Managing complex product development projects : An analytical framework for complex product development / Hantering av komplexa produktutveklingsprojekt : Ett analytiskt ramverk för komplex produktutveckling

GHATTAS, HELEN

January 2016

Under de senaste åren har produkterna blivit mer invecklade beträffande anslutningen, prestanda och funktionalitet. Därför är syftet av denna studie att undersöka hur komplexa system utvecklas och leds genom att genomföra fallstudie på olika svenska företag som utvecklar mekatroniska och cyber-fysiska system. Resultatet av denna studie har lett till identifieringen av många utmaningar som de undersökta företagen har och som i sin tur har lett till framställningen av ett analytiskt ramverk som diskuterar hur och vad man bör göra för att utveckla komplexa produkter på ett effektivt sätt, så att onödig komplexitet i produktutvecklingen kan reduceras. / In recent years, products have become more complex in terms of connectivity, performance and functionality. Therefore, this study aims at studying how complex products are developed and managed through conducting multiple case studies at different Swedish companies that develop mechatronic or cyberphysical systems. The results of this study is the identification of many challenges that the investigated companies have, which have led to a presentation of an analytical framework that discusses how complex product development projects can and should be managed in order to be efficient, in order to reduce unnecessary complexity in the way companies develop these complex products.

Cyber-physical

integration phase

V-model

project management

product development

mechatronics and systems engineering

Cyber-fysiska system

integrationsfasen

V-modellen

projektledning

produktutveckling

mekatronik och systems engineering

Economics and Business

Ekonomi och näringsliv

TRACE DATA-DRIVEN DEFENSE AGAINST CYBER AND CYBER-PHYSICAL ATTACKS.pdf

Abdulellah Abdulaziz M Alsaheel (17040543)

11 October 2023

<p dir="ltr">In the contemporary digital era, Advanced Persistent Threat (APT) attacks are evolving, becoming increasingly sophisticated, and now perilously targeting critical cyber-physical systems, notably Industrial Control Systems (ICS). The intersection of digital and physical realms in these systems enables APT attacks on ICSs to potentially inflict physical damage, disrupt critical infrastructure, and jeopardize human safety, thereby posing severe consequences for our interconnected world. Provenance tracing techniques are essential for investigating these attacks, yet existing APT attack forensics approaches grapple with scalability and maintainability issues. These approaches often hinge on system- or application-level logging, incurring high space and run-time overheads and potentially encountering difficulties in accessing source code. Their dependency on heuristics and manual rules necessitates perpetual updates by domain-knowledge experts to counteract newly developed attacks. Additionally, while there have been efforts to verify the safety of Programming Logic Controller (PLC) code as adversaries increasingly target industrial environments, these works either exclusively consider PLC program code without connecting to the underlying physical process or only address time-related physical safety issues neglecting other vital physical features.</p><p dir="ltr">This dissertation introduces two novel frameworks, ATLAS and ARCHPLC, to address the aforementioned challenges, offering a synergistic approach to fortifying cybersecurity in the face of evolving APT and ICS threats. ATLAS, an effective and efficient multi-host attack investigation framework, constructs end-to-end APT attack stories from audit logs by combining causality analysis, Natural Language Processing (NLP), and machine learning. Identifying key attack patterns, ATLAS proficiently analyzes and pinpoints attack events, minimizing alert fatigue for cyber analysts. During evaluations involving ten real-world APT attacks executed in a realistic virtual environment, ATLAS demonstrated an ability to recover attack steps and construct attack stories with an average precision of 91.06%, a recall of 97.29%, and an F1-score of 93.76%, providing a robust framework for understanding and mitigating cyber threats.</p><p dir="ltr">Concurrently, ARCHPLC, an advanced approach for enhancing ICS security, combines static analysis of PLC code and data mining from ICS data traces to derive accurate invariants, providing a comprehensive understanding of ICS behavior. ARCHPLC employs physical causality graph analysis techniques to identify cause-effect relationships among plant components (e.g., sensors and actuators), enabling efficient and quantitative discovery of physical causality invariants. Supporting patching and run-time monitoring modes, ARCHPLC inserts derived invariants into PLC code using program synthesis in patching mode and inserts invariants into a dedicated monitoring program for continuous safety checks in run-time monitoring mode. ARCHPLC adeptly detects and mitigates run-time anomalies, providing exceptional protection against cyber-physical attacks with minimal overhead. In evaluations against 11 cyber-physical attacks on a Fischertechnik manufacturing plant and a chemical plant simulator, ARCHPLC protected the plants without any false positives or negatives, with an average run-time overhead of 14.31% in patching mode and 0.4% in run-time monitoring mode.</p><p dir="ltr">In summary, this dissertation provides invaluable solutions that equip cybersecurity professionals to enhance APT attack investigation, enabling them to identify and comprehend complex attacks with heightened accuracy. Moreover, these solutions significantly bolster the safety and security of ICS infrastructure, effectively protecting critical systems and strengthening defenses against cyber-physical attacks, thereby contributing substantially to the field of cybersecurity.</p>

