Intrusion Detection of Flooding DoS Attacks on Emulated Smart Meters

Akbar, Yousef M. A. H.

11 May 2020

The power grid has changed a great deal from what has been generally viewed as a traditional power grid. The modernization of the power grid has seen an increase in the integration and incorporation of computing and communication elements, creating an interdependence of both physical and cyber assets of the power grid. The fast-increasing connectivity has transformed the grid from what used to be primarily a physical system into a Cyber- Physical System (CPS). The physical elements within a power grid are well understood by power engineers; however, the newly deployed cyber aspects are new to most researchers and operators in this field. The new computing and communications structure brings new vulnerabilities along with all the benefits it provides. Cyber security of the power grid is critical due to the potential impact it can make on the community or society that relies on the critical infrastructure. These vulnerabilities have already been exploited in the attack on the Ukrainian power grid, a highly sophisticated, multi-layered attack which caused large power outages for numerous customers. There is an urgent need to understand the cyber aspects of the modernized power grid and take the necessary precautions such that the security of the CPS can be better achieved. The power grid is dependent on two main cyber infrastructures, i.e., Supervisory Control And Data Acquisition (SCADA) and Advanced Metering Infrastructure (AMI). This thesis investigates the AMI in power grids by developing a testbed environment that can be created and used to better understand and develop security strategies to remove the vulnerabilities that exist within it. The testbed is to be used to conduct and implement security strategies, i.e., an Intrusion Detections Systems (IDS), creating an emulated environment to best resemble the environment of the AMI system. A DoS flooding attack and an IDS are implemented on the emulated testbed to show the effectiveness and validate the performance of the emulated testbed. / M.S. / The power grid is becoming more digitized and is utilizing information and communication technologies more, hence the smart grid. New systems are developed and utilized in the modernized power grid that directly relies on new communication networks. The power grid is becoming more efficient and more effective due to these developments, however, there are some considerations to be made as for the security of the power grid. An important expectation of the power grid is the reliability of power delivery to its customers. New information and communication technology integration brings rise to new cyber vulnerabilities that can inhibit the functionality of the power grid. A coordinated cyber-attack was conducted against the Ukrainian power grid in 2015 that targeted the cyber vulnerabilities of the system. The attackers made sure that the grid operators were unable to observe their system being attacked via Denial of Service attacks. Smart meters are the digitized equivalent of a traditional energy meter, it wirelessly communicates with the grid operators. An increase in deployment of these smart meters makes it such that we are more dependent on them and hence creating a new vulnerability for an attack. The smart meter integration into the power grid needs to be studied and carefully considered for the prevention of attacks. A testbed is created using devices that emulate the smart meters and a network is established between the devices. The network was attacked with a Denial of Service attack to validate the testbed performance, and an Intrusion detection method was developed and applied onto the testbed to prove that the testbed created can be used to study and develop methods to cover the vulnerabilities present.

Denial of Service (DoS)

Advanced Metering Infrastructure (AMI)

Wireless Mesh Network (WMN)

Cyber-Physical System (CPS)

Power Grid

Cyber Security of Smart Meters

Systems Health Management for Resilient Extraterrestrial Habitation

Murali Krishnan Rajasekharan Pillai (18390546)

