustering algorithm, it incorporates a looking-forward mechanism that alleviates the ‘greedy trap’ by utilising global information. These advantages enable the proposed method to generate reliable solutions with high time efficiency. As demonstrated by the experimental results on real JD Logistics data, the proposed method outperforms the widely adopted GGA and VNS algorithms. It also has a much lower computation cost compared to the SCIP solver, while the quality of solutions are within an acceptable range.
{"title":"Hierarchical clustering framework for facility location selection with practical constraints","authors":"Tianze Lin, Yang Liu, Boyang Liu, Yu Wang, Shengnan Wu, Wenming Zhe","doi":"10.1049/cps2.12021","DOIUrl":"https://doi.org/10.1049/cps2.12021","url":null,"abstract":"<p>Facility location selection plays a critical role in the planning of logistics networks. It selects the addresses of facility nodes from a candidate set of locations to optimise multiple targets such as transportation efficiency and economic cost considering the practical constraints of the real world. Thus, it is often formulated as a combinational optimisation problem, which is solved by either mixed integer programing algorithms or heuristic methods. However, these approaches are limited by several issues such as a high computational cost and weak generalisation flexibility. In this work, a novel hierarchical clustering framework is proposed for facility location selection, which can flexibly support a wide variety of optimisation targets and the combinations of multiple practical constraints that are vital in the real logistics scenarios. Beyond the original hierarchical clustering algorithm, it incorporates a looking-forward mechanism that alleviates the ‘greedy trap’ by utilising global information. These advantages enable the proposed method to generate reliable solutions with high time efficiency. As demonstrated by the experimental results on real JD Logistics data, the proposed method outperforms the widely adopted GGA and VNS algorithms. It also has a much lower computation cost compared to the SCIP solver, while the quality of solutions are within an acceptable range.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"6 4","pages":"238-253"},"PeriodicalIF":1.5,"publicationDate":"2021-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12021","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91812529","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A covert channel is a communication channel that is not intended to exist, and that can be used to transfer information in a manner that violates the system security policy. Attackers can abuse such channels to exfiltrate sensitive information from cyber-physical systems (CPSs), for example to leak the confidential or proprietary parameters in a control system. Furthermore, attacks against CPSs can exploit the leaked information about the implementation of the control system, for example to determine optimal false data injection attack values that degrade the system performance while remaining undetected. In this study, a control theoretic approach for establishing covert channels in stochastic CPSs is presented. In particular, a scenario is considered where an attacker is able to inject malware into the networked controller and arbitrarily alter the control logic. By exploiting such capability, an attacker can establish an illegitimate communication channel, for example to transmit sensitive plant parameters, between the networked controller and an eavesdropper intercepting the sensor measurements. The authors show that such a channel can be established by exploiting the closed-loop system operations, a decoding mechanism based on an unknown input observer, and an error-correcting coding scheme that exploits the control loop to obtain an implicit acknowledgement. A simple proof of concept implementation of the covert channel is presented, and its performance is evaluated by resorting to a numerical example. Finally, some defences and countermeasures are proposed against the proposed covert channel.
