• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 107
  • 9
  • 9
  • 5
  • 4
  • 4
  • 3
  • 2
  • 1
  • 1
  • 1
  • Tagged with
  • 187
  • 187
  • 187
  • 52
  • 43
  • 36
  • 31
  • 30
  • 30
  • 30
  • 27
  • 26
  • 24
  • 23
  • 21
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
111

Mitigating Emergent Safety and Security Incidents of CPS by a Protective Shell

Wagner, Leonard 07 November 2023 (has links)
In today's modern world, Cyber-Physical Systems (CPS) have gained widespread prevalence, offering tremendous benefits while also increasing society's dependence on them. Given the direct interaction of CPS with the physical environment, their malfunction or compromise can pose significant risks to human life, property, and the environment. However, as the complexity of CPS rises due to heightened expectations and expanded functional requirements, ensuring their trustworthy operation solely during the development process becomes increasingly challenging. This thesis introduces and delves into the novel concept of the 'Protective Shell' – a real-time safeguard actively monitoring CPS during their operational phases. The protective shell serves as a last line of defence, designed to detect abnormal behaviour, conduct thorough analyses, and initiate countermeasures promptly, thereby mitigating unforeseen risks in real-time. The primary objective of this research is to enhance the overall safety and security of CPS by refining, partly implementing, and evaluating the innovative protective shell concept. To provide context for collaborative systems working towards higher objectives — common within CPS as system-of-systems (SoS) — the thesis introduces the 'Emergence Matrix'. This matrix categorises outcomes of such collaboration into four quadrants based on their anticipated nature and desirability. Particularly concerning are outcomes that are both unexpected and undesirable, which frequently serve as the root cause of safety accidents and security incidents in CPS scenarios. The protective shell plays a critical role in mitigating these unfavourable outcomes, as conventional vulnerability elimination procedures during the CPS design phase prove insufficient due to their inability to proactively anticipate and address these unforeseen situations. Employing the design science research methodology, the thesis is structured around its iterative cycles and the research questions imposed, offering a systematic exploration of the topic. A detailed analysis of various safety accidents and security incidents involving CPS was conducted to retrieve vulnerabilities that led to dangerous outcomes. By developing specific protective shells for each affected CPS and assessing their effectiveness during these hazardous scenarios, a generic core for the protective shell concept could be retrieved, indicating general characteristics and its overall applicability. Furthermore, the research presents a generic protective shell architecture, integrating advanced anomaly detection techniques rooted in explainable artificial intelligence (XAI) and human machine teaming. While the implementation of protective shells demonstrate substantial positive impacts in ensuring CPS safety and security, the thesis also articulates potential risks associated with their deployment that require careful consideration. In conclusion, this thesis makes a significant contribution towards the safer and more secure integration of complex CPS into daily routines, critical infrastructures and other sectors by leveraging the capabilities of the generic protective shell framework.:1 Introduction 1.1 Background and Context 1.2 Research Problem 1.3 Purpose and Objectives 1.3.1 Thesis Vision 1.3.2 Thesis Mission 1.4 Thesis Outline and Structure 2 Design Science Research Methodology 2.1 Relevance-, Rigor- and Design Cycle 2.2 Research Questions 3 Cyber-Physical Systems 3.1 Explanation 3.2 Safety- and Security-Critical Aspects 3.3 Risk 3.3.1 Quantitative Risk Assessment 3.3.2 Qualitative Risk Assessment 3.3.3 Risk Reduction Mechanisms 3.3.4 Acceptable Residual Risk 3.4 Engineering Principles 3.4.1 Safety Principles 3.4.2 Security Principles 3.5 Cyber-Physical System of Systems (CPSoS) 3.5.1 Emergence 4 Protective Shell 4.1 Explanation 4.2 System Architecture 4.3 Run-Time Monitoring 4.4 Definition 4.5 Expectations / Goals 5 Specific Protective Shells 5.1 Boeing 737 Max MCAS 5.1.1 Introduction 5.1.2 Vulnerabilities within CPS 5.1.3 Specific Protective Shell Mitigation Mechanisms 5.1.4 Protective Shell Evaluation 5.2 Therac-25 5.2.1 Introduction 5.2.2 Vulnerabilities within CPS 5.2.3 Specific Protective Shell Mitigation Mechanisms 5.2.4 Protective Shell Evaluation 5.3 Stuxnet 5.3.1 Introduction 5.3.2 Exploited Vulnerabilities 5.3.3 Specific Protective Shell Mitigation Mechanisms 5.3.4 Protective Shell Evaluation 5.4 Toyota 'Unintended Acceleration' ETCS 5.4.1 Introduction 5.4.2 Vulnerabilities within CPS 5.4.3 Specific Protective Shell Mitigation Mechanisms 5.4.4 Protective Shell Evaluation 5.5 Jeep Cherokee Hack 5.5.1 Introduction 5.5.2 Vulnerabilities within CPS 5.5.3 Specific Protective Shell Mitigation Mechanisms 5.5.4 Protective Shell Evaluation 5.6 Ukrainian Power Grid Cyber-Attack 5.6.1 Introduction 5.6.2 Vulnerabilities in the critical Infrastructure 5.6.3 Specific Protective Shell Mitigation Mechanisms 5.6.4 Protective Shell Evaluation 5.7 Airbus A400M FADEC 5.7.1 Introduction 5.7.2 Vulnerabilities within CPS 5.7.3 Specific Protective Shell Mitigation Mechanisms 5.7.4 Protective Shell Evaluation 5.8 Similarities between Specific Protective Shells 5.8.1 Mitigation Mechanisms Categories 5.8.2 Explanation 5.8.3 Conclusion 6 AI 6.1 Explainable AI (XAI) for Anomaly Detection 6.1.1 Anomaly Detection 6.1.2 Explainable Artificial Intelligence 6.2 Intrinsic Explainable ML Models 6.2.1 Linear Regression 6.2.2 Decision Trees 6.2.3 K-Nearest Neighbours 6.3 Example Use Case - Predictive Maintenance 7 Generic Protective Shell 7.1 Architecture 7.1.1 MAPE-K 7.1.2 Human Machine Teaming 7.1.3 Protective Shell Plugin Catalogue 7.1.4 Architecture and Design Principles 7.1.5 Conclusion Architecture 7.2 Implementation Details 7.3 Evaluation 7.3.1 Additional Vulnerabilities introduced by the Protective Shell 7.3.2 Summary 8 Conclusion 8.1 Summary 8.2 Research Questions Evaluation 8.3 Contribution 8.4 Future Work 8.5 Recommendation
112