Software and application security

System and network security

ICS Security

forensics investigation

attack detection

Autonomous Cyber Defense for Resilient Cyber-Physical Systems

Zhang, Qisheng

09 January 2024

In this dissertation research, we design and analyze resilient cyber-physical systems (CPSs) under high network dynamics, adversarial attacks, and various uncertainties. We focus on three key system attributes to build resilient CPSs by developing a suite of the autonomous cyber defense mechanisms. First, we consider network adaptability to achieve the resilience of a CPS. Network adaptability represents the network ability to maintain its security and connectivity level when faced with incoming attacks. We address this by network topology adaptation. Network topology adaptation can contribute to quickly identifying and updating the network topology to confuse attacks by changing attack paths. We leverage deep reinforcement learning (DRL) to develop CPSs using network topology adaptation. Second, we consider the fault-tolerance of a CPS as another attribute to ensure system resilience. We aim to build a resilient CPS under severe resource constraints, adversarial attacks, and various uncertainties. We chose a solar sensor-based smart farm as one example of the CPS applications and develop a resource-aware monitoring system for the smart farms. We leverage DRL and uncertainty quantification using a belief theory, called Subjective Logic, to optimize critical tradeoffs between system performance and security under the contested CPS environments. Lastly, we study system resilience in terms of system recoverability. The system recoverability refers to the system's ability to recover from performance degradation or failure. In this task, we mainly focus on developing an automated intrusion response system (IRS) for CPSs. We aim to design the IRS with effective and efficient responses by reducing a false alarm rate and defense cost, respectively. Specifically, We build a lightweight IRS for an in-vehicle controller area network (CAN) bus system operating with DRL-based autonomous driving. / Doctor of Philosophy / In this dissertation research, we design and analyze resilient cyber-physical systems (CPSs) under high network dynamics, adversarial attacks, and various uncertainties. We focus on three key system attributes to build resilient CPSs by developing a suite of the autonomous cyber defense mechanisms. First, we consider network adaptability to achieve the resilience of a CPS. Network adaptability represents the network ability to maintain its security and connectivity level when faced with incoming attacks. We address this by network topology adaptation. Network topology adaptation can contribute to quickly identifying and updating the network topology to confuse attacks by changing attack paths. We leverage deep reinforcement learning (DRL) to develop CPSs using network topology adaptation. Second, we consider the fault-tolerance of a CPS as another attribute to ensure system resilience. We aim to build a resilient CPS under severe resource constraints, adversarial attacks, and various uncertainties. We chose a solar sensor-based smart farm as one example of the CPS applications and develop a resource-aware monitoring system for the smart farms. We leverage DRL and uncertainty quantification using a belief theory, called Subjective Logic, to optimize critical tradeoffs between system performance and security under the contested CPS environments. Lastly, we study system resilience in terms of system recoverability. The system recoverability refers to the system's ability to recover from performance degradation or failure. In this task, we mainly focus on developing an automated intrusion response system (IRS) for CPSs. We aim to design the IRS with effective and efficient responses by reducing a false alarm rate and defense cost, respectively. Specifically, We build a lightweight IRS for an in-vehicle controller area network (CAN) bus system operating with DRL-based autonomous driving.