{"title":"Covert channels in stochastic cyber-physical systems","authors":"Walter Lucia, Amr Youssef","doi":"10.1049/cps2.12020","DOIUrl":"https://doi.org/10.1049/cps2.12020","url":null,"abstract":"<p>A covert channel is a communication channel that is not intended to exist, and that can be used to transfer information in a manner that violates the system security policy. Attackers can abuse such channels to exfiltrate sensitive information from cyber-physical systems (CPSs), for example to leak the confidential or proprietary parameters in a control system. Furthermore, attacks against CPSs can exploit the leaked information about the implementation of the control system, for example to determine optimal false data injection attack values that degrade the system performance while remaining undetected. In this study, a control theoretic approach for establishing covert channels in stochastic CPSs is presented. In particular, a scenario is considered where an attacker is able to inject malware into the networked controller and arbitrarily alter the control logic. By exploiting such capability, an attacker can establish an illegitimate communication channel, for example to transmit sensitive plant parameters, between the networked controller and an eavesdropper intercepting the sensor measurements. The authors show that such a channel can be established by exploiting the closed-loop system operations, a decoding mechanism based on an unknown input observer, and an error-correcting coding scheme that exploits the control loop to obtain an implicit acknowledgement. A simple proof of concept implementation of the covert channel is presented, and its performance is evaluated by resorting to a numerical example. Finally, some defences and countermeasures are proposed against the proposed covert channel.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"6 4","pages":"228-237"},"PeriodicalIF":1.5,"publicationDate":"2021-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12020","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91829702","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Patrick Wlazlo, Abhijeet Sahu, Zeyu Mao, Hao Huang, Ana Goulart, Katherine Davis, Saman Zonouz
Man-in-The-Middle (MiTM) attacks present numerous threats to a smart grid. In a MiTM attack, an intruder embeds itself within a conversation between two devices to either eavesdrop or impersonate one of the devices, making it appear to be a normal exchange of information. Thus, the intruder can perform false data injection (FDI) and false command injection (FCI) attacks that can compromise power system operations, such as state estimation, economic dispatch, and automatic generation control (AGC). Very few researchers have focused on MiTM methods that are difficult to detect within a smart grid. To address this, we are designing and implementing multi-stage MiTM intrusions in an emulation-based cyber-physical power system testbed against a large-scale synthetic grid model to demonstrate how such attacks can cause physical contingencies such as misguided operation and false measurements. MiTM intrusions create FCI, FDI, and replay attacks in this synthetic power grid. This work enables stakeholders to defend against these stealthy attacks, and we present detection mechanisms that are developed using multiple alerts from intrusion detection systems and network monitoring tools. Our contribution will enable other smart grid security researchers and industry to develop further detection mechanisms for inconspicuous MiTM attacks.
{"title":"Man-in-the-middle attacks and defence in a power system cyber-physical testbed","authors":"Patrick Wlazlo, Abhijeet Sahu, Zeyu Mao, Hao Huang, Ana Goulart, Katherine Davis, Saman Zonouz","doi":"10.1049/cps2.12014","DOIUrl":"https://doi.org/10.1049/cps2.12014","url":null,"abstract":"<p>Man-in-The-Middle (MiTM) attacks present numerous threats to a smart grid. In a MiTM attack, an intruder embeds itself within a conversation between two devices to either eavesdrop or impersonate one of the devices, making it appear to be a normal exchange of information. Thus, the intruder can perform false data injection (FDI) and false command injection (FCI) attacks that can compromise power system operations, such as state estimation, economic dispatch, and automatic generation control (AGC). Very few researchers have focused on MiTM methods that are difficult to detect within a smart grid. To address this, we are designing and implementing multi-stage MiTM intrusions in an emulation-based cyber-physical power system testbed against a large-scale synthetic grid model to demonstrate how such attacks can cause physical contingencies such as misguided operation and false measurements. MiTM intrusions create FCI, FDI, and replay attacks in this synthetic power grid. This work enables stakeholders to defend against these stealthy attacks, and we present detection mechanisms that are developed using multiple alerts from intrusion detection systems and network monitoring tools. Our contribution will enable other smart grid security researchers and industry to develop further detection mechanisms for inconspicuous MiTM attacks.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"6 3","pages":"164-177"},"PeriodicalIF":1.5,"publicationDate":"2021-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12014","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91882158","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Cybersecurity has become a significant issue. Machine learning algorithms are known to help identify cyberattacks such as network intrusion. However, common network intrusion datasets are negatively affected by class imbalance: the normal traffic behaviour constitutes most of the dataset, whereas intrusion traffic behaviour forms a significantly smaller portion. A comparative evaluation of the performance is conducted of several classical machine learning algorithms, as well as deep learning algorithms, on the well-known National Security Lab Knowledge Discovery and Data Mining dataset for intrusion detection. More specifically, two variants of a fully connected neural network, one with an autoencoder and one without, have been implemented to compare their performance against seven classical machine learning algorithms. A voting classifier is also proposed to combine the decisions of these nine machine learning algorithms. All of the models are tested in combination with three different resampling techniques: oversampling, undersampling, and hybrid sampling. The details of the experiments conducted and an analysis of their results are then discussed.
