Aggregate Modeling of Large-Scale Cyber-Physical Systems

Zhao, Lin

January 2017

No description available.

Electrical Engineering

aggregate modeling

Fokker-Planck equation

population dynamics

stochastic hybrid system

smart grid

cyber-physical system

boundary conditions

Mission-aware Vulnerability Assessment for Cyber-Physical System

Wang, Xiaotian

31 August 2015

No description available.

Computer Engineering

Computer Science

Model Development for Autonomous Short-Term Adaptation of Cobots' Motion Speed to Human Work Behavior in Human-Robot Collaboration Assembly Stations

Jeremy Amadeus Deniz Askin (11625070)

26 July 2022

<p>  </p> <p>Manufacturing flexibility and human-centered designs are promising approaches to face the demand for individualized products. Human-robot assembly cells still lack flexibility and adaptability (VDI, 2017) using static control architectures (Bessler et al., 2020). Autonomous adaptation to human operators in short time horizons increases the willingness to work with cobots. Besides, monotonous static assembling in manufacturing operations does not accommodate the human way of working. Therefore, Human-Robot Collaboration (HRC) workstations require a work behavior adaptation accommodating varying work behavior regarding human mental and physical conditions (Weiss et al., 2021). The thesis presents the development of a cyber-physical HRC assembly station.</p> <p>Moreover, the thesis includes an experimental study investigating the influence of a cobot’s speed on human work behavior. The Cyber-Physical System (CPS) integrates the experiment's findings with event-based software architecture and a semantic knowledge representation. Thereby, the work focuses on demonstrating the feasibility of the CPS and the semantic model, allowing the self-adaptation of the system. Finally, the conclusion identifies the need for further research in human work behavior detection and fuzzy decision models. Such detection and decision models could improve self-adaptation in human-centered assembly systems.</p>

Flexible manufacturing systems

Industrial engineering

Semantic Model

Human-Robot Collaboration

Cyber-Physical Production Systems

Self-adaptation

Self-awareness

Integrating Cyber-Physical Systems in large manufacturing organizations : Analyzing organizational challenges and digital transformation strategy for integrating Cyber-Physical Systems in the welding process

Wikström, Jonatan, Gedda, Fredrik

January 2022

In the industrial sector, next generation technologies are being rapidly developed. One of the promising technologies is cyber-physical systems which are being used to revolutionize the welding process. A cyber-physical system can greatly improve the welding processes by taking over the tasks performed by humans, such as analysis, control and sensing which results in increased efficiency, quality, and stability of the welding process. However, integrating cyber-physical systems in the welding process requires a digital transformation strategy that outlines how organizational and technical challenges are intended to be resolved. The aim of the study is to identify the organizational challenges of integrating cyber-physical systems, and how to overcome them with the use of a digital transformation strategy. For this, the study adopts a qualitative case study approach to investigate the organizational challenges of integrating a cyber-physical system in the welding process of a large manufacturing organization. Further, it outlines aspects required in a digital transformation strategy to succeed with the integration.  The findings indicate that common challenges when integrating cyber-physical systems revolve around building secure networks, securing competencies, committing to the integration, and achieving transparency between management and employees. In addition, when formulating a digital transformation strategy, the findings indicate three factors that contribute to the success of the transformation. These are involvement of critical digital skills, undergoing required structural changes and reengineering organizational work processes where the cyber-physical system aims to be integrated.  Besides providing practical implications for the challenges and formulation of a digital transformation strategy for implementing cyber-physical systems in the welding process, the study contributes to the literature on digital transformation strategy and cyber-physical systems in manufacturing organizations.