17 April 2024

<p dir="ltr">Deep-space extraterrestrial missions require operating, supporting, and maintaining complex habitat systems at light minutes from Earth.</p><p dir="ltr">These habitation systems operate in harsh, unforgiving environments, will be sparsely crewed, and must be more autonomous than current space habitats, as communication delays will severely constrain Earth-based support.</p><p dir="ltr">Long-duration missions, limited knowledge of the extraterrestrial environment, and the need for self-sufficiency make these habitats vulnerable to a wide range of risks and failures, many of which are impossible to premeditate.</p><p dir="ltr">Therefore, it is necessary to design these systems to be resilient to faults and failures, thoughtfully designed to be situationally aware of their operational state and engage control mechanisms that maintain safe operations when migrating towards unsafe regions of operation.</p><p dir="ltr">Resilience-oriented design of such systems requires a holistic systems approach that represents the system's dynamic behavior, its control-oriented behaviors, and the interactions between them as it navigates through regions of safe and unsafe operations.</p><p dir="ltr">Only through this integrated approach can we fully understand how the system will behave under various conditions and design controls to prevent performance loss and ensure resilient operations.</p><p dir="ltr">Systems health management (SHM) is a key component for the resilience-oriented design of extraterrestrial habitats.</p><p dir="ltr">SHM capabilities enable intelligent autonomous control capabilities that can:</p><p dir="ltr">a) sense, diagnose, and isolate the root causes of anomalies,</p><p dir="ltr">b) predict how the system's behavior may evolve, and</p><p dir="ltr">c) select and execute recovery actions to restore system performance when appropriate.</p><p dir="ltr">Modern SHM technologies increasingly rely on intelligent autonomous control capabilities to manage system health and adapt behavior to maintain system performance.</p><p dir="ltr">This is achieved through complex nonlinear informational dependencies and control feedback loops that are difficult to design and verify using traditional risk assessment and resilience engineering methods.</p><p dir="ltr">This research contributes to enhancing the conceptual and preliminary design phases for developing resilient complex systems with embedded intelligent control-oriented behaviors.</p><p dir="ltr">It presents the required systems engineering tools and frameworks, enabling us to study the dynamic behavior of systems as they approach and recover from unsafe operations.</p><p dir="ltr">Further, it demonstrates how these tools and frameworks can quantify and gain insights into system resilience and support engineering decisions.</p><p dir="ltr">The work is contextualized within the broader systems engineering approach for designing complex, resilient extraterrestrial habitation systems.</p>

Systems engineering

Health management

Deep Space Missions

Habitation

Health Management system

Cyber Physical Systems (CPS)

Complex systems engineering

REACHABILITY ANALYSIS OF HUMAN-IN-THE-LOOP SYSTEMS USING GAUSSIAN MIXTURE MODEL WITH SIDE INFORMATION

Cheng-Han Yang (18521940)

08 May 2024

<p dir="ltr">In the context of a Human-in-the-Loop (HITL) system, the accuracy of reachability analysis plays a significant role in ensuring the safety and reliability of HITL systems. In addition, one can avoid unnecessary conservativeness by explicitly considering human control behavior compared to those methods that rely on the system dynamics alone. One possible approach is to use a Gaussian Mixture Model (GMM) to encode human control behavior using the Expectation-Maximization (EM) algorithm. However, relatively few works consider the admissible control input ranges due to physical limitations when modeling human control behavior. This could make the following reachability analysis overestimate the system's capability, thereby affecting the performance of the HITL system. To address this issue, this work presents a constrained stochastic reachability analysis algorithm that can explicitly account for the admissible control input ranges. By confining the ellipsoidal confidence region of each Gaussian component using Sequential Quadratic Programming (SQP), we probabilistically constrain the GMM as well as the corresponding stochastic reachable sets. A comprehensive mathematical analysis of how the constrained GMM can affect the stochastic reachable sets is provided in this work. Finally, the proposed stochastic reachability analysis algorithm is validated via an illustrative numerical example.</p>