A FRAMEWORK FOR SPATIO-TEMPORAL UNCERTAINTY-AWARE SCHEDULING AND CONTROL OF LINEAR PROJECTS

Roofigari Esfahan, Nazila January 2016 (has links)
Linear repetitive projects, which are resource-driven in nature, are characterized by a series of repetitive activities in which the resources share the same space either in sequential or parallel manner. The frequent movement of resources over limited shared space needs to be well-planned to avoid potential issues during the execution of linear projects. As such, schedules developed for these projects needs not only to take into account all the logical, project-dependent and precedence constraints of activities but also to incorporate the space and time constraints that co-exist for the movement of thei8r resources. Negligence in incorporating spatial and temporal constraints in developing and improving schedules of linear projects increases the risk of delays and workspace congestions that can substantially hinder the performance of the activity resources. The study presented here proposes and develops an uncertainty-aware scheduling and control framework for linear projects to address the needs mentioned above. For this purpose, first, a new type of float was introduced as the Space-Time Float. The Space-Time Float is an envelope for all possible movement patterns that a linear activity or its associated resources can take considering the time and space constraints of that activity. The next endeavor in the development of the uncertainty-aware linear scheduling and control framework was to augment the current linear scheduling methods by presenting an uncertainty-aware optimization method to optimize the duration of linear projects while minimizing their potential congestions. A constraint satisfaction approach was used for the two-tier optimization of duration and congestion, and a fuzzy inference system was incorporated to assess the inherent uncertainty in linear activities. A new type of buffer, Uncertainty-Aware Productivity Buffer is also introduced to account for the uncertainties inherent in project activities. Spatial progress of activities needs not only to be considered in the planning phase but also to be closely monitored during construction. The framework presented in this study also applies to the monitoring and control of linear projects. While most of the current methods still do not accommodate real-time bi-directional control of linear projects, this framework is based on the Cyber-Physical Systems (CPS) architecture and bi-directional communication of data. To this end, a CPS-based application for Earned Value (EV) monitoring and control of road and highway projects is presented. Different steps of the generated framework are validated through various literature and field-based case studies. The results demonstrate the effectiveness of the presented method in planning and control of unforeseen variations from the planned schedules of linear projects. As such, the present study contributes and adds to the current body of knowledge of linear projects by presenting an efficient scheduling and control framework that takes into account logical, spatio-temporal and project-based constraints of linear activities. / Thesis / Doctor of Philosophy (PhD)
113

Scalable Next Generation Blockchains for Large Scale Complex Cyber-Physical Systems and Their Embedded Systems in Smart Cities