Cyber-physical systems

Digital transformation

Digital transformation strategy

Digital transformation maturity

Welding process

Business Administration

Företagsekonomi

Engineering and Technology

Teknik och teknologier

Intelligence Orchestration in IoT and Cyber-Physical Systems

Jayagopan, Maheswaran, Saseendran, Ananthu

January 2022

The number of IoT and cyber-physical systems will be growing in the comingfuture. According to estimates, more than 21 billion IoT devices are expectedto exist by 2025. The adoption of Digital Twins and AI-enhanced IoTapplications is projected to fuel the expected increase in IoT spending.It is essential to accelerate the development., deployment, and administrationof these IoT applications, which can be accomplished by orchestrating IoTcomponents, devices, services, and systems. IoT Intelligence orchestrationposes several obstacles that must be overcome for a wide range of domainspecific use cases and applications to follow and support business logic.This thesis aims to create a secure and full proof way of orchestratingintelligence within IoT devices from multiple ecosystems.It also aims tobreak down the current approach of monolithic development and introduce amixture of visual programming and distributed systems considering all thenecessary cyber-security aspects,.A comparison of the developed framework and the existing tool with thenecessary characteristics like security, response time and the accuracy too isincluded.of the thesis.

IoT

Cyber-physical systems

SSL

protocols

Workflow

Route mapping

MQTT

Lwm2m

HTTP

HTTPS

Intelligence Orchestration

Distributed systems

Computer Engineering

Datorteknik

Intrusion Detection and Recovery of a Cyber-Power System

Zhu, Ruoxi

06 June 2024

The advent of Information and Communications Technology (ICT) in power systems has revolutionized the monitoring, operation, and control mechanisms through advanced control and communication functions. However, this integration significantly elevates the vulnerability of modern power systems to cyber intrusions, posing severe risks to the integrity and reliability of the power grid. This dissertation presents the results of a comprehensive study into the detection of cyber intrusions and restoration of cyber-power systems post-attack with a focus on IEC 61850 based substations and recovery methodologies in the cyber-physical system framework. The first step of this study is to develop a novel Intrusion Detection System (IDS) specifically designed for deployment in automated substations. The proposed IDS effectively identifies falsified measurements within Manufacturing Messaging Specification (MMS) messages by verifying the consistency of electric circuit laws. This distributed approach helps avoid the transfer of contaminated measurements from substations to the control center, ensuring the integrity of SCADA systems. Utilizing a cyber-physical system testbed and the IEEE 39-bus test system, the IDS demonstrates high detection accuracy and validates its efficacy in real-time operational environments. Building upon the intrusion detection methodology, this dissertation advances into cyber system recovery strategies, which are designed to meet the challenges of restoring a power grid as a cyber-physical system following catastrophic cyberattacks. A novel restoration strategy is proposed, emphasizing the self-recovery of a substation automation system (SAS) within the substation through dynamic network reconfiguration and collaborative efforts among Intelligent Electronic Devices (IEDs). This strategy, validated through a cyber-power system testbed incorporating SDN technology and IEC 61850 protocol, highlights the critical role of cyber recovery in maintaining grid resilience. Further, this research extends its methodology to include a cyber-physical system restoration strategy that integrates an optimization-based multi-system restoration approach with cyber-power system simulation for constraint checking. This innovative strategy developed and validated using an Software Defined Networking (SDN) network for the IEEE 39-bus system, demonstrates the capability to efficiently restore the cyber-power system and maximize restoration capability following a large-scale cyberattack. Overall, this dissertation makes original contributions to the field of power system security by developing and validating effective mechanisms for the detection of and recovery from cyber intrusions in the cyber-power system. Here are the main contributions of this dissertation: 1) This work develops a distributed IDS, specifically designed for the substation automation environment, capable of pinpointing the targets of cyberattacks, including sophisticated attacks involving multiple substations. The effectiveness of this IDS in a real-time operational context is validated to demonstrate its efficiency and potential for widespread deployment. 