{"title":"Network intrusion detection using machine learning approaches: Addressing data imbalance","authors":"Rahbar Ahsan, Wei Shi, Jean-Pierre Corriveau","doi":"10.1049/cps2.12013","DOIUrl":"10.1049/cps2.12013","url":null,"abstract":"<p>Cybersecurity has become a significant issue. Machine learning algorithms are known to help identify cyberattacks such as network intrusion. However, common network intrusion datasets are negatively affected by class imbalance: the normal traffic behaviour constitutes most of the dataset, whereas intrusion traffic behaviour forms a significantly smaller portion. A comparative evaluation of the performance is conducted of several classical machine learning algorithms, as well as deep learning algorithms, on the well-known National Security Lab Knowledge Discovery and Data Mining dataset for intrusion detection. More specifically, two variants of a fully connected neural network, one with an autoencoder and one without, have been implemented to compare their performance against seven classical machine learning algorithms. A voting classifier is also proposed to combine the decisions of these nine machine learning algorithms. All of the models are tested in combination with three different resampling techniques: oversampling, undersampling, and hybrid sampling. The details of the experiments conducted and an analysis of their results are then discussed.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"7 1","pages":"30-39"},"PeriodicalIF":1.5,"publicationDate":"2021-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12013","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131082900","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Abhijeet Sahu, Patrick Wlazlo, Zeyu Mao, Hao Huang, Ana Goulart, Katherine Davis, Saman Zonouz
A power system is a complex cyber-physical system whose security is critical to its function. A major challenge is to model, analyse and visualise the communication backbone of the power systems concerning cyber threats. To achieve this, the design and evaluation of a cyber-physical power system (CPPS) testbed called Resilient Energy Systems Lab (RESLab) are presented to capture realistic cyber, physical, and protection system features. RESLab is architected to be a fundamental platform for studying and improving the resilience of complex CPPS to cyber threats. The cyber network is emulated using Common Open Research Emulator (CORE), which acts as a gateway for the physical and protection devices to communicate. The physical grid is simulated in the dynamic time frame using Power World Dynamic Studio (PWDS). The protection components are modelled with both PWDS and physical devices including the SEL Real-Time Automation Controller (RTAC). Distributed Network Protocol 3 (DNP3) is used to monitor and control the grid. Then, the design is exemplified and the tools are validated. This work presents four case studies on cyberattack and defence using RESLab, where we demonstrate false data and command injection using Man-in-the-Middle and Denial of Service attacks and validate them on a large-scale synthetic electric grid.
电力系统是一个复杂的网络物理系统,其安全性对电力系统的运行至关重要。一个主要的挑战是对涉及网络威胁的电力系统的通信骨干进行建模、分析和可视化。为了实现这一目标,提出了一个称为弹性能源系统实验室(RESLab)的网络物理电力系统(CPPS)测试平台的设计和评估,以捕捉现实的网络、物理和保护系统特征。RESLab旨在成为研究和提高复杂CPPS应对网络威胁的弹性的基础平台。使用通用开放研究仿真器(Common Open Research Emulator, CORE)对网络进行仿真,该仿真器作为物理设备和保护设备通信的网关。使用Power World dynamic Studio (PWDS)在动态时间框架内模拟物理网格。保护组件采用PWDS和物理设备建模,包括SEL实时自动化控制器(RTAC)。采用分布式网络协议DNP3 (Distributed Network Protocol 3)对电网进行监控。然后,对设计进行了实例验证,并对工具进行了验证。这项工作介绍了使用RESLab进行网络攻击和防御的四个案例研究,其中我们使用中间人攻击和拒绝服务攻击演示了虚假数据和命令注入,并在大规模合成电网上进行了验证。
{"title":"Design and evaluation of a cyber-physical testbed for improving attack resilience of power systems","authors":"Abhijeet Sahu, Patrick Wlazlo, Zeyu Mao, Hao Huang, Ana Goulart, Katherine Davis, Saman Zonouz","doi":"10.1049/cps2.12018","DOIUrl":"https://doi.org/10.1049/cps2.12018","url":null,"abstract":"<p>A power system is a complex cyber-physical system whose security is critical to its function. A major challenge is to model, analyse and visualise the communication backbone of the power systems concerning cyber threats. To achieve this, the design and evaluation of a cyber-physical power system (CPPS) testbed called Resilient Energy Systems Lab (RESLab) are presented to capture realistic cyber, physical, and protection system features. RESLab is architected to be a fundamental platform for studying and improving the resilience of complex CPPS to cyber threats. The cyber network is emulated