首页 > 最新文献

IET Cyber-Physical Systems: Theory and Applications最新文献

英文 中文
Hierarchical clustering framework for facility location selection with practical constraints 具有实际约束的设施选址层次聚类框架
IF 1.5 Q1 Engineering Pub Date : 2021-08-08 DOI: 10.1049/cps2.12021
Tianze Lin, Yang Liu, Boyang Liu, Yu Wang, Shengnan Wu, Wenming Zhe

Facility location selection plays a critical role in the planning of logistics networks. It selects the addresses of facility nodes from a candidate set of locations to optimise multiple targets such as transportation efficiency and economic cost considering the practical constraints of the real world. Thus, it is often formulated as a combinational optimisation problem, which is solved by either mixed integer programing algorithms or heuristic methods. However, these approaches are limited by several issues such as a high computational cost and weak generalisation flexibility. In this work, a novel hierarchical clustering framework is proposed for facility location selection, which can flexibly support a wide variety of optimisation targets and the combinations of multiple practical constraints that are vital in the real logistics scenarios. Beyond the original hierarchical clustering algorithm, it incorporates a looking-forward mechanism that alleviates the ‘greedy trap’ by utilising global information. These advantages enable the proposed method to generate reliable solutions with high time efficiency. As demonstrated by the experimental results on real JD Logistics data, the proposed method outperforms the widely adopted GGA and VNS algorithms. It also has a much lower computation cost compared to the SCIP solver, while the quality of solutions are within an acceptable range.

设施选址在物流网络规划中起着至关重要的作用。考虑到现实世界的实际约束,它从候选地点集中选择设施节点的地址,以优化运输效率和经济成本等多个目标。因此,它通常被表述为一个组合优化问题,通过混合整数规划算法或启发式方法来解决。然而,这些方法受到计算成本高和泛化灵活性弱等问题的限制。在这项工作中,提出了一种新的分层聚类框架,用于设施选址,该框架可以灵活地支持各种优化目标和多种实际约束的组合,这些约束在实际物流场景中至关重要。在原有的分层聚类算法的基础上,它结合了一种前瞻性机制,通过利用全局信息来缓解“贪婪陷阱”。这些优点使所提出的方法能够生成可靠的解,并且具有较高的时间效率。在JD物流实际数据上的实验结果表明,该方法优于目前广泛采用的GGA和VNS算法。与SCIP求解器相比,它的计算成本要低得多,而解的质量在可接受的范围内。
{"title":"Hierarchical clustering framework for facility location selection with practical constraints","authors":"Tianze Lin,&nbsp;Yang Liu,&nbsp;Boyang Liu,&nbsp;Yu Wang,&nbsp;Shengnan Wu,&nbsp;Wenming Zhe","doi":"10.1049/cps2.12021","DOIUrl":"https://doi.org/10.1049/cps2.12021","url":null,"abstract":"<p>Facility location selection plays a critical role in the planning of logistics networks. It selects the addresses of facility nodes from a candidate set of locations to optimise multiple targets such as transportation efficiency and economic cost considering the practical constraints of the real world. Thus, it is often formulated as a combinational optimisation problem, which is solved by either mixed integer programing algorithms or heuristic methods. However, these approaches are limited by several issues such as a high computational cost and weak generalisation flexibility. In this work, a novel hierarchical clustering framework is proposed for facility location selection, which can flexibly support a wide variety of optimisation targets and the combinations of multiple practical constraints that are vital in the real logistics scenarios. Beyond the original hierarchical clustering algorithm, it incorporates a looking-forward mechanism that alleviates the ‘greedy trap’ by utilising global information. These advantages enable the proposed method to generate reliable solutions with high time efficiency. As demonstrated by the experimental results on real JD Logistics data, the proposed method outperforms the widely adopted GGA and VNS algorithms. It also has a much lower computation cost compared to the SCIP solver, while the quality of solutions are within an acceptable range.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2021-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12021","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91812529","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Covert channels in stochastic cyber-physical systems 随机网络物理系统中的隐蔽信道
IF 1.5 Q1 Engineering Pub Date : 2021-07-12 DOI: 10.1049/cps2.12020
Walter Lucia, Amr Youssef