Cyber-physical systems

network resilience

network security

network adaptation

software diversity

deep reinforcement learning

fault-tolerance

recoverability

intrusion prevention

intrusion response

INTERNET CONGESTION CONTROL: COMPLETE STABILITY REGION FOR PI AQM AND BANDWIDTH ALLOCATION IN NETWORKED CONTROL

Al-Hammouri, Ahmad Tawfiq

January 2008

No description available.

Computer Science

Sensor-Actuator networks

SANETs

Active Queue Management

Time-delay systems

Steady-state backlogs

Utility functions

Cyber-Physical Systems

Networked control systems

Queue controller

Efficiency and security in data-driven applications

Zhang, Kaijin, ZHANG

04 June 2018

No description available.

Computer Engineering

Computer Science

transit route network

secure outsourcing

matrix convolution

privacy

security

convolution

image registration

transportation system

cyber-physical system

lyapunov optimization

TOWARDS SECURE AND RELIABLE ROBOTIC VEHICLES WITH HOLISTIC MODELING AND PROGRAM ANALYSIS

Hong Jun Choi (13045434)

08 August 2022

<p>Cyber-Physical Systems (CPS) are integrated systems that consist of the computational and physical components with network communication to support operation in the physical world. My PhD dissertation focuses on the security and reliability of autonomous cyber-physical systems, such as self-driving cars, drones, and underwater robots, that are safety-critical systems based on the seamless integration of cyber and physical components. Autonomous CPS are becoming an integral part of our life. The market for autonomous driving systems is expected to be more than $65 billion by 2026. The security of such CPS is hence critical. Beyond traditional cyber-only computing systems, these complex and integrated CPS have unique characteristics. From the security perspective, they open unique research opportunities since they introduce additional attack vectors and post new challenges that existing cyber-oriented approaches cannot address well. <em>The goal of my research is to build secure and reliable autonomous CPS by bridging the gap between the cyber and physical domains.</em> To this end, my work focuses on fundamental research questions associated with cyber-physical attack and defense, vulnerability discovery and elimination, and post-attack investigation. My approach to solving the problems involves various techniques and interdis- ciplinary knowledge, including program analysis, search-based software engineering, control theory, robotics, and AI/machine learning.</p>

System and network security

Cyber-Physical Systems

CPS

Robotic Vehicle

Security

Reliability

Software Testing

Software Engineering

Attack Detection

Attack Resilience

Vulnerability Analysis

Attack Investigation

Forensics

Covert Cognizance: Embedded Intelligence for Industrial Systems

Arvind Sundaram (13883201)