using Common Open Research Emulator (CORE), which acts as a gateway for the physical and protection devices to communicate. The physical grid is simulated in the dynamic time frame using Power World Dynamic Studio (PWDS). The protection components are modelled with both PWDS and physical devices including the SEL Real-Time Automation Controller (RTAC). Distributed Network Protocol 3 (DNP3) is used to monitor and control the grid. Then, the design is exemplified and the tools are validated. This work presents four case studies on cyberattack and defence using RESLab, where we demonstrate false data and command injection using Man-in-the-Middle and Denial of Service attacks and validate them on a large-scale synthetic electric grid.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"6 4","pages":"208-227"},"PeriodicalIF":1.5,"publicationDate":"2021-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12018","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91843016","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Marcio Andrey Teixeira, Maede Zolanvari, Khaled M. Khan, Raj Jain, Nader Meskin
Intrusion detection in supervisory control and data acquisition (SCADA) systems is integral because of the critical roles of these systems in industries. However, available approaches in the literature lack representative flow-based datasets and reliable real-time adaption and evaluation. A publicly available labelled dataset to support flow-based intrusion detection research specific to SCADA systems is presented. Cyberattacks were carried out against our SCADA system test bed to generate this flow-based dataset. Moreover, a flow-based intrusion detection system (IDS) is developed for SCADA systems using a deep learning algorithm. We used the dataset to develop this IDS model for real-time operations of SCADA systems to detect attacks momentarily after they happen. The results show empirical proof of the model’s adequacy when deployed online to detect cyberattacks in real time.
{"title":"Flow-based intrusion detection algorithm for supervisory control and data acquisition systems: A real-time approach","authors":"Marcio Andrey Teixeira, Maede Zolanvari, Khaled M. Khan, Raj Jain, Nader Meskin","doi":"10.1049/cps2.12016","DOIUrl":"https://doi.org/10.1049/cps2.12016","url":null,"abstract":"<p>Intrusion detection in supervisory control and data acquisition (SCADA) systems is integral because of the critical roles of these systems in industries. However, available approaches in the literature lack representative flow-based datasets and reliable real-time adaption and evaluation. A publicly available labelled dataset to support flow-based intrusion detection research specific to SCADA systems is presented. Cyberattacks were carried out against our SCADA system test bed to generate this flow-based dataset. Moreover, a flow-based intrusion detection system (IDS) is developed for SCADA systems using a deep learning algorithm. We used the dataset to develop this IDS model for real-time operations of SCADA systems to detect attacks momentarily after they happen. The results show empirical proof of the model’s adequacy when deployed online to detect cyberattacks in real time.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"6 3","pages":"178-191"},"PeriodicalIF":1.5,"publicationDate":"2021-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12016","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91893914","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Suhyun Cha, Birgit Vogel-Heuser, Alexander Weigl, Mattias Ulbrich, Bernhard Beckert
The dependability characteristic of the control software of manufacturing systems is highlighted more than before, going through repeated changes to cope with various and varying requirements. Formal methods are researched to be applied to automation system engineering to obtain a more effective and efficient quality assurance. One of the approaches, a formal specification language named Generalised Test Tables has been developed with the aim of intuitiveness and accessibility for automation application developers. The result of the experiments conducted to assess the usability of this language is presented here. Focussing on evaluating effectiveness and user satisfaction, three paper-based experiments have been conducted with students at the bachelor and master level. The evaluation results point to positive usability in both comparative effectiveness to conventional language, that is, Petri Nets, and subjective perception of user satisfaction.