A covert channel is a communication channel that is not intended to exist, and that can be used to transfer information in a manner that violates the system security policy. Attackers can abuse such channels to exfiltrate sensitive information from cyber-physical systems (CPSs), for example to leak the confidential or proprietary parameters in a control system. Furthermore, attacks against CPSs can exploit the leaked information about the implementation of the control system, for example to determine optimal false data injection attack values that degrade the system performance while remaining undetected. In this study, a control theoretic approach for establishing covert channels in stochastic CPSs is presented. In particular, a scenario is considered where an attacker is able to inject malware into the networked controller and arbitrarily alter the control logic. By exploiting such capability, an attacker can establish an illegitimate communication channel, for example to transmit sensitive plant parameters, between the networked controller and an eavesdropper intercepting the sensor measurements. The authors show that such a channel can be established by exploiting the closed-loop system operations, a decoding mechanism based on an unknown input observer, and an error-correcting coding scheme that exploits the control loop to obtain an implicit acknowledgement. A simple proof of concept implementation of the covert channel is presented, and its performance is evaluated by resorting to a numerical example. Finally, some defences and countermeasures are proposed against the proposed covert channel.

隐蔽通道是一种不打算存在的通信通道,可用于以违反系统安全策略的方式传输信息。攻击者可以滥用这些通道从网络物理系统(cps)中泄露敏感信息,例如泄露控制系统中的机密或专有参数。此外,针对cps的攻击可以利用有关控制系统实现的泄露信息,例如确定最佳的虚假数据注入攻击值,这些攻击值会降低系统性能,但不会被发现。本文提出了一种建立随机cps隐蔽信道的控制理论方法。特别是,考虑了攻击者能够将恶意软件注入网络控制器并任意更改控制逻辑的场景。通过利用这种能力,攻击者可以在联网控制器和拦截传感器测量的窃听者之间建立非法通信通道,例如传输敏感的工厂参数。该信道可以通过利用闭环系统操作、基于未知输入观测器的解码机制和利用控制环获得隐式确认的纠错编码方案来建立。给出了隐蔽信道实现的一个简单的概念证明,并通过一个数值算例对隐蔽信道的性能进行了评价。最后,针对所提出的隐蔽信道提出了一些防御和对策。
{"title":"Covert channels in stochastic cyber-physical systems","authors":"Walter Lucia,&nbsp;Amr Youssef","doi":"10.1049/cps2.12020","DOIUrl":"https://doi.org/10.1049/cps2.12020","url":null,"abstract":"<p>A covert channel is a communication channel that is not intended to exist, and that can be used to transfer information in a manner that violates the system security policy. Attackers can abuse such channels to exfiltrate sensitive information from cyber-physical systems (CPSs), for example to leak the confidential or proprietary parameters in a control system. Furthermore, attacks against CPSs can exploit the leaked information about the implementation of the control system, for example to determine optimal false data injection attack values that degrade the system performance while remaining undetected. In this study, a control theoretic approach for establishing covert channels in stochastic CPSs is presented. In particular, a scenario is considered where an attacker is able to inject malware into the networked controller and arbitrarily alter the control logic. By exploiting such capability, an attacker can establish an illegitimate communication channel, for example to transmit sensitive plant parameters, between the networked controller and an eavesdropper intercepting the sensor measurements. The authors show that such a channel can be established by exploiting the closed-loop system operations, a decoding mechanism based on an unknown input observer, and an error-correcting coding scheme that exploits the control loop to obtain an implicit acknowledgement. A simple proof of concept implementation of the covert channel is presented, and its performance is evaluated by resorting to a numerical example. Finally, some defences and countermeasures are proposed against the proposed covert channel.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2021-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12020","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91829702","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Man-in-the-middle attacks and defence in a power system cyber-physical testbed 电力系统网络物理试验台的中间人攻击与防御
IF 1.5 Q1 Engineering Pub Date : 2021-06-28 DOI: 10.1049/cps2.12014
Patrick Wlazlo, Abhijeet Sahu, Zeyu Mao, Hao Huang, Ana Goulart, Katherine Davis, Saman Zonouz

Man-in-The-Middle (MiTM) attacks present numerous threats to a smart grid. In a MiTM attack, an intruder embeds itself within a conversation between two devices to either eavesdrop or impersonate one of the devices, making it appear to be a normal exchange of information. Thus, the intruder can perform false data injection (FDI) and false command injection (FCI) attacks that can compromise power system operations, such as state estimation, economic dispatch, and automatic generation control (AGC). Very few researchers have focused on MiTM methods that are difficult to detect within a smart grid. To address this, we are designing and implementing multi-stage MiTM intrusions in an emulation-based cyber-physical power system testbed against a large-scale synthetic grid model to demonstrate how such attacks can cause physical contingencies such as misguided operation and false measurements. MiTM intrusions create FCI, FDI, and replay attacks in this synthetic power grid. This work enables stakeholders to defend against these stealthy attacks, and we present detection mechanisms that are developed using multiple alerts from intrusion detection systems and network monitoring tools. Our contribution will enable other smart grid security researchers and industry to develop further detection mechanisms for inconspicuous MiTM attacks.