reachability analysis techniques

human-in-the-loop control systems

Cyber-Physical System (CPS) safety

Human Behavior Modeling

Gaussian mixture distribution

SOSLite: Soporte para Sistemas Ciber-Físicos y Computación en la Nube

Pradilla Ceron, Juan Vicente

16 January 2017

Cyber-Physical Systems (CPS) have become one of the greatest research topics today; because they pose a new complex discipline, which addresses big existing and future systems as the Internet, the Internet of Things, sensors networks and smart grids. As a recent discipline, there are many possibilities to improve the state of the art, interoperability being one of the most relevant. Thus, this thesis has been created within the framework of interoperability for CPS, by using the SOS (Sensor Observation Service) standard, which belongs to the SWE (Sensor Web Enablement) framework of the OGC (Open Geospatial Consortium). It has been developed to give rise to a new line of research within the Distributed Real-Time Systems and Applications group (SATRD for its acronym in Spanish) from the Communications Department of the Polytechnic University of Valencia (UPV for its acronym in Valencian). The approach, with which the interoperability in the CPS has been addressed, is of synthetic type (from parts to whole), starting from a verifiable and workable solution for interoperability in sensor networks, one of the most significant CPSs because it is integrated in many other CPSs, next adapting and testing the solution in more complex CPS, such as the Internet of Things. In this way, an interoperability solution in sensor networks is proposed based on the SOS, but adapted to some requirements that makes of this mechanism a lighter version of the standard, which facilitates the deployment of future implementations due to the possibility of using limited devices for this purpose. This theoretical solution is brought to a first implementation, called SOSLite, which is tested to determine its characteristic behavior and to verify the fulfillment of its purpose. Analogously, and starting from the same theoretical solution, a second implementation is projected called SOSFul, which proposes an update to the SOS standard so that it is lighter, more efficient and easier to use. The SOSFul, has a more ambitious projection by addressing the Internet of Things, a more complex CPS than sensors networks. As in the case of the SOSLite, tests are performed and validation is made through a use case. So, both the SOSLite and the SOSFul are projected as interoperability solutions in the CPS. Both implementations are based on the theoretical proposal of a light SOS and are available for free and under open source licensing so that it can be used by the research community to continue its development and increase its use. / Los Sistemas Ciber-Físicos (CPS) se han convertido en uno de los temas de investigación con mayor proyección en la actualidad; debido a que plantean una nueva disciplina compleja, que aborda sistemas existentes y futuros de gran auge como: la Internet, la Internet de las Cosas, las redes de sensores y las redes eléctricas inteligentes. Como disciplina en gestación, existen muchas posibilidades para aportar al estado del arte, siendo la interoperabilidad uno de los más relevantes. Así, esta tesis se ha creado en el marco de la interoperabilidad para los CPS, mediante la utilización del estándar SOS (Sensor Observation Service) perteneciente al marco de trabajo SWE (Sensor Web Enablement) del OGC (Open Geospatial Consortium). Se ha desarrollado para dar surgimiento a una nueva línea de investigación dentro del grupo SATRD (Sistemas y Aplicaciones de Tiempo Real Distribuidos) del Departamento de Comunicaciones de la UPV (Universitat Politècnica de València). La aproximación con la cual se ha abordado la interoperabilidad en los CPS es de tipo sintética (pasar de las partes al todo), iniciando desde una solución, verificable y realizable, para la interoperabilidad en las redes de sensores, uno de los CPS más significativos debido a que se integra en muchos otros CPS, y pasando a adaptar y comprobar dicha solución en CPS de mayor complejidad, como la Internet de las Cosas. De esta forma, se propone una solución de interoperabilidad en las redes de sensores fundamentada en el SOS, pero adaptada a unos requerimientos que hacen de este mecanismo una versión más ligera del estándar, con lo que se facilita el despliegue de futuras implementaciones debido a la posibilidad de emplear dispositivos limitados para tal fin. Dicha solución teórica, se lleva a una primera implementación, denominada SOSLite, la cual se prueba para determinar su comportamiento característico y verificar el cumplimiento de su propósito. De forma análoga y partiendo de la misma solución teórica, se proyecta una segunda implementación, llamada SOSFul, la cual propone una actualización del estándar SOS de forma que sea más ligero, eficiente y fácil de emplear. El SOSFul, tiene una proyección más ambiciosa al abordar la Internet de las Cosas, un CPS más complejo que las redes de sensores. Como en el caso del SOSLite, se realizan pruebas y se valida mediante un caso de uso. Así, tanto el SOSLite como el SOSFul se proyectan como soluciones de interoperabilidad en los CPS. Ambas implementaciones parten de la propuesta teórica de SOS ligero y se encuentran disponibles de forma gratuita y bajo código libre, para ser empleados por la comunidad investigativa para continuar su desarrollo y aumentar su uso. / Els sistemes ciberfísics (CPS, Cyber-Physical Systems) s'han convertit en un dels temes de recerca amb major projecció en l'actualitat, a causa del fet que plantegen una nova disciplina complexa que aborda sistemes existents i futurs de gran auge, com ara: la Internet, la Internet de les Coses, les xarxes de sensors i les xarxes elèctriques intel·ligents. Com a disciplina en gestació, hi ha moltes possibilitats per a aportar a l'estat de la qüestió, sent la interoperabilitat una de les més rellevants. Així, aquesta tesi s'ha creat en el marc de la interoperabilitat per als CPS, mitjançant la utilització de l'estàndard SOS (Sensor Observation Service) pertanyent al marc de treball SWE (Sensor Web Enablement) de l'OGC (Open Geospatial Consortium). S'ha desenvolupat per a iniciar una nova línia de recerca dins del Grup de SATRD (Sistemes i Aplicacions de Temps Real Distribuïts) del Departament de Comunicacions de la UPV (Universitat Politècnica de València). L'aproximació amb la qual s'ha abordat la interoperabilitat en els CPS és de tipus sintètic (passar de les parts al tot), iniciant des d'una solució, verificable i realitzable, per a la interoperabilitat en les xarxes de sensors, un dels CPS més significatius pel fet que s'integra en molts altres CPS, i passant a adaptar i comprovar aquesta solució en CPS de major complexitat, com la Internet de les Coses. D'aquesta forma, es proposa una solució d'interoperabilitat en les xarxes de sensors fonamentada en el SOS, però adaptada a uns requeriments que fan d'aquest mecanisme una versió més lleugera de l'estàndard, amb la qual cosa es facilita el desplegament de futures implementacions per la possibilitat d'emprar dispositius limitats a aquest fi. Aquesta solució teòrica es porta a una primera implementació, denominada SOSLite, que es prova per a determinar el seu comportament característic i verificar el compliment del seu propòsit. De forma anàloga i partint de la mateixa solució teòrica, es projecta una segona implementació, anomenada SOSFul, que proposa una actualització de l'estàndard SOS de manera que siga més lleuger, eficient i fàcil d'emprar. El SOSFul té una projecció més ambiciosa quan aborda la Internet de les Coses, un CPS més complex que les xarxes de sensors. Com en el cas del SOSLite, es realitzen proves i es valida mitjançant un cas d'ús. Així, tant el SOSLite com el SOSFul, es projecten com a solucions d'interoperabilitat en els CPS. Ambdues implementacions parteixen de la proposta teòrica de SOS lleuger, i es troben disponibles de forma gratuïta i en codi lliure per a ser emprades per la comunitat investigadora a fi de continuar el seu desenvolupament i augmentar-ne l'ús. / Pradilla Ceron, JV. (2016). SOSLite: Soporte para Sistemas Ciber-Físicos y Computación en la Nube [Tesis doctoral]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/76808