07 October 2022

<p>Can a critical industrial system, such as a nuclear reactor, be made self-aware and cognizant of its operational history? Can it alert authorities covertly to malicious intrusion without exposing its  defense  mechanisms?  What  if  the  intruders  are  highly  knowledgeable  adversaries,  or  even  insiders that may have designed the system? This thesis addresses these research questions through a novel physical process defense called Covert Cognizance (C2). </p> <p>C2  serves  as  a  last  line  of  defense  to  industrial  systems  when  existing  information  and  operational technology defenses have been breached by advanced persistent threat (APT) actors or insiders. It is an active form of defense that may be embedded in an existing system to induce intelligence,  i.e.,  self-awareness,  and  make  various subsystems  aware  of  each  other.  It  interacts with the system at the process level and provides an additional layer of security to the process data therein without the need of a human in the loop. </p> <p>The C2 paradigm is  founded on two core requirements – zero-impact and zero-observability. Departing from contemporary active defenses, zero-impact requires a successful implementationto leave no footprint on the system ensuring identical operation while zero-observability requires that the embedding is immune to pattern-discovery algorithms.  In other words, a third-party such as  a  malicious  intruder  must  be  unable  to  detect  the  presence  of  the  C2  defense  based  on  observation of the process data, even when augmented by machine learning tools that are adept at pattern discovery. </p> <p>In the present work, nuclear reactor simulations are embedded with the C2 defense to induce awareness across subsystems and defend them against highly knowledgeable adversaries that have bypassed existing safeguards such as model-based defenses.  Specifically, the subsystems are made aware  of  each  other  by  embedding  critical information from  the  process  variables  of  one sub-module  along  the  noise of  the  process  variables  of  another,  thus  rendering  the  implementation  covert and  immune  to  pattern  discovery.   The  implementation  is  validated  using  generative adversarial  nets,  representing  a  state-of-the-art  machine  learning  tool,  and  statistical  analysis  of  the  reactor  states,  control  inputs,  outputs  etc. The  work  is  also  extended  to  data  masking  applications  via  the  deceptive  infusion  of  data  (DIOD)  paradigm.  Future  work  focuses  on  the  development of automated C2 modules for “plug ‘n’ play” deployment onto critical infrastructure and/or their digital twins.</p>

Covert Cognizance

Operational Technology

Cyber-physical Systems

Cybersecurity

Artificial Intelligence

Embedded Systems

Autonomous Control in Advanced Life Support Systems : Air Revitalisation within the Micro-Ecological Life Support System Alternative / Autonom styrning i avancerade livsuppehållande system : Återupplivning av luft inom det Micro-Ecological Life Support System Alternative

Demey, Lukas

January 2023

In recent years international space agencies have become more and more explicit about long term lunar and Martian space missions. With the space program Terrae Novae, the European Space Agency puts forward a focus on the development of Human &amp; Robotic Exploration technologies essential in enabling such long term missions. An integral component of this program is the focus on Advanced Life Support Systems. Life support systems are operated to provide astronauts with life necessities like oxygen, water and food. Currently, conventional Life Support System often have a linear supply design, relying on resources shipped from Earth, with limited onboard re-usage. However, for extended space missions, this linear supply model becomes impractical due to the constraints of dry mass during space travel. Given this need, the European Space Agency initiated the MELiSSA (Micro-Ecological Life Support System Alternative) project aimed at the development of a bioregenerative life support systems. In previous works, the MELiSSA Loop has been proposed: a system design inspired by terrestial ecosystems, that consists of multiple compartments that perform specific biological functions like nitrification and biosynthesis. Due to the complex interdependence of the individual compartments and general space system requirements, the control of such this cyber-physical system forms a significant challenge. This thesis proposes a previously undescribed architecture for the MELiSSA Loop controller design that coordinates the resource distribution between the compartments and establishes atmosphere revitalisation. The architecture meets control objectives specified at high level, and at the same time satisfies the physical and operational constraints. / Under de senaste åren har internationella rymdorganisationer blivit mer och mer tydliga om långsiktiga mån- och rymduppdrag på mars. Med rymdprogrammet Terrae Novae lägger Europeiska rymdorganisationen fram ett fokus på utvecklingen av Human &amp; Robotic Exploration-teknik som är nödvändig för att möjliggöra sådana långsiktiga uppdrag. En integrerad del av detta program är fokus på Advanced Life Support Systems. Livsuppehållande system används för att förse astronauter med livsnödvändigheter som syre, vatten och mat. För närvarande har konventionella livsuppehållande system ofta en linjär försörjningsdesign som förlitar sig på resurser som skickas från jorden, med begränsad återanvändning ombord. Men för utökade rymduppdrag blir denna linjära försörjningsmodell opraktisk på grund av begränsningarna av torr massa under rymdresor. Med tanke på detta behov initierade Europeiska rymdorganisationen MELiSSA-projektet (MicroEcological Life Support System Alternative) som syftade till att utveckla ett bioregenerativt livsuppehållande system. I tidigare arbeten har MELiSSA Loop föreslagits: en systemdesign inspirerad av terrestiska ekosystem, som består av flera fack som utför specifika biologiska funktioner som nitrifikation och biosyntes. På grund av det komplexa ömsesidiga beroendet mellan de enskilda avdelningarna och allmänna krav på rymdsystem, utgör kontrollen av sådana detta cyberfysiska system en betydande utmaning. Denna avhandling föreslår en tidigare obeskriven arkitektur för MELiSSA Loopkontrollerdesignen som koordinerar resursfördelningen mellan avdelningarna och etablerar återupplivning av atmosfären. Arkitekturen uppfyller styrmål som anges på hög nivå, och uppfyller samtidigt de fysiska och operativa begränsningarna.