中间人攻击(MiTM)给智能电网带来了许多威胁。在MiTM攻击中,入侵者将自己嵌入到两个设备之间的对话中,以窃听或冒充其中一个设备,使其看起来像是正常的信息交换。因此,入侵者可以执行虚假数据注入(FDI)和虚假命令注入(FCI)攻击,从而危及电力系统的运行,例如状态估计、经济调度和自动发电控制(AGC)。很少有研究人员关注智能电网中难以检测的MiTM方法。为了解决这个问题,我们正在设计和实施基于仿真的网络物理电力系统测试平台上的多阶段MiTM入侵,以对抗大规模合成网格模型,以演示此类攻击如何导致物理突发事件,例如错误的操作和错误的测量。MiTM入侵在这个综合电网中创建FCI, FDI和重放攻击。这项工作使利益相关者能够防御这些隐形攻击,我们提出了使用入侵检测系统和网络监控工具的多个警报开发的检测机制。我们的贡献将使其他智能电网安全研究人员和行业能够开发出针对不明显的MiTM攻击的进一步检测机制。
{"title":"Man-in-the-middle attacks and defence in a power system cyber-physical testbed","authors":"Patrick Wlazlo,&nbsp;Abhijeet Sahu,&nbsp;Zeyu Mao,&nbsp;Hao Huang,&nbsp;Ana Goulart,&nbsp;Katherine Davis,&nbsp;Saman Zonouz","doi":"10.1049/cps2.12014","DOIUrl":"https://doi.org/10.1049/cps2.12014","url":null,"abstract":"<p>Man-in-The-Middle (MiTM) attacks present numerous threats to a smart grid. In a MiTM attack, an intruder embeds itself within a conversation between two devices to either eavesdrop or impersonate one of the devices, making it appear to be a normal exchange of information. Thus, the intruder can perform false data injection (FDI) and false command injection (FCI) attacks that can compromise power system operations, such as state estimation, economic dispatch, and automatic generation control (AGC). Very few researchers have focused on MiTM methods that are difficult to detect within a smart grid. To address this, we are designing and implementing multi-stage MiTM intrusions in an emulation-based cyber-physical power system testbed against a large-scale synthetic grid model to demonstrate how such attacks can cause physical contingencies such as misguided operation and false measurements. MiTM intrusions create FCI, FDI, and replay attacks in this synthetic power grid. This work enables stakeholders to defend against these stealthy attacks, and we present detection mechanisms that are developed using multiple alerts from intrusion detection systems and network monitoring tools. Our contribution will enable other smart grid security researchers and industry to develop further detection mechanisms for inconspicuous MiTM attacks.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2021-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12014","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91882158","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 48
Network intrusion detection using machine learning approaches: Addressing data imbalance 使用机器学习方法的网络入侵检测:处理数据不平衡
IF 1.5 Q1 Engineering Pub Date : 2021-06-23 DOI: 10.1049/cps2.12013
Rahbar Ahsan, Wei Shi, Jean-Pierre Corriveau

Cybersecurity has become a significant issue. Machine learning algorithms are known to help identify cyberattacks such as network intrusion. However, common network intrusion datasets are negatively affected by class imbalance: the normal traffic behaviour constitutes most of the dataset, whereas intrusion traffic behaviour forms a significantly smaller portion. A comparative evaluation of the performance is conducted of several classical machine learning algorithms, as well as deep learning algorithms, on the well-known National Security Lab Knowledge Discovery and Data Mining dataset for intrusion detection. More specifically, two variants of a fully connected neural network, one with an autoencoder and one without, have been implemented to compare their performance against seven classical machine learning algorithms. A voting classifier is also proposed to combine the decisions of these nine machine learning algorithms. All of the models are tested in combination with three different resampling techniques: oversampling, undersampling, and hybrid sampling. The details of the experiments conducted and an analysis of their results are then discussed.