{"title":"Table-based formal specification approaches for control engineers—empirical studies of usability","authors":"Suhyun Cha, Birgit Vogel-Heuser, Alexander Weigl, Mattias Ulbrich, Bernhard Beckert","doi":"10.1049/cps2.12017","DOIUrl":"https://doi.org/10.1049/cps2.12017","url":null,"abstract":"The dependability characteristic of the control software of manufacturing systems is highlighted more than before, going through repeated changes to cope with various and varying requirements. Formal methods are researched to be applied to automation system engineering to obtain a more effective and efficient quality assurance. One of the approaches, a formal specification language named Generalised Test Tables has been developed with the aim of intuitiveness and accessibility for automation application developers. The result of the experiments conducted to assess the usability of this language is presented here. Focussing on evaluating effectiveness and user satisfaction, three paper-based experiments have been conducted with students at the bachelor and master level. The evaluation results point to positive usability in both comparative effectiveness to conventional language, that is, Petri Nets, and subjective perception of user satisfaction.","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"6 4","pages":"193-207"},"PeriodicalIF":1.5,"publicationDate":"2021-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12017","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91876060","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
As communication networks are implemented for information exchange between the master and slave sides of bilateral teleoperation systems, they are exposed to cyber-attack threats. This paper aims to analyse the performance of bilateral teleoperation systems in the presence of random denial-of-service (DoS) attacks and constant transmission delays and propose a mode-dependent switching controller to mitigate the influence of DoS attacks. The characteristics of DoS attacks and networks are thoroughly incorporated in the design; also considered is the case of both communication directions behaving independently. Specifically, the model of a teleoperation system under a DoS attack is integrated as a stochastic jump system. A mode-dependent control approach is proposed for a teleoperation system to mitigate the influence of random DoS attacks. In case studies, vulnerability analysis and time-domain simulation results show that teleoperation system performance can be degraded under continuous random DoS attacks. When the proposed mode-based switching controllers are installed, the trajectory tracking performance and authenticity of interaction force feedback are significantly improved during the attacking period.
{"title":"Mode-dependent switching control of bilateral teleoperation against random denial-of-service attacks","authors":"Lingyan Hu, Kun Wang, Dongxia Hu, Yiming Wang","doi":"10.1049/cps2.12015","DOIUrl":"10.1049/cps2.12015","url":null,"abstract":"<p>As communication networks are implemented for information exchange between the master and slave sides of bilateral teleoperation systems, they are exposed to cyber-attack threats. This paper aims to analyse the performance of bilateral teleoperation systems in the presence of random denial-of-service (DoS) attacks and constant transmission delays and propose a mode-dependent switching controller to mitigate the influence of DoS attacks. The characteristics of DoS attacks and networks are thoroughly incorporated in the design; also considered is the case of both communication directions behaving independently. Specifically, the model of a teleoperation system under a DoS attack is integrated as a stochastic jump system. A mode-dependent control approach is proposed for a teleoperation system to mitigate the influence of random DoS attacks. In case studies, vulnerability analysis and time-domain simulation results show that teleoperation system performance can be degraded under continuous random DoS attacks. When the proposed mode-based switching controllers are installed, the trajectory tracking performance and authenticity of interaction force feedback are significantly improved during the attacking period.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"7 1","pages":"16-29"},"PeriodicalIF":1.5,"publicationDate":"2021-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12015","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130078138","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Moving target defence (MTD) has been gaining traction to thwart false data injection attacks against state estimation (SE) in the power grid. MTD actively perturbs the reactance of transmission lines equipped with distributed flexible AC transmission system (D-FACTS) devices to falsify the attacker's knowledge about the system configuration. However, the existing literature has not systematically studied what influences the detection effectiveness of MTD and how it can be improved based on the topology analysis. These problems are tackled here from the perspective of an MTD plan in which the D-FACTS placement is determined. We first exploit the relation between the rank of the composite matrix and the detecting effectiveness. Then, we rigorously derive upper and lower bounds on the attack detecting probability of MTDs with a given rank of the composite matrix. Furthermore, we analyse existing planning methods and highlight the importance of bus coverage by D-FACTS devices. To improve the detection effectiveness, we propose a novel graph theory–based planning algorithm to retain the maximum rank of the composite matrix while covering all necessary buses. Comparative results on multiple systems show the high detecting effectiveness of the proposed algorithm in both DC- and AC-SE.