Advanced Life Support Systems

Cyber-Physical Systems

Control Architecture

Distributed Software Architecture

Space Exploration

Avancerade livsuppehållande system

cyberfysiska system

kontrollarkitektur

distribuerad mjukvaruarkitektur

rymdutforskning

Computer and Information Sciences

Data- och informationsvetenskap

AI-based Detection Against Cyberattacks in Cyber-Physical Distribution Systems

Sahani, Nitasha

05 June 2024

Integration of a cyber system and communication systems with the traditional power grid has enabled better monitoring and control of the smart grid making it more reliable and resilient. This empowers the system operators to make informed decisions as a result of better system visibility. The grid has moved from a completely air-gapped structure to a well-connected network. However, this remote-control capability to control distributed physical components in a distribution system can be exploited by adversaries with malicious intent to disrupt the power supply to the customers. Therefore, while taking advantage of the cyber-physical posture in the smart grid for improved controllability, there is a critical need for cybersecurity research to protect the critical power infrastructure from cyberattacks. While the literature regarding cybersecurity in distribution systems has focused on detecting and mitigating the cyberattack impact on the physical system, there has been limited effort towards a preventive approach for detecting cyberattacks. With this in mind, this dissertation focuses on developing intelligent solutions to detect cyberattacks in the cyber layer of the distribution grid and prevent the attack from impacting the physical grid. There has been a particular emphasis on the impact of coordinated attacks and the design of proactive defense to detect the attacker's intent to predict the attack trajectory. The vulnerability assessment of the cyber-physical system in this work identifies the key areas in the system that are prone to cyberattacks and failure to detect attacks timely can lead to cascading outages. A comprehensive cyber-physical system is developed to deploy different intrusion detection solutions and quantify the effect of proactive detection in the cyber layer. The attack detection approach is driven by artificial intelligence to learn attack patterns for effective attack path prediction in both a fully observable and partially observable distribution system. The role of effective communication technology in attack detection is also realized through detailed modeling of 5G and latency requirements are validated. / Doctor of Philosophy / The traditional power grid was designed to supply electricity from the utility side to the customers. This grid model has shifted from a one-directional supply of power to a bi-directional one where customers with generation capacity can provide power to the grid. This is possible through bi-directional data flow which ensures the complete power system observability and allows the utility to monitor and control distributed power components remotely. This connectivity depends on the cyber system and efficient communication for ensuring stable and reliable system operations. However, this also makes the grid vulnerable to cyberattacks as the traditional air-gapped grid has evolved into a highly connected network, thus increasing the attack surface for attackers. They might pose the capability to intrude on the network by exploiting network vulnerability, move laterally through different aspects of the network, and cause operational disruption. The type of disruption can be minor voltage fluctuations or even widespread power outages depending on the ultimate malicious attack goal of such adversaries. Therefore, cybersecurity measures for protecting critical power infrastructure are extremely important to ensure smooth system operations. There has been recent research effort for detecting such attacks, isolating the attacked parts in the grid, and mitigating the impact of the attack, however, instead of a passive response there is a need for a preventive or proactive detection mechanism. This can ensure capturing the attack at the cyber layer before intruders can impact the physical grid. This is the primary motivation to design an intrusion detection system that can detect different coordinated attacks (where different attacks are related and directed towards a specific goal) and can predict the attack path. This dissertation focuses on first identifying the vulnerabilities in the distribution system and a comprehensive cyber-physical system is developed. Different detection algorithms are developed to detect cyberattacks in the distribution grid and have the intelligence to learn the attack patterns to successfully predict the attack path. Additionally, the effectiveness of advanced communication such as 5G is also tested for different system operations in the distribution system.