网络安全已成为一个重大问题。众所周知,机器学习算法有助于识别网络入侵等网络攻击。然而,常见的网络入侵数据集受到类不平衡的负面影响:正常流量行为构成了数据集的大部分,而入侵流量行为构成了数据集的一小部分。在著名的入侵检测国家安全实验室知识发现和数据挖掘数据集上,对几种经典机器学习算法以及深度学习算法的性能进行了比较评估。更具体地说,一个完全连接的神经网络的两个变体,一个有自动编码器,一个没有,已经实现,以比较它们的性能与七个经典机器学习算法。并提出了一种投票分类器,将这九种机器学习算法的决策结合起来。所有模型都结合三种不同的重采样技术进行了测试:过采样、欠采样和混合采样。然后讨论了所进行的实验的细节和对实验结果的分析。
{"title":"Network intrusion detection using machine learning approaches: Addressing data imbalance","authors":"Rahbar Ahsan,&nbsp;Wei Shi,&nbsp;Jean-Pierre Corriveau","doi":"10.1049/cps2.12013","DOIUrl":"10.1049/cps2.12013","url":null,"abstract":"<p>Cybersecurity has become a significant issue. Machine learning algorithms are known to help identify cyberattacks such as network intrusion. However, common network intrusion datasets are negatively affected by class imbalance: the normal traffic behaviour constitutes most of the dataset, whereas intrusion traffic behaviour forms a significantly smaller portion. A comparative evaluation of the performance is conducted of several classical machine learning algorithms, as well as deep learning algorithms, on the well-known National Security Lab Knowledge Discovery and Data Mining dataset for intrusion detection. More specifically, two variants of a fully connected neural network, one with an autoencoder and one without, have been implemented to compare their performance against seven classical machine learning algorithms. A voting classifier is also proposed to combine the decisions of these nine machine learning algorithms. All of the models are tested in combination with three different resampling techniques: oversampling, undersampling, and hybrid sampling. The details of the experiments conducted and an analysis of their results are then discussed.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2021-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12013","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131082900","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Design and evaluation of a cyber-physical testbed for improving attack resilience of power systems 提高电力系统抗攻击能力的网络物理试验台设计与评价
IF 1.5 Q1 Engineering Pub Date : 2021-06-16 DOI: 10.1049/cps2.12018
Abhijeet Sahu, Patrick Wlazlo, Zeyu Mao, Hao Huang, Ana Goulart, Katherine Davis, Saman Zonouz

A power system is a complex cyber-physical system whose security is critical to its function. A major challenge is to model, analyse and visualise the communication backbone of the power systems concerning cyber threats. To achieve this, the design and evaluation of a cyber-physical power system (CPPS) testbed called Resilient Energy Systems Lab (RESLab) are presented to capture realistic cyber, physical, and protection system features. RESLab is architected to be a fundamental platform for studying and improving the resilience of complex CPPS to cyber threats. The cyber network is emulated using Common Open Research Emulator (CORE), which acts as a gateway for the physical and protection devices to communicate. The physical grid is simulated in the dynamic time frame using Power World Dynamic Studio (PWDS). The protection components are modelled with both PWDS and physical devices including the SEL Real-Time Automation Controller (RTAC). Distributed Network Protocol 3 (DNP3) is used to monitor and control the grid. Then, the design is exemplified and the tools are validated. This work presents four case studies on cyberattack and defence using RESLab, where we demonstrate false data and command injection using Man-in-the-Middle and Denial of Service attacks and validate them on a large-scale synthetic electric grid.