Sensor Observation Service (SOS)

Cyber Physical Systems (CPS)

Fog Computing (FC)

Internet of Things (IoT)

Cloud Computing (CC)

Sensor Web Enablement (SWE)

INGENIERIA TELEMATICA

Achieving Compositional Security and Privacy in IoT Environments

Muslum Ozgur Ozmen (18870154)

11 September 2024

<p dir="ltr">The Internet of Things (IoT) systems include sensors that measure the physical world, actuators that influence it, and IoT apps that automate these sensors and actuators. Although IoT environments have revolutionized our lives by integrating digital connectivity into physical processes, they also introduce unique security and privacy concerns. Particularly, these systems include multiple components that are unified through the cyber and physical domains. For instance, smart homes include various devices and multiple IoT apps that control these devices. Thus, attacks against any single component can have rippling effects, amplifying due to the composite behavior of sensors, actuators, apps, and the physical environment.</p><p dir="ltr">In this dissertation, I explore the emerging security and privacy issues that arise from the complex physical interactions in IoT environments. To discover and mitigate these emerging issues, there is a need for composite reasoning techniques that consider the interplay between digital and physical domains. This dissertation addresses these challenges to build secure IoT environments and enhance user privacy with new formal techniques and systems.</p><p dir="ltr">To this end, I first describe my efforts in ensuring the safety and security of IoT en- vironments. Particularly, I introduced IoTSeer, a security service that discovers physical interaction vulnerabilities among IoT apps. I then proposed attacks that evade prior event verification systems by exploiting the complex physical interactions between IoT sensors and actuators. To address them, I developed two defenses, software patching and sensor placement, to make event verification systems robust against evasion attacks. These works provide a suite of tools to achieve compositional safety and security in IoT environments. </p><p dir="ltr">Second, I discuss my work that identifies the privacy risks of emerging IoT devices. I designed DMC-Xplorer to find vulnerabilities in voice assistant platforms and showed that an adversary can eavesdrop on privacy-sensitive device states and prevent users from controlling devices. I then developed a remote side-channel attack against intermittent devices to infer privacy-sensitive information about the environment in which they are deployed. These works highlight new privacy issues in emerging commodity devices used in IoT environments.</p>