Abductive Reasoning

Artificial Intelligence

Cause-effect Correlation

Coordinated Cyberattacks

Cyber-physical Systems

Cybersecurity

Distribution Systems

Intrusion Detection

Machine Learning

Model-based Reinforcement Learning

A Risk Based Approach to Intelligent Transportation Systems Security

Bakhsh Kelarestaghi, Kaveh

11 July 2019

Security threats to cyber-physical systems are targeting institutions and infrastructure around the world, and the frequency and severity of attacks are on the rise. Healthcare manufacturing, financial services, education, government, and transportation are among the industries that are the most lucrative targets for adversaries. Hacking is not just about companies, organizations, or banks; it also includes critical infrastructure. Wireless Sensors Networks, Vehicle-to-everything communication (V2X), Dynamic Message Signs (DMS), and Traffic Signal Controllers are among major Intelligent Transportation Systems (ITS) infrastructure that has already been attacked or remain vulnerable to hacking. ITS has been deployed with a focus on increasing efficiency and safety in the face of dramatic increases in travel demand. Although many studies have been performed and many security primitives have been proposed, there are significant concerns about flawless performance in a dynamic environment. A holistic security approach, in which all infrastructure performs within the satisfactory level of security remains undiscovered. Previously, hacking of road infrastructure was a rare event, however, in recent years, field devices such as DMS are hacked with higher frequency. The primary reason that transportation assets are vulnerable to cyber-attacks is due to their location. A more dramatic scenario occurs when hackers attempt to convey tampered instructions to the public. Analyzing traveler behavior in response to the hacked messages sign on the basis of empirical data is a vital step toward operating a secure and reliable transportation system. There may be room for improvement by policymakers and program managers when considering critical infrastructure vulnerabilities. With cybersecurity issues escalating every day, road users' safety has been neglected. This dissertation overcomes these challenges and contributes to the nascent but growing literature of Intelligent Transportation System (ITS) security impact-oriented risk assessment in threefold. • First, I employ a risk-based approach to conduct a threat assessment. This threat assessment performs a qualitative vulnerability-oriented threat analysis. The objective is to scrutinize safety, security, reliability, and operation issues that are prompted by a compromised Dynamic Message Signs (DMS). • Second, I examine the impact of drivers' attitudes and behaviors on compliance, route diversion behavior, and speed change behavior, under a compromised DMS. We aim to assess the determinants that are likely to contribute to drivers' compliance with forged information. To this extent, this dissertation evaluates drivers' behavior under different unauthentic messages to assess in-depth the impact of an adversarial attack on the transportation network. • Third, I evaluate distracted driving under different scenarios to assess the in-depth impact of an adversarial attack on the transportation network. To this extent, this dissertation examines factors that are contributing to the manual, visual, and cognitive distractions when drivers encountering fabricated advisory information at a compromised DMS. The results of this dissertation support the original hypothesis and indicate that with respect to the forged information drivers tend to (1) change their planned route, (2) become involved in distracting activities, and (3) change their choice speed at the presence of a compromised DMS. The main findings of this dissertation are outlined below: 1. The DMS security vulnerabilities and predisposing conditions allow adversaries to compromise ITS functionality. The risk-based approach of this study delivers the impact-likelihood matrix, which maps the adverse impacts of the threat events onto a meaningful, visual, matrix. DMS hacking adverse impacts can be categorized mainly as high-risk and medium-risk clusters. The safety, operational (i.e., monetary losses) and behavioral impacts are associated with a high-risk cluster. While the security, reliability, efficiency, and operational (i.e., congestion) impacts are associated with the medium-risk cluster. 