电力系统是一个复杂的网络物理系统,其安全性对电力系统的运行至关重要。一个主要的挑战是对涉及网络威胁的电力系统的通信骨干进行建模、分析和可视化。为了实现这一目标,提出了一个称为弹性能源系统实验室(RESLab)的网络物理电力系统(CPPS)测试平台的设计和评估,以捕捉现实的网络、物理和保护系统特征。RESLab旨在成为研究和提高复杂CPPS应对网络威胁的弹性的基础平台。使用通用开放研究仿真器(Common Open Research Emulator, CORE)对网络进行仿真,该仿真器作为物理设备和保护设备通信的网关。使用Power World dynamic Studio (PWDS)在动态时间框架内模拟物理网格。保护组件采用PWDS和物理设备建模,包括SEL实时自动化控制器(RTAC)。采用分布式网络协议DNP3 (Distributed Network Protocol 3)对电网进行监控。然后,对设计进行了实例验证,并对工具进行了验证。这项工作介绍了使用RESLab进行网络攻击和防御的四个案例研究,其中我们使用中间人攻击和拒绝服务攻击演示了虚假数据和命令注入,并在大规模合成电网上进行了验证。
{"title":"Design and evaluation of a cyber-physical testbed for improving attack resilience of power systems","authors":"Abhijeet Sahu,&nbsp;Patrick Wlazlo,&nbsp;Zeyu Mao,&nbsp;Hao Huang,&nbsp;Ana Goulart,&nbsp;Katherine Davis,&nbsp;Saman Zonouz","doi":"10.1049/cps2.12018","DOIUrl":"https://doi.org/10.1049/cps2.12018","url":null,"abstract":"<p>A power system is a complex cyber-physical system whose security is critical to its function. A major challenge is to model, analyse and visualise the communication backbone of the power systems concerning cyber threats. To achieve this, the design and evaluation of a cyber-physical power system (CPPS) testbed called Resilient Energy Systems Lab (RESLab) are presented to capture realistic cyber, physical, and protection system features. RESLab is architected to be a fundamental platform for studying and improving the resilience of complex CPPS to cyber threats. The cyber network is emulated using Common Open Research Emulator (CORE), which acts as a gateway for the physical and protection devices to communicate. The physical grid is simulated in the dynamic time frame using Power World Dynamic Studio (PWDS). The protection components are modelled with both PWDS and physical devices including the SEL Real-Time Automation Controller (RTAC). Distributed Network Protocol 3 (DNP3) is used to monitor and control the grid. Then, the design is exemplified and the tools are validated. This work presents four case studies on cyberattack and defence using RESLab, where we demonstrate false data and command injection using Man-in-the-Middle and Denial of Service attacks and validate them on a large-scale synthetic electric grid.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2021-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12018","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91843016","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
Flow-based intrusion detection algorithm for supervisory control and data acquisition systems: A real-time approach 监控和数据采集系统中基于流的入侵检测算法:一种实时方法
IF 1.5 Q1 Engineering Pub Date : 2021-05-31 DOI: 10.1049/cps2.12016
Marcio Andrey Teixeira, Maede Zolanvari, Khaled M. Khan, Raj Jain, Nader Meskin

Intrusion detection in supervisory control and data acquisition (SCADA) systems is integral because of the critical roles of these systems in industries. However, available approaches in the literature lack representative flow-based datasets and reliable real-time adaption and evaluation. A publicly available labelled dataset to support flow-based intrusion detection research specific to SCADA systems is presented. Cyberattacks were carried out against our SCADA system test bed to generate this flow-based dataset. Moreover, a flow-based intrusion detection system (IDS) is developed for SCADA systems using a deep learning algorithm. We used the dataset to develop this IDS model for real-time operations of SCADA systems to detect attacks momentarily after they happen. The results show empirical proof of the model’s adequacy when deployed online to detect cyberattacks in real time.