Data and information privacy

System and network security

IoT Security

Cyber-physical systems security

Internet of Things

Privacy

Formal Methods

ILoViT: Indoor Localization via Vibration Tracking

Poston, Jeffrey Duane

23 April 2018

Indoor localization remains an open problem in geolocation research, and once this is solved the localization enables counting and tracking of building occupants. This information is vital in an emergency, enables occupancy-optimized heating or cooling, and assists smart buildings in tailoring services for occupants. Unfortunately, two prevalent technologies---GPS and cellular-based positioning---perform poorly indoors due to attenuation and multipath from the building. To address this issue, the research community devised many alternatives for indoor localization (e.g., beacons, RFID tags, Wi-Fi fingerprinting, and UWB to cite just a few examples). A drawback with most is the requirement for those being located to carry a properly-configured device at all times. An alternative based on computer vision techniques poses significant privacy concerns due to cameras recording building occupants. By contrast, ILoViT research makes novel use of accelerometers already present in some buildings. These sensors were originally intended to monitor structural health or to study structural dynamics. The key idea is that when a person's footstep-generated floor vibrations can be detected and located then it becomes possible to locate persons moving within a building. Vibration propagation in buildings has complexities not encountered by acoustic or radio wave propagation in air; thus, conventional localization algorithms are inadequate. ILoVIT algorithms account for these conditions and have been demonstrated in a public building to provide sub-meter accuracy. Localization provides the foundation for counting and tracking, but providing these additional capabilities confronts new challenges. In particular, how does one determine the correct association of footsteps to the person making them? The ILoViT research created two methods for solving the data association problem. One method only provides occupancy counting but has modest, polynomial time complexity. The other method draws inspiration from prior work in the radar community on the multi-target tracking problem, specifically drawing from the multiple hypothesis tracking strategy. This dissertation research makes new enhancements to this tracking strategy to account for human gait and characteristics of footstep-derived multilateration. The Virginia Polytechnic Institute and State University's College of Engineering recognized this dissertation research with the Paul E. Torgersen Graduate Student Research Excellence Award. / Ph. D. / Indoor localization remains an open problem in geolocation research, and once this is solved the localization enables counting and tracking of building occupants. This information is vital in an emergency, enables occupancy-optimized heating or cooling and assists smart buildings in tailoring services for occupants. Unfortunately, two prevalent technologies—GPS and cellular-based positioning—are ill-suited here due to the way a building’s weakens and distorts wireless signals. To address this issue the research community devised many alternatives for indoor localization. A drawback with most is the requirement for those being located to carry a properly-configured device at all times. An alternative based on computer vision techniques poses significant privacy concerns due to cameras recording building occupants. By contrast, ILoViT research makes novel use of a mature sensor technology already present in some buildings. These sensors were originally intended to monitor structural health or to study structural dynamics. The key idea behind this unconventional role for building sensors is that when a person’s footstep-generated floor vibrations can be detected and located then it is possible to locate persons moving within a building. Vibration propagation in buildings has complexities not encountered by acoustic or radio wave propagation in air; thus, conventional localization algorithms designed for those applications are inadequate. ILoVIT algorithms account for these conditions and have been demonstrated in a public building to provide sub-meter accuracy. Localization provides the foundation for counting and tracking, but providing these additional capabilities confronts new challenges. In particular, how does one determine the correct association of footsteps to the person making them? The ILoViT research created two methods for solving the data association problem. One method only provides area occupancy counting but has modest complexity. The other method draws inspiration from prior work in the radar community on the multi-target tracking problem, and the dissertation research makes new enhancements to account for human gait and footstep-based localization. The Virginia Polytechnic Institute and State University’s College of Engineering recognized this dissertation research with the Paul E. Torgersen Graduate Student Research Excellence Award.

Accelerometer

Cyber-Physical System (CPS)

Gait

Indoor Geolocation

Localization

Multilateration

Multi-Target Tracking (MTT)

Multiple Hypothesis Tracking (MHT)

Positioning

Seismic

Sensor Network

Smart Building

Vibration

Assessment scheme for product and production flexibility – An industrial case study

Beibl, Julia, Krause, Dieter

09 October 2024

Volatile markets and the integration of products into cyber physical systems state new challenges for companies. Especially products with long development times are more difficult to design since the quality of market forecasts decreases and the rate of change increases. It becomes necessary to continuously develop products and implement smaller changes according to current market trends to keep them attractive and remain able to offer them at a competitive price. To manage the challenging market development, companies need to increase their flexibility. Therefore, the product family and the production system must be redesigned together to facilitate the implementation of unpredictable product changes in the product family and the corresponding production system. This paper presents a case study conducted at a German car manufacturer, which is used to derive criteria for the comparison of modular product concepts in terms of flexibility from a product development and production perspective.