2) A novel recovery strategy is proposed to restore the critical functions of substations following cyberattacks. This strategy emphasizes local recovery procedures that leverage the collaboration of devices within the substation network, circumventing the need for external control during the initial recovery phase. The implementation and validation of this method through a cyber-physical system testbed—specifically, within an IEC 61850 based Substation Automation System (SAS)—underscores its practicality and effectiveness in real-world scenarios. 3) The dissertation results in a new co-restoration strategy that integrates mixed integer linear programming to sequentially optimize the restoration of generators, power components, and communication nodes. This approach ensures optimal restoration decisions within a limited time horizon, enhancing the recovery capabilities of the cyber-power system. The application of an SDN based network simulator facilitates accurate modeling of cyber-power system interactions, including communication constraints and dynamic restoration scenarios. The strategy's adaptability is further improved by real-time assessment of the feasibility of the restoration sequence incorporating power flow and communication network constraints to ensure an effective recovery process. / Doctor of Philosophy / Electricity is a critical service that supports the society and economy. Today, electric power systems are becoming smarter, using advanced Information and Communications Technology to manage and distribute electricity more efficiently. This new technology creates a smart grid, a network that not only delivers power but also uses computers and other tools to remotely monitor electricity flows and address any issues that may arise. However, these smart systems with high connectivity utilizing information and communication systems can be vulnerable to cyberattacks, which could disrupt the electricity supply. To protect against these threats, this study is focused on creating systems that can detect when an abnormal condition is taking place in the cyber-power grid. These detection systems are designed to detect and identify signs of cyberattacks at key points in the power network, particularly at substations, which play a vital role in the delivery of electricity. Substations control the power grid operating conditions to make sure that electricity service is reliable and efficient for the consumers Just like traffic lights help manage the flow of vehicles, substations manage the flow of electricity to make sure electric energy is delivered to where it needed. Once a cyberattack is detected, the next step is to stop the attack and mitigate the impact it may have made to ensure that the power grid returns to normal operations as quickly as possible. This dissertation is concerned with the development and validation of analytical and computational methods to quickly identify the cyberattacks and prevent the disruptions to the electricity service. Also, the focus of this work is also on a coordinated recovery of both the cyber system ( digital controls and monitoring) and power system (physical infrastructure including transformers and transmission and distribution lines). This co-restoration approach is key to sustain the critical electricity service and ensures that the grid is resilient against the cyber threats. By developing strategies that address both the cyber and physical aspects, the proposed methodology aims to minimize downtime and reduce the impact of large-scale cyberattacks on the electrical infrastructure. The impact of the results of this dissertation is the enhancement of security and resilience of the electric energy supply in an era where the risks of cyber threats are increasingly significantly. Overall, by developing new methodologies to detect and respond to cyberattacks, the cyber-power system's capability to withstand and recover from cyberattacks is enhanced in the increasingly technology-dependent power grid environment.

