Enhanching Security in the Future Cyber Physical Systems

Manandhar, Kebina

11 May 2015

Cyber Physical System (CPS) is a system where cyber and physical components work in a complex co-ordination to provide better performance. By exploiting the communication infrastructure among the sensors, actuators, and control systems, attackers may compromise the security of a CPS. In this dissertation, security measures for different types of attacks/ faults in two CPSs, water supply system (WSS) and smart grid system, are presented. In this context, I also present my study on energy management in Smart Grid. The techniques for detecting attacks/faults in both WSS and Smart grid system adopt Kalman Filter (KF) and χ2 detector. The χ2 -detector can detect myriad of system fault- s/attacks such as Denial of Service (DoS) attack, short term and long term random attacks. However, the study shows that the χ2 -detector is unable to detect the intelligent False Data Injection attack (FDI). To overcome this limitation, I present a Euclidean detector for smart grid which can effectively detect such injection attacks. Along with detecting attack/faults I also present the isolation of the attacked/faulty nodes for smart grid. For isolation the Gen- eralized Observer Scheme (GOS) implementing Kalman Filter is used. As GOS is effective in isolating attacks/faults on a single sensor, it is unable to isolate simultaneous attacks/faults on multiple sensors. To address this issue, an Iterative Observer Scheme (IOS) is presented which is able to detect attack on multiple sensors. Since network is an integral part of the future CPSs, I also present a scheme for pre- serving privacy in the future Internet architecture, namely MobilityFirst architecture. The proposed scheme, called Anonymity in MobilityFirst (AMF), utilizes the three-tiered ap- proach to effectively exploit the inherent properties of MF Network such as Globally Unique Flat Identifier (GUID) and Global Name Resolution Service (GNRS) to provide anonymity to the users. While employing new proposed schemes in exchanging of keys between different tiers of routers to alleviate trust issues, the proposed scheme uses multiple routers in each tier to avoid collaboration amongst the routers in the three tiers to expose the end users.

Smart Grid

Water Supply System

Kalman Filter

False Data Injection Attack

Detekcija malicioznih napada na elektroenergetski sistem korišćenjem sinergije statičkog i dinamičkog estimatora stanja / Detection of False Data Injection Attacks on Power System using a synergybased approach between static and dynamic state estimators

Živković Nemanja

23 January 2019

<p>U ovoj doktorskoj disertaciji predložena je nova metoda za detekciju malicioznih napada injektiranjem loših merenja na elektroenergetski sistem. Predloženi algoritam baziran je na sinergiji statičke i dinamičke estimacije stanja, i u stanju je da detektuje ovaj tip napada u realnom vremenu, za najkritičniji scenario gde napadač ima potpuno znanje o sistemu, i neograničen pristup resursima.</p> / <p>This PhD thesis proposes a novel method for detection of malicious false data<br />injection attacks on power system. The proposed algorithm is based on<br />synergy between static and dynamic state estimators, and is capable of<br />detecting the forementioned attacks in real time, for the most critical scenarios,<br />where an attacker has complete knowledge about the compromised power<br />system and unlimited resources to stage an attack.</p>