info:eu-repo/classification/ddc/620

ddc:620

Framtidens industri: Från visionen Industri 4.0 idag till verkligheten imorgon : En fallstudie på HordaGruppen AB

Ekelöf, Alexander, Stålring, Mikaela

January 2016

Företags framtid ligger i dess egna händer; beroende på hur väl de anpassar sig till nya förutsättningar i alla dess former så kommer vissa att överleva medan andra går i graven. Under flera hundra år har utvecklingen inom industrin medfört att företag kommit och gått. Idag står vi enligt flera inför randen till en ny teknisk era med en fjärde industriell revolution som följd, Industri 4.0. Vi har en evolution mot en mer automatiserad tillverkningsindustri där allt fler moment sker utan en människas händer bakom spakarna. Industri 4.0 ses av många som en vision om hur framtiden kommer att se ut inom tillverkningsindustrin. Många av de idéer samt teknik som finns inom denna vision går att ta del av redan idag och möjligheterna till att förbereda sig för framtiden finns redan och det gäller att så snabbt som möjligt börja ställa om för detta. I takt med att industrin och dess konkurrens förändras kommer kraven på kvalité öka samtidigt som tillverkningen måste blir mer resurseffektiv. Området är mycket viktigt att belysa då det är ett nytt område där det tidigare inte skett mycket forskning. Att belysa detta område kan även komma att inspirera andra till ytterligare studier inom området och främja utvecklingen för fler företag än endast fallföretaget i denna studie: HordaGruppen. Syftet med studien har varit att inledningsvis få en förståelse för vilka tankar och idéer om framtiden som finns inom industrin idag för att senare kunna testa lösningar baserade på dessa idéer på några befintliga problem inom HordaGruppen, vars verksamhet finns inom plastindustrin. Lösningarna kan ses som de första stegen mot Industri 4.0 för att underlätta för företaget ifråga inför en framtida utveckling och ger även företaget möjlighet att börja samla in data kring processen, vilket i framtiden ger företag som HordaGruppen en fördel gentemot konkurrenter som påbörjar sin omställning senare. Utgångspunkten för studien har varit en kvalitativ studie med aktionsforskning och fallstudie som angreppsätt. Fallstudien har utförts genom en intervju med John Lejon, affärsutvecklare på HordaGruppen och en öppen diskussion med produktionsledare Valdet Berisha angående maskinen som är fokuserad på. Data till studien har erhållits genom artiklar skrivna inom området samt en intervju med grundaren till ett stort statligt projekt i Tyskland, Philipp Ramin, där de startat ett innovationscentrum för Industri 4.0. Resultatet i rapporten är att med hjälp av dagens teknik går det att ta de första stegen mot visionen Industri 4.0. All teknik finns självklart inte, men med hjälp av den teknik som finns idag kan olika företag inom tillverkningsindustrin dra fördelar av att starta omställningen mot Industri 4.0 redan idag. / The future of industry is in companies own hands. Today we are going to a more automated manufacturing industry where human beings are less involved and it is more crucial than ever before to adapt to new changes in the industry and technology. Internet of things and cyber physical systems are becoming a bigger part of our lives. This case study on HordaGruppen is focused on how HordaGruppen from the plastic industry can develop with some ideas from the vision Industry 4.0 in order to ensure the quality of the product. Most of the technology needed for Industry 4.0 is available today and there is no reason not to start using it. The study will introduce to Industry 4.0 and the basic ideas that the vision stands for and then try to define and solve some problems within one machine in one of their plants. The results presented in this study shows that using sensors and other technology available today you can take the first steps towards Industry 4.0.

Industry 4.0

Industrie 4.0

Future of industry

Cyber physical system

Internet of things

Artificial intelligence

Value network

Evolution

Revolution

AI

IoT

CPS

I40

Industri 4.0

Sakernas internet

Cyber fysiska system

Framtidens industri

Artificiell intelligens

Värde nätverk

Evolution

Revolution

AI

IoT

CPS

I40

Intégration de modèles de réseaux IP à un multi-modèle DEVS, pour la co-simulation de systèmes cyber-physiques / Integration of IP network models to DEVS multi-models, for cyber-physical system co-simulations