Intrusion Detection

Intrusion Mitigation

Cyber Resilience

Cyber-Physical System

Cyber System Recovery

SCADA

DNP3

Digital Substations

IEC 61850

Deterministic Reactive Programming for Cyber-physical Systems

Menard, Christian

03 June 2024

Today, cyber-physical systems (CPSs) are ubiquitous. Whether it is robotics, electric vehicles, the smart home, autonomous driving, or smart prosthetics, CPSs shape our day-to-day lives. Yet, designing and programming CPSs becomes evermore challenging as the overall complexity of systems increases. CPSs need to interface (potentially distributed) computation with concurrent processes in the physical world while fulfilling strict safety requirements. Modern and popular frameworks for designing CPS applications, such as ROS and AUTOSAR, address the complexity challenges by emphasizing scalability and reactivity. This, however, comes at the cost of compromising determinism and the time predictability of applications, which ultimately compromises safety. This thesis argues that this compromise is not a necessity and demonstrates that scalability can be achieved while ensuring a predictable execution. At the core of this thesis is the novel reactor model of computation (MoC) that promises to provide timed semantics, reactivity, scalability, and determinism. A comprehensive study of related models indicates that there is indeed no other MoC that provides similar properties. The main contribution of this thesis is the introduction of a complete set of tools that make the reactor model accessible for CPS design and a demonstration of their ability to facilitate the development of scalable deterministic software. After introducing the reactor model, we discuss its key principles and utility through an adaptation of reactors in the DEAR framework. This framework integrates reactors with a popular runtime for adaptive automotive applications developed by AUTOSAR. An existing AUTOSAR demonstrator application serves as a case study that exposes the problem of nondeterminism in modern CPS frameworks. We show that the reactor model and its implementation in the DEAR framework are applicable for achieving determinism in industrial use cases. Building on the reactor model, we introduce the polyglot coordination language Lingua Franca (LF), which enables the definition of reactor programs independent of a concrete target programming language. Based on the DEAR framework, we develop a full-fledged C++ reactor runtime and a code generation backend for LF. Various use cases studied throughout the thesis illustrate the general applicability of reactors and LF to CPS design, and a comprehensive performance evaluation using an optimized version of the C++ reactor runtime demonstrates the scalability of LF programs. We also discuss some limitations of the current scheduling mechanisms and show how they can be overcome by partitioning programs. Finally, we consider design space exploration (DSE) techniques to further improve the scalability of LF programs and manage hardware complexity by automating the process of allocating hardware resources to specific components in the program. This thesis contributes the Mocasin framework, which resembles a modular platform for prototyping and researching DSE flows. While a concrete integration with LF remains for future work, Mocasin provides a foundation for exploring DSE in Lingua Franca.

info:eu-repo/classification/ddc/006

ddc:006

Architectural Enhancements to Increase Trust in Cyber-Physical Systems Containing Untrusted Software and Hardware

Farag, Mohammed Morsy Naeem

25 October 2012

Embedded electronics are widely employed in cyber-physical systems (CPSes), which tightly integrate and coordinate computational and physical elements. CPSes are extensively deployed in security-critical applications and nationwide infrastructure. Perimeter security approaches to preventing malware infiltration of CPSes are challenged by the complexity of modern embedded systems incorporating numerous heterogeneous and updatable components. Global supply chains and third-party hardware components, tools, and software limit the reach of design verification techniques and introduce security concerns about deliberate Trojan inclusions. As a consequence, skilled attacks against CPSes have demonstrated that these systems can be surreptitiously compromised. Existing run-time security approaches are not adequate to counter such threats because of either the impact on performance and cost, lack of scalability and generality, trust needed in global third parties, or significant changes required to the design flow. We present a protection scheme called Run-time Enhancement of Trusted Computing (RETC) to enhance trust in CPSes containing untrusted software and hardware. RETC is complementary to design-time verification approaches and serves as a last line of defense against the rising number of inexorable threats against CPSes. We target systems built using reconfigurable hardware to meet the flexibility and high-performance requirements of modern security protections. Security policies are derived from the system physical characteristics and component operational specifications and translated into synthesizable hardware integrated into specific interfaces on a per-module or per-function basis. The policy-based approach addresses many security challenges by decoupling policies from system-specific implementations and optimizations, and minimizes changes required to the design flow. Interface guards enable in-line monitoring and enforcement of critical system computations at run-time. Trust is only required in a small set of simple, self-contained, and verifiable guard components. Hardware trust anchors simultaneously addresses the performance, flexibility, developer productivity, and security requirements of contemporary CPSes. We apply RETC to several CPSes having common security challenges including: secure reconfiguration control in reconfigurable cognitive radio platforms, tolerating hardware Trojan threats in third-party IP cores, and preserving stability in process control systems. High-level architectures demonstrated with prototypes are presented for the selected applications. Implementation results illustrate the RETC efficiency in terms of the performance and overheads of the hardware trust anchors. Testbenches associated with the addressed threat models are generated and experimentally validated on reconfigurable platform to establish the protection scheme efficacy in thwarting the selected threats. This new approach significantly enhances trust in CPSes containing untrusted components without sacrificing cost and performance. / Ph. D.

Hardware Trojans

Reconfigurable Hardware

Embedded Systems Security

Cognitive radio networks

Trusted Computing

Cyber-Physical Systems

Process Control Systems

Predicate Calculus for Perception-led Automata

Byrne, Thomas J.