{"title":"Systematic planning of moving target defence for maximising detection effectiveness against false data injection attacks in smart grid","authors":"Bo Liu, Hongyu Wu","doi":"10.1049/cps2.12012","DOIUrl":"https://doi.org/10.1049/cps2.12012","url":null,"abstract":"<p>Moving target defence (MTD) has been gaining traction to thwart false data injection attacks against state estimation (SE) in the power grid. MTD actively perturbs the reactance of transmission lines equipped with distributed flexible AC transmission system (D-FACTS) devices to falsify the attacker's knowledge about the system configuration. However, the existing literature has not systematically studied what influences the detection effectiveness of MTD and how it can be improved based on the topology analysis. These problems are tackled here from the perspective of an MTD plan in which the D-FACTS placement is determined. We first exploit the relation between the rank of the composite matrix and the detecting effectiveness. Then, we rigorously derive upper and lower bounds on the attack detecting probability of MTDs with a given rank of the composite matrix. Furthermore, we analyse existing planning methods and highlight the importance of bus coverage by D-FACTS devices. To improve the detection effectiveness, we propose a novel graph theory–based planning algorithm to retain the maximum rank of the composite matrix while covering all necessary buses. Comparative results on multiple systems show the high detecting effectiveness of the proposed algorithm in both DC- and AC-SE.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"6 3","pages":"151-163"},"PeriodicalIF":1.5,"publicationDate":"2021-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12012","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91555841","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ensuring that safety-critical cyber-physical systems (CPSs) continue to satisfy correctness and safety specifications even under faults or adversarial attacks is very challenging, especially in the presence of legacy components for which accurate models are unknown to the designer. Current techniques for secure-by-design systems engineering do not provide an end-to-end methodology for a designer to provide real-time assurance for safety-critical CPSs by identifying system dynamics and updating control strategies in response to newly discovered faults, attacks or other changes such as system upgrades. We propose a new methodology, along with an integrated framework implemented in MATLAB to guarantee the resilient operation of safety-critical CPSs with unknown dynamics. The proposed framework consists of three main components. The runtime monitor evaluates the system behaviour on-the-fly against its correctness specifications expressed as signal temporal logic formulas. The model synthesiser incorporates a sparse identification approach that is used to continually update the plant model and control policies to adapt to any changes in the system or the environment. The decision and control module designs a controller to ensure that the correctness specifications are satisfied at runtime. For evaluation, we apply our proposed framework to ensure the resilient operations of two CPS case studies.
{"title":"Towards a framework of enforcing resilient operation of cyber-physical systems with unknown dynamics","authors":"Luan Nguyen, Vijay Gupta","doi":"10.1049/cps2.12009","DOIUrl":"https://doi.org/10.1049/cps2.12009","url":null,"abstract":"<p>Ensuring that safety-critical cyber-physical systems (CPSs) continue to satisfy correctness and safety specifications even under faults or adversarial attacks is very challenging, especially in the presence of legacy components for which accurate models are unknown to the designer. Current techniques for secure-by-design systems engineering do not provide an end-to-end methodology for a designer to provide real-time assurance for safety-critical CPSs by identifying system dynamics and updating control strategies in response to newly discovered faults, attacks or other changes such as system upgrades. We propose a new methodology, along with an integrated framework implemented in MATLAB to guarantee the resilient operation of safety-critical CPSs with unknown dynamics. The proposed framework consists of three main components. The runtime monitor evaluates the system behaviour on-the-fly against its correctness specifications expressed as signal temporal logic formulas. The model synthesiser incorporates a sparse identification approach that is used to continually update the plant model and control policies to adapt to any changes in the system or the environment. The decision and control module designs a controller to ensure that the correctness specifications are satisfied at runtime. For evaluation, we apply our proposed framework to ensure the resilient operations of two CPS case studies.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"6 3","pages":"125-138"},"PeriodicalIF":1.5,"publicationDate":"2021-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12009","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91858611","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}