Vaubourg, Julien

25 April 2017

Modéliser et simuler (M&S) un système cyber-physique (SCP) peut nécessiter de représenter des éléments provenant de trois domaines d'expertise à la fois : systèmes physiques, systèmes d'informations et réseaux de communication (IP). Le simulateur universel disposant de toutes les compétences nécessaires n'existant pas, il est possible de regrouper des modèles issus des différentes communautés, à l'aide d'un multi-modèle. Les défis sont alors 1) intégrer toute l'hétérogénéité du multi-modèle (formalismes, représentations, implémentations), 2) intégrer des modèles IP de façon à ce qu'ils soient en capacité de représenter le transport de données applicatives produites par des modèles externes et 3) les intégrer de façon à ce qu'ils puissent se compléter, pour représenter ensemble les réseaux IP parfois hétérogènes d'un SCP. Pour parvenir à répondre à ces défis, nous nous inscrivons dans la continuité des travaux de M&S autour de MECSYCO, une plateforme de co-simulation basée sur la notion de wrapping DEVS. Nous proposons de définir un cadre général pour réussir à wrapper en DEVS des modèles IP, avec 1) une structuration des différents niveaux de problèmes pour l'intégration de modèles IP dans une co-simulation (délimitation des objectifs et contraintes du wrapping), et 2) une proposition de stratégie de wrapping DEVS de modèles IP et leurs simulateurs. Nous évaluerons notre approche à travers la démonstration de l'intégration de deux simulateurs IP populaires, et d'exemples concrets de M&S de SCP (avec notamment une interconnexion de modèles entre NS-3 et OMNeT++/INET, et une application industrielle utilisée par EDF R&D) / Modeling and simulation (M&S) of cyber-physical systems (CPS) can require representing components from three expertise fields: physics, information systems, and communication networks (IP). There is no universal simulator with all of the required skills, but we can gather and interconnect models provided by the communities, with a multi-model. The challenges are 1) integrating all heterogeneities in a multi-model (formalisms, representations, implementations), 2) integrating IP models in a way enabling them to represent the transport of application data produced by external models, and 3) integrating IP models in a way enabling them to complete each other, to be able to represent CPS heterogeneous IP networks. In order to meet these challenges, we relied our solution on the works around MECSYCO, a co-simulation platform based on the DEVS wrapping principle. We propose to define a comprehensive framework enabling to achieve DEVS wrapping of IP models, with 1) a structuration of different issue levels when integrating IP models in a co-simulation (goals and constraints of the wrapping) and 2) a proposition of a DEVS wrapping strategy for IP models and their simulators. We propose some evaluations of our approach, through the integration of two popular IP simulators, and concrete examples of CPS M&S (inter alia, with an example of a models interconnection between NS-3 and OMNeT++/INET, and an industrial application used by EDF R&D)

Système cyber-physique

Réseau IP

DEVS

Multi-modélisation

Co-simulation

MECSYCO

NS-3

OMNeT++

Cyber-physical system

IP Network

DEVS

Multi-modeling

Co-simulation

MECSYCO

NS-3

OMNeT++

005.1

Prise en compte des risques de cyber-attaques dans le domaine de la sécurité des systèmes cyber-physiques : proposition de mécanismes de détection à base de modèles comportementaux / Addressing cyber-attack risks for the security of cyber-physical systems : proposition of detection mechanisms based on behavioural models