January 2023

Artificial Intelligence is a fuzzy concept. My role, as I see it, is to put down a working definition, a criterion, and a set of assumptions to set up equations for a workable methodology. This research introduces the notion of Artificial Intelligent Agency, denoting the application of Artificial General Intelligence. The problem being handled by mathematics and logic, and only thereafter semantics, is Self-Supervised Machine Learning (SSML) towards Intuitive Vehicle Health Management, in the domain of cybernetic-physical science. The present work stems from a broader engagement with a major multinational automotive OEM, where Intelligent Vehicle Health Management will dynamically choose suitable variants only to realise predefined variation points. Physics-based models infer properties of a model of the system, not properties of the implemented system itself. The validity of their inference depends on the models’ degree of fidelity, which is always an approximate localised engineering abstraction. In sum, people are not very good at establishing causality. To deduce new truths from implicit patterns in the data about the physical processes that generate the data, the kernel of this transformative technology is the intersystem architecture, occurring in-between and involving the physical and engineered system and the construct thereof, through the communication core at their interface. In this thesis it is shown that the most practicable way to establish causality is by transforming application models into actual implementation. The hypothesis being that the ideal source of training data for SSML, is an isomorphic monoid of indexical facts, trace-preserving events of natural kind.

Artificial intelligence (AI)

Artificial General Intelligence

Self-supervised machine learning (SSML)

Intuitive vehicle health management

Intersystem architecture

Cyber-physical science

Security of Critical Cyber-Physical Systems: Fundamentals and Optimization

Eldosouky Mahmoud Salama, Abdelrahman A.