2. Tech friendly drivers are more likely to change their route under a compromised DMS. At the same time, while they are acquiring new information, they need to lowering their speed to respond to the higher information load. Under realistic-fabricated information, about 65% of the subjects would depart from their current route. The results indicate that females and subjects with a higher driving experience are more likely to change their route. In addition, those subjects who are more sensitive to the DMS's traffic-related messages and those who use DMS under congested traffic condition are more likely to divert. Interestingly, individuals with lower education level, Asians, those who live in urban areas, and those with trouble finding their direction in new routes are less likely to pick another route rather the one they planned for. 3. Regardless of the DMS hacking scenarios, drivers would engage in at least one of the distractive activities. Among the distractive activities, cognitive distraction has the highest impact on the distracted driving likelihood. Meaning, there is a high chance that drivers think of something other than driving, look at surrounding traffic and scenery, or talk to other passengers regarding the forged information they saw on the DMS. Drivers who rely and trust in technology, and those who check traffic condition before starting their trips tend to become distracted. In addition, the result identified that at the presence of bogus information, drivers tend to slow down or stop in order to react to the DMS. That is, they would either (1) become involved in activities through the means of their phone, (2) they would mind wander, look around, and talk to a passenger about the sign, and (3) search for extra information by means of their vehicle's radio or internet. 4. Females, black individuals, subjects with a disability, older, and those with high trust in DMS are less likely to ignore the fabricated messages. In contrary, white, those who drive long hours, and those who see driving as a tedious task are more likely to ignore the bogus messages. Drivers who comply with traffic regulations and have a good driving record are likely to slow down under the tampered messages. Furthermore, female drivers and those who live in rural areas are more likely to slow down under fabricated advisory information. Furthermore, this dissertation identifies that planning for alternative route and involvement in distractive activities cause speed variation behaviors under the compromised DMS. This dissertation is the first to investigate the adverse impact of a compromised DMS on the road users and operators. I attempt to address the current gap in the literature by assessing and evaluating the impact of ITS security vulnerabilities. Broader impacts of this study include (1) to systematically raising awareness among policy-makers and engineers, (2) motivating further simulations and real-world experiments to investigate this matter further, (3) to systematically assessing the adverse impact of a security breach on transportation reliability and safety, and drivers' behavior, and (4) providing insights for system operators and decision-makers to prioritize the risk of a compromised DMS. Additionally, the outcome can be integrated with the nationwide connected vehicle and V2X implementations and security design. / Doctor of Philosophy / Security threats are targeting institutions and infrastructure around the world, and the frequency and severity of security attacks are on the rise. Healthcare manufacturing, financial services, education, government, and transportation are among the industries that are the most lucrative targets for adversaries. Hacking is not just about companies, organizations, or banks; it also includes critical infrastructure. Intelligent Transportation Systems have been deployed with a focus on increasing efficiency and safety in the face of dramatic increases in traffic volume. Although many studies have been performed and many security primitives have been proposed, there are significant concerns about flawless performance in a dynamic environment. A holistic security approach, in which all infrastructure performs within the satisfactory level of security remains undiscovered. Previously, hacking of road infrastructure was a rare event, however, in recent years, field devices, such as dynamic message signs, are hacked with higher frequency. The primary reason that transportation assets are vulnerable to cyber-attacks is that of their location in public. A more dramatic scenario occurs when hackers attempt to convey tampered instructions to the public. Analyzing traveler behavior in response to the hacked messages sign on the basis of empirical data is a vital step toward operating a secure and reliable transportation system. This study is the first to investigate the adversarial impact of a compromised message sign on the road users and operators. I attempt to address the current gap in the literature by assessing and evaluating the impact of ITS security vulnerabilities.

Intelligent Transportation Systems

Cyber Security

Cyber-Physical Systems

Vulnerability Assessment

Attack Tree

Dynamic Message Sign

Risk Assessment

Impact Assessment

Travelers Behavior

Distracted Driving

Speed Variation

Route Divergence