Sicard, Franck

11 October 2018

Les systèmes de contrôle-commande industriels (Industrial Control System, ICS) sont des infrastructures constituées par un ensemble de calculateurs industriels reliés en réseau et permettant de contrôler un système physique. Ils assurent le pilotage de réseaux électriques (Smart Grid), de systèmes de production, de transports, de santé ou encore de systèmes d’armes. Pensés avant tout pour assurer productivité et respect de la mission dans un environnement non malveillant, les ICS sont, depuis le 21ème siècle, de plus en plus vulnérables aux attaques (Stuxnet, Industroyer, Triton, …) notamment avec l’arrivée de l’industrie 4.0. De nombreuses études ont contribué à sécuriser les ICS avec des approches issues du domaine de la sécurité (cryptographie, IDS, etc…) mais qui ne tiennent pas compte du comportement du système physique et donc des conséquences de l’acte de malveillance en lui-même. Ainsi, une sécurisation se limitant exclusivement à l’analyse des informations qui transitent sur un réseau industriel n’est pas suffisante. Notre approche amène un changement de paradigme dans les mécanismes de détection en y intégrant la modélisation du comportement du système cyber-physique.Cette thèse propose des mécanismes de détection d’attaques en se positionnant au plus proche de la physique. Ils analysent les données échangées entre le système de contrôle-commande et le système physique, et filtrent les échanges au travers de modèles déterministes qui représentent le comportement du système physique soumis à des lois de commande. A cet effet, une méthodologie de conception a été proposée dans laquelle l’ensemble des ordres est identifié afin de détecter les attaques brutales. Pour faire face aux autres attaques, en particulier celles plus sournoises, comme les attaques par séquences, nous proposons une stratégie de détection complémentaire permettant d’estimer l’occurrence d’une attaque avant que ses conséquences ne soient destructives. A cet effet, nous avons développé des concepts de distance d’un état caractérisé comme critique auquel nous avons adjoint un second mécanisme dit de trajectoire dans le temps permettant de caractériser une intention de nuire.L’approche proposée hybride ainsi deux techniques orientées sécurité (sonde IDS) et sûreté (approche filtre) pour proposer une stratégie de détection basée sur quatre mécanismes lié :• A la détection de contexte : basé sur l’état courant de l’ICS, un ordre émis par l’API peut être bloqué s’il conduit vers un état critique (attaque brutale).• Aux contraintes combinatoires (attaque par séquences) : vérifiées par les concepts de distance et de trajectoire (évolution de la distance).• Aux contraintes temporelles (attaque temporelle) : vérifiées par des fenêtres temporelles sur l’apparition d’évènements et d’indicateurs surveillant la durée moyenne d’exécution.• Aux sur-sollicitations basées sur un indicateur surveillant les commandes envoyées afin de prévenir un vieillissement prématuré (attaque sur les équipements).L’approche proposée a été appliquée sur différents exemples de simulation et sur une plateforme industrielle réelle où la stratégie de détection a montré son efficacité face à différents profils d’attaquant. / Industrial Control Systems (ICSs) are infrastructures composed by several industrial devices connected to a network and used to control a physical system. They control electrical power grid (Smart Grid), production systems (e.g. chemical and manufacturing industries), transport (e.g. trains, aircrafts and autonomous vehicles), health and weapon systems. Designed to ensure productivity and respect safety in a non-malicious environment, the ICSs are, since the 21st century, increasingly vulnerable to attacks (e.g. Stuxnet, Industroyer, Triton) especially with the emergence of the industry 4.0. Several studies contributed to secure the ICS with approaches from the security field (e.g. cryptography, IDS) which do not take into account the behavior of the physical system and therefore the consequences of the malicious act. Thus, a security approach limited exclusively to the analysis of information exchanged by industrial network is not sufficient. Our approach creates a paradigm shift in detection mechanisms by integrating the behavioral modeling of the cyber-physical system.This thesis proposes detection mechanisms of attacks by locating detection closer to physical system. They analyze the data exchanged between the control system and the physical system, and filter the exchanges through deterministic models that represent the behavior of the physical system controlled by control laws. For this purpose, a design methodology has been proposed in which all actions are identified in order to instantly detect brutal attacks. To deal with other attacks, especially the more sneaky, such as sequential attacks, we propose a complementary detection strategy to estimate the occurrence of an attack before its consequences are destructive. To this end, we have developed the concepts of distance of a state identified as critical to which we have added a second mechanism called trajectory which leads to a temporal notion that characterize an intention to harm.As part of this thesis, the proposed approach combines two techniques oriented security (IDS probe) and safety (filter approach) to propose a detection strategy based on four mechanisms related to:• Context detection: based on the current state of the system, an order sent by the PLC can be blocked by the control filter if it leads to a critical state (brutal attack).• Combinatorial constraints (sequential attack): verified by the concepts of distance (risk indicator for the current state) and trajectory (indicator of the intention to harm by studying the evolution of the distance on a sequence).• Temporal constraints (temporal attack): verified by time windows on the appearance of events and an indicator monitoring the average duration of execution.• Over-solicitation monitoring mechanism: based on an indicator monitoring orders sent to the actuators to prevent premature ageing of the production equipment (attack on the equipment).The proposed approach has been applied to various simulation examples and an industrial platform where the detection strategy has shown its effectiveness against different scenarios corresponding to attacker profiles.

Détection à base de modèles

Surveillance

Contrôle-Commande

Systèmes à évènements discrets

Cybersécurité

Systèmes Cyber-Physiques

Model-Based Detection

System Monitoring

Industrial Control Systems

Discrete-Event Systems

Cybersecurity

Cyber-Physical Systems

004