18 June 2019

Cyber-physical systems (CPSs) are systems that integrate physical elements with a cyber layer that enables sensing, monitoring, and processing the data from the physical components. Examples of CPSs include autonomous vehicles, unmanned aerial vehicles (UAVs), smart grids, and the Internet of Things (IoT). In particular, many critical infrastructure (CI) that are vital to our modern day cities and communities, are CPSs. This wide range of CPSs domains represents a cornerstone of smart cities in which various CPSs are connected to provide efficient services. However, this level of connectivity has brought forward new security challenges and has left CPSs vulnerable to many cyber-physical attacks and disruptive events that can utilize the cyber layer to cause damage to both cyber and physical components. Addressing these security and operation challenges requires developing new security solutions to prevent and mitigate the effects of cyber and physical attacks as well as improving the CPSs response in face of disruptive events, which is known as the CPS resilience. To this end, the primary goal of this dissertation is to develop novel analytical tools that can be used to study, analyze, and optimize the resilience and security of critical CPSs. In particular, this dissertation presents a number of key contributions that pertain to the security and the resilience of multiple CPSs that include power systems, the Internet of Things (IoT), UAVs, and transportation networks. First, a mathematical framework is proposed to analyze and mitigate the effects of GPS spoofing attacks against UAVs. The proposed framework uses system dynamics to model the optimal routes which UAVs can follow in normal operations and under GPS spoofing attacks. A countermeasure mechanism, built on the premise of cooperative localization, is then developed to mitigate the effects of these GPS spoofing attacks. To practically deploy the proposed defense mechanism, a dynamic Stackelberg game is formulated to model the interactions between a GPS spoofer and a drone operator. The equilibrium strategies of the game are analytically characterized and studied through a novel, computationally efficient algorithm. Simulation results show that, when combined with the Stackelberg strategies, the proposed defense mechanism will outperform baseline strategy selection techniques in terms of reducing the possibility of UAV capture. Next, a game-theoretic framework is developed to model a novel moving target defense (MTD) mechanism that enables CPSs to randomize their configurations to proactive deter impending attacks. By adopting an MTD approach, a CPS can enhance its security against potential attacks by increasing the uncertainty on the attacker. The equilibrium of the developed single-controller, stochastic MTD game is then analyzed. Simulation results show that the proposed framework can significantly improve the overall utility of the defender. Third, the concept of MTD is coupled with new cryptographic algorithms for enhancing the security of an mHealth Internet of Things (IoT) system. In particular, using a combination of theory and implementation, a framework is introduced to enable the IoT devices to update their cryptographic keys locally to eliminate the risk of being revealed while they are shared. Considering the resilience of CPSs, a novel framework for analyzing the component- and system-level resilience of CIs is proposed. This framework brings together new ideas from Bayesian networks and contract theory – a Nobel prize winning theory – to define a concrete system-level resilience index for CIs and to optimize the allocation of resources, such as redundant components, monitoring devices, or UAVs to help those CIs improve their resilience. In particular, the developed resilience index is able to account for the effect of CI components on the its probability of failure. Meanwhile, using contract theory, a comprehensive resource allocation framework is proposed enabling the system operator to optimally allocate resources to each individual CI based on its economic contribution to the entire system. Simulation results show that the system operator can economically benefit from allocating the resources while dams can have a significant improvement in their resilience indices. Subsequently, the developed contract-theoretic framework is extended to account for cases of asymmetric information in which the system operator has only partial information about the CIs being in some vulnerability and criticality levels. Under such asymmetry, it is shown that the proposed approach maximizes the system operator's utility while ensuring that no CI has an incentive to ask for another contract. Next, a proof-of-concept framework is introduced to analyze and improve the resilience of transportation networks against flooding. The effect of flooding on road capacities and on the free-flow travel time, is considered for different rain intensities and roads preparedness. Meanwhile, the total system's travel time before and after flooding is evaluated using the concept of a Wardrop equilibrium. To this end, a proactive mechanism is developed to reduce the system's travel time, after flooding, by shifting capacities (available lanes) between same road sides. In a nutshell, this dissertation provides a suite of analytical techniques that allow the optimization of security and resilience across multiple CPSs. / Doctor of Philosophy / Cyber-physical systems (CPSs) have recently been used in many application domains because of their ability to integrate physical elements with a cyber layer allowing for sensing, monitoring, and remote controlling. This pervasive use of CPSs in different applications has brought forward new security challenges and threats. Malicious attacks can now leverage the connectivity of the cyber layer to launch remote attacks and cause damage to the physical components. Taking these threats into consideration, it became imperative to ensure the security of CPSs. Given that many CPSs provide critical services, for instance many critical infrastructure (CI) are CPSs such as smart girds and nuclear reactors; it is then inevitable to ensure that these critical CPSs can maintain proper operation. One key measure of the CPS’s functionality, is resilience which evaluates the ability of a CPS to deliver its designated service under potentially disruptive situations. In general, resilience measures a CPS’s ability to adapt or rapidly recover from disruptive events. Therefore, it is crucial for CPSs to be resilient in face of potential failures. To this end, the central goal of this dissertation is to develop novel analytical frameworks that can evaluate and improve security and resilience of CPSs. In these frameworks, cross-disciplinary tools are used from game theory, contract theory, and optimization to develop robust analytical solutions for security and resilience problems. In particular, these frameworks led to the following key contributions in cyber security: developing an analytical framework to mitigate the effects of GPS spoofing attacks against UAVs, introducing a game-theoretic moving target defense (MTD) framework to improve the cyber security, and securing data privacy in m-health Internet of Things (IoT) networks using a MTD cryptographic framework. In addition, the dissertation led to the following contributions in CI resilience: developing a general framework using Bayesian Networks to evaluate and improve the resilience of CIs against their components failure, introducing a contract-theoretic model to allocate resources to multiple connected CIs under complete and asymmetric information scenarios, providing a proactive plan to improve the resilience of transportation networks against flooding, and, finally, developing an environment-aware framework to deploy UAVs in disaster-areas.

Cyber-Physical Systems Security

Critical Infrastructure Resilience

Unmanned Aerial Vehicles

Game Theory

Moving Target Defense

Contract Theory

Internet of Things