由于监控和数据采集(SCADA)系统在工业中的关键作用,入侵检测在这些系统中是不可或缺的。然而,文献中可用的方法缺乏代表性的基于流的数据集和可靠的实时适应和评估。提出了一个公开可用的标记数据集,用于支持特定于SCADA系统的基于流的入侵检测研究。针对我们的SCADA系统测试平台进行了网络攻击,以生成这个基于流的数据集。此外,针对SCADA系统,利用深度学习算法开发了基于流的入侵检测系统(IDS)。我们使用该数据集开发了用于SCADA系统实时操作的IDS模型,以便在攻击发生后瞬间检测到攻击。结果表明,该模型的充分性,当部署在线实时检测网络攻击的经验证明。
{"title":"Flow-based intrusion detection algorithm for supervisory control and data acquisition systems: A real-time approach","authors":"Marcio Andrey Teixeira,&nbsp;Maede Zolanvari,&nbsp;Khaled M. Khan,&nbsp;Raj Jain,&nbsp;Nader Meskin","doi":"10.1049/cps2.12016","DOIUrl":"https://doi.org/10.1049/cps2.12016","url":null,"abstract":"<p>Intrusion detection in supervisory control and data acquisition (SCADA) systems is integral because of the critical roles of these systems in industries. However, available approaches in the literature lack representative flow-based datasets and reliable real-time adaption and evaluation. A publicly available labelled dataset to support flow-based intrusion detection research specific to SCADA systems is presented. Cyberattacks were carried out against our SCADA system test bed to generate this flow-based dataset. Moreover, a flow-based intrusion detection system (IDS) is developed for SCADA systems using a deep learning algorithm. We used the dataset to develop this IDS model for real-time operations of SCADA systems to detect attacks momentarily after they happen. The results show empirical proof of the model’s adequacy when deployed online to detect cyberattacks in real time.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2021-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12016","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91893914","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Table-based formal specification approaches for control engineers—empirical studies of usability 面向控制工程师的基于表格的形式化规范方法——可用性的实证研究
IF 1.5 Q1 Engineering Pub Date : 2021-05-26 DOI: 10.1049/cps2.12017
Suhyun Cha, Birgit Vogel-Heuser, Alexander Weigl, Mattias Ulbrich, Bernhard Beckert
The dependability characteristic of the control software of manufacturing systems is highlighted more than before, going through repeated changes to cope with various and varying requirements. Formal methods are researched to be applied to automation system engineering to obtain a more effective and efficient quality assurance. One of the approaches, a formal specification language named Generalised Test Tables has been developed with the aim of intuitiveness and accessibility for automation application developers. The result of the experiments conducted to assess the usability of this language is presented here. Focussing on evaluating effectiveness and user satisfaction, three paper-based experiments have been conducted with students at the bachelor and master level. The evaluation results point to positive usability in both comparative effectiveness to conventional language, that is, Petri Nets, and subjective perception of user satisfaction.
制造系统控制软件的可靠性特点比以往更加突出,需要经过反复修改以应对各种不同的要求。研究了形式化方法在自动化系统工程中的应用,以获得更有效和高效的质量保证。其中一种方法是一种名为通用测试表的正式规范语言,其目的是为自动化应用程序开发人员提供直观性和可访问性。本文给出了评估该语言可用性的实验结果。以评估有效性和用户满意度为重点,在本科和硕士阶段的学生中进行了三个基于纸张的实验。评估结果表明,无论是相对于传统语言(即Petri网)的有效性,还是用户满意度的主观感知,都具有积极的可用性。
{"title":"Table-based formal specification approaches for control engineers—empirical studies of usability","authors":"Suhyun Cha,&nbsp;Birgit Vogel-Heuser,&nbsp;Alexander Weigl,&nbsp;Mattias Ulbrich,&nbsp;Bernhard Beckert","doi":"10.1049/cps2.12017","DOIUrl":"https://doi.org/10.1049/cps2.12017","url":null,"abstract":"The dependability characteristic of the control software of manufacturing systems is highlighted more than before, going through repeated changes to cope with various and varying requirements. Formal methods are researched to be applied to automation system engineering to obtain a more effective and efficient quality assurance. One of the approaches, a formal specification language named Generalised Test Tables has been developed with the aim of intuitiveness and accessibility for automation application developers. The result of the experiments conducted to assess the usability of this language is presented here. Focussing on evaluating effectiveness and user satisfaction, three paper-based experiments have been conducted with students at the bachelor and master level. The evaluation results point to positive usability in both comparative effectiveness to conventional language, that is, Petri Nets, and subjective perception of user satisfaction.","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2021-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12017","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91876060","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Mode-dependent switching control of bilateral teleoperation against random denial-of-service attacks 针对随机拒绝服务攻击的双边远程操作模式依赖切换控制
IF 1.5 Q1 Engineering Pub Date : 2021-05-17 DOI: 10.1049/cps2.12015
Lingyan Hu, Kun Wang, Dongxia Hu, Yiming Wang

As communication networks are implemented for information exchange between the master and slave sides of bilateral teleoperation systems, they are exposed to cyber-attack threats. This paper aims to analyse the performance of bilateral teleoperation systems in the presence of random denial-of-service (DoS) attacks and constant transmission delays and propose a mode-dependent switching controller to mitigate the influence of DoS attacks. The characteristics of DoS attacks and networks are thoroughly incorporated in the design; also considered is the case of both communication directions behaving independently. Specifically, the model of a teleoperation system under a DoS attack is integrated as a stochastic jump system. A mode-dependent control approach is proposed for a teleoperation system to mitigate the influence of random DoS attacks. In case studies, vulnerability analysis and time-domain simulation results show that teleoperation system performance can be degraded under continuous random DoS attacks. When the proposed mode-based switching controllers are installed, the trajectory tracking performance and authenticity of interaction force feedback are significantly improved during the attacking period.

由于通信网络是双边远程操作系统主从端信息交换的基础,因此极易受到网络攻击的威胁。本文旨在分析双边远程操作系统在随机拒绝服务(DoS)攻击和持续传输延迟情况下的性能,并提出一种模式相关的切换控制器来减轻DoS攻击的影响。在设计中充分考虑了DoS攻击和网络的特点;还考虑了两个通信方向独立运行的情况。具体来说,将DoS攻击下的远程操作系统模型集成为一个随机跳跃系统。针对远程操作系统中随机DoS攻击的影响,提出了一种模式依赖控制方法。实例分析和时域仿真结果表明,连续随机DoS攻击会导致远程操作系统性能下降。当安装基于模式的切换控制器时,攻击期间的轨迹跟踪性能和交互力反馈的真实性都得到了显著提高。
{"title":"Mode-dependent switching control of bilateral teleoperation against random denial-of-service attacks","authors":"Lingyan Hu,&nbsp;Kun Wang,&nbsp;Dongxia Hu,&nbsp;Yiming Wang","doi":"10.1049/cps2.12015","DOIUrl":"10.1049/cps2.12015","url":null,"abstract":"<p>As communication networks are implemented for information exchange between the master and slave sides of bilateral teleoperation systems, they are exposed to cyber-attack threats. This paper aims to analyse the performance of bilateral teleoperation systems in the presence of random denial-of-service (DoS) attacks and constant transmission delays and propose a mode-dependent switching controller to mitigate the influence of DoS attacks. The characteristics of DoS attacks and networks are thoroughly incorporated in the design; also considered is the case of both communication directions behaving independently. Specifically, the model of a teleoperation system under a DoS attack is integrated as a stochastic jump system. A mode-dependent control approach is proposed for a teleoperation system to mitigate the influence of random DoS attacks. In case studies, vulnerability analysis and time-domain simulation results show that teleoperation system performance can be degraded under continuous random DoS attacks. When the proposed mode-based switching controllers are installed, the trajectory tracking performance and authenticity of interaction force feedback are significantly improved during the attacking period.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2021-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12015","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130078138","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Systematic planning of moving target defence for maximising detection effectiveness against false data injection attacks in smart grid 智能电网中移动目标防御的系统规划,以最大限度地提高对虚假数据注入攻击的检测效率
IF 1.5 Q1 Engineering Pub Date : 2021-05-07 DOI: 10.1049/cps2.12012
Bo Liu, Hongyu Wu

Moving target defence (MTD) has been gaining traction to thwart false data injection attacks against state estimation (SE) in the power grid. MTD actively perturbs the reactance of transmission lines equipped with distributed flexible AC transmission system (D-FACTS) devices to falsify the attacker's knowledge about the system configuration. However, the existing literature has not systematically studied what influences the detection effectiveness of MTD and how it can be improved based on the topology analysis. These problems are tackled here from the perspective of an MTD plan in which the D-FACTS placement is determined. We first exploit the relation between the rank of the composite matrix and the detecting effectiveness. Then, we rigorously derive upper and lower bounds on the attack detecting probability of MTDs with a given rank of the composite matrix. Furthermore, we analyse existing planning methods and highlight the importance of bus coverage by D-FACTS devices. To improve the detection effectiveness, we propose a novel graph theory–based planning algorithm to retain the maximum rank of the composite matrix while covering all necessary buses. Comparative results on multiple systems show the high detecting effectiveness of the proposed algorithm in both DC- and AC-SE.

移动目标防御(MTD)在阻止电网中针对状态估计(SE)的虚假数据注入攻击方面得到了越来越多的关注。MTD主动扰动配备分布式柔性交流输电系统(D-FACTS)设备的输电线路的电抗,以伪造攻击者对系统配置的了解。然而,现有文献并没有系统地研究影响MTD检测有效性的因素以及如何基于拓扑分析来提高MTD的检测效率。这里从确定D-FACTS放置位置的MTD计划的角度来解决这些问题。我们首先利用了复合矩阵的秩与检测有效性之间的关系。然后,我们严格推导出给定秩的mtd的攻击检测概率的上界和下界。此外,我们分析了现有的规划方法,并强调了D-FACTS设备覆盖总线的重要性。为了提高检测效率,我们提出了一种新的基于图论的规划算法,以保留复合矩阵的最大秩,同时覆盖所有必要的总线。在多个系统上的对比结果表明,该算法在直流系统和交流系统中都具有较高的检测效率。
{"title":"Systematic planning of moving target defence for maximising detection effectiveness against false data injection attacks in smart grid","authors":"Bo Liu,&nbsp;Hongyu Wu","doi":"10.1049/cps2.12012","DOIUrl":"https://doi.org/10.1049/cps2.12012","url":null,"abstract":"<p>Moving target defence (MTD) has been gaining traction to thwart false data injection attacks against state estimation (SE) in the power grid. MTD actively perturbs the reactance of transmission lines equipped with distributed flexible AC transmission system (D-FACTS) devices to falsify the attacker's knowledge about the system configuration. However, the existing literature has not systematically studied what influences the detection effectiveness of MTD and how it can be improved based on the topology analysis. These problems are tackled here from the perspective of an MTD plan in which the D-FACTS placement is determined. We first exploit the relation between the rank of the composite matrix and the detecting effectiveness. Then, we rigorously derive upper and lower bounds on the attack detecting probability of MTDs with a given rank of the composite matrix. Furthermore, we analyse existing planning methods and highlight the importance of bus coverage by D-FACTS devices. To improve the detection effectiveness, we propose a novel graph theory–based planning algorithm to retain the maximum rank of the composite matrix while covering all necessary buses. Comparative results on multiple systems show the high detecting effectiveness of the proposed algorithm in both DC- and AC-SE.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2021-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12012","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91555841","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Towards a framework of enforcing resilient operation of cyber-physical systems with unknown dynamics 迈向一个框架,强制弹性操作的网络物理系统与未知的动态
IF 1.5 Q1 Engineering Pub Date : 2021-04-22 DOI: 10.1049/cps2.12009
Luan Nguyen, Vijay Gupta

Ensuring that safety-critical cyber-physical systems (CPSs) continue to satisfy correctness and safety specifications even under faults or adversarial attacks is very challenging, especially in the presence of legacy components for which accurate models are unknown to the designer. Current techniques for secure-by-design systems engineering do not provide an end-to-end methodology for a designer to provide real-time assurance for safety-critical CPSs by identifying system dynamics and updating control strategies in response to newly discovered faults, attacks or other changes such as system upgrades. We propose a new methodology, along with an integrated framework implemented in MATLAB to guarantee the resilient operation of safety-critical CPSs with unknown dynamics. The proposed framework consists of three main components. The runtime monitor evaluates the system behaviour on-the-fly against its correctness specifications expressed as signal temporal logic formulas. The model synthesiser incorporates a sparse identification approach that is used to continually update the plant model and control policies to adapt to any changes in the system or the environment. The decision and control module designs a controller to ensure that the correctness specifications are satisfied at runtime. For evaluation, we apply our proposed framework to ensure the resilient operations of two CPS case studies.

确保安全关键型网络物理系统(cps)即使在故障或对抗性攻击下也能继续满足正确性和安全性规范,这是非常具有挑战性的,特别是在设计人员不知道其准确模型的遗留组件存在的情况下。目前的安全设计系统工程技术并没有为设计人员提供端到端的方法,通过识别系统动态和更新控制策略来响应新发现的故障、攻击或其他变化(如系统升级),为安全关键的cps提供实时保证。我们提出了一种新的方法,以及在MATLAB中实现的集成框架,以保证具有未知动态的安全关键cps的弹性运行。拟议的框架由三个主要部分组成。运行时监视器根据表示为信号时序逻辑公式的正确性规范动态地评估系统行为。模型合成器采用稀疏识别方法,用于不断更新工厂模型和控制策略,以适应系统或环境中的任何变化。决策与控制模块设计了一个控制器,以确保在运行时满足正确性规范。为了进行评估,我们应用我们提出的框架来确保两个CPS案例研究的弹性运作。
{"title":"Towards a framework of enforcing resilient operation of cyber-physical systems with unknown dynamics","authors":"Luan Nguyen,&nbsp;Vijay Gupta","doi":"10.1049/cps2.12009","DOIUrl":"https://doi.org/10.1049/cps2.12009","url":null,"abstract":"<p>Ensuring that safety-critical cyber-physical systems (CPSs) continue to satisfy correctness and safety specifications even under faults or adversarial attacks is very challenging, especially in the presence of legacy components for which accurate models are unknown to the designer. Current techniques for secure-by-design systems engineering do not provide an end-to-end methodology for a designer to provide real-time assurance for safety-critical CPSs by identifying system dynamics and updating control strategies in response to newly discovered faults, attacks or other changes such as system upgrades. We propose a new methodology, along with an integrated framework implemented in MATLAB to guarantee the resilient operation of safety-critical CPSs with unknown dynamics. The proposed framework consists of three main components. The runtime monitor evaluates the system behaviour on-the-fly against its correctness specifications expressed as signal temporal logic formulas. The model synthesiser incorporates a sparse identification approach that is used to continually update the plant model and control policies to adapt to any changes in the system or the environment. The decision and control module designs a controller to ensure that the correctness specifications are satisfied at runtime. For evaluation, we apply our proposed framework to ensure the resilient operations of two CPS case studies.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2021-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12009","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91858611","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
期刊
IET Cyber-Physical Systems: Theory and Applications
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1