Alkhodair, Ahmad Jamal M 07 1900 (has links)
The original FlexiChain and its descendants are a revolutionary distributed ledger technology (DLT) for cyber-physical systems (CPS) and their embedded systems (ES). FlexiChain, a DLT implementation, uses cryptography, distributed ledgers, peer-to-peer communications, scalable networks, and consensus. FlexiChain facilitates data structure agreements. This thesis offers a Block Directed Acyclic Graph (BDAG) architecture to link blocks to their forerunners to speed up validation. These data blocks are securely linked. This dissertation introduces Proof of Rapid Authentication, a novel consensus algorithm. This innovative method uses a distributed file to safely store a unique identifier (UID) based on node attributes to verify two blocks faster. This study also addresses CPS hardware security. A system of interconnected, user-unique identifiers allows each block's history to be monitored. This maintains each transaction and the validators who checked the block to ensure trustworthiness and honesty. We constructed a digital version that stays in sync with the distributed ledger as all nodes are linked by a NodeChain. The ledger is distributed without compromising node autonomy. Moreover, FlexiChain Layer 0 distributed ledger is also introduced and can connect and validate Layer 1 blockchains. This project produced a DAG-based blockchain integration platform with hardware security. The results illustrate a practical technique for creating a system depending on diverse applications' needs. This research's design and execution showed faster authentication, less cost, less complexity, greater scalability, higher interoperability, and reduced power consumption.
114

Industry 4.0 and the Food Manufacturing Industry: A Conceptual Framework

Adil, Muhammad Soban, Mekanic, Sedin January 2020 (has links)
Background: The manufacturing industry is diverting away from the one-size-fits-all mass manufacture towards more customized processes. With increasingly individualized consumer preferences and an intense competitive environment, food manufacturers are required to meet specific consumer demands with similar efficiency to those produced massively. Such market requirements are feasible with the technological advancements envisioned by Industry 4.0. The consequences of such are increased flexibility and mass customization in manufacturing which forces the food manufacturer towards its realization. The integration process, however, involves a comprehensive transformation that affects every aspect of the organization. This consequently imposes significant challenges upon the food manufacturing company. Purpose: The study aims to investigate the transformation process ensued by the food manufacturer for Industry 4.0. Consequently, a conceptual framework is developed detailing the application of Industry 4.0 in the food manufacturing industry. Method: An inductive qualitative approach, in combination with a multiple-case study, is pursued to address the formulated questions of research. Based on such, semi-structured interviews were conducted with individuals representing three multinational food manufacturers. Further, a thematic analytical technique was adopted as means to identify similarities and patterns within the obtained data. The collected data was analyzed using thematic analysis through which the researchers came up with the conceptual framework. Conclusion: The results of the research reveal internal and external factors such as labor policies and IT infrastructure to influence the transformation process for Industry 4.0. In due to this, the implementation of the phenomenon occurs phase-wise, globally coordinated and regionally concentrated. This enables the organization to overcome the obstacles faced and, subsequently, ensure the successful deployment of Industry 4.0.
115

Ultra-wideband Concurrent Transmissions for Ranging and Localization

Corbalan Pelegrin, Pablo 14 May 2020 (has links)
Global navigation satellite systems (GNSS) have radically changed business, industry, and society, shaping the way we transport, navigate, and generally live every day. After all these years, however, GNSS location information remains only valuable outdoors, leaving indoor environments where people dwell most of the time without proper localization support. Many technologies and systems have approached this problem including optical, inertial, ultrasonic, and radio-frequency (RF), to name a few; yet the problem remains. In this thesis, inspired by the indisputable success of GNSS and the re-emergence of ultra-wideband (UWB) radios to the forefront of technology, we aim to change the state of affairs in RF localization by proposing novel clean-slate UWB ranging and localization schemes based on concurrent transmissions. These are generally considered harmful for communication but become a rich source of localization information when combined with knowledge of the channel impulse response (CIR). Our first novel contribution lies in the concept of concurrent ranging, which allows mobile nodes to simultaneously measure the distance to multiple devices—hereafter, called responders—removing the need for the wasteful long packet exchanges traditionally used for ranging and localization. Different from conventional schemes, which spread responder transmissions over time, we force responders to transmit concurrently and let their signals “fuse” in the wireless channel; the resulting impulse response, as measured by commercial UWB radios, contains all the necessary timing information to extract the desired distance to all responders. This first contribution, however, also serves us to realize the many challenges ahead to unlock the real power of concurrent transmissions for localization. We address these challenges along the way, starting with Chorus, our second contribution. Chorus exploits an anchor infrastructure that transmits packets concurrently. Mobile nodes listen for these transmissions and measure from the CIR the time difference of arrival (TDoA) of the concurrent signals, privately computing their own position at a high rate using hyperbolic localization. This reverse TDoA scheme, although simple in concept, is extremely powerful in that it enables passive self-localization of infinitely many targets at once, a feature largely missing in the RF literature. In Chorus, we address the difficult challenges to reliably detect and identify the signal from the different responders. Yet, the limited transmission precision of commercial UWB transceivers constrains the many benefits of Chorus. In this context, we i) contribute a model to ascertain the impact of the transmission uncertainty on concurrent transmissions, and ii) address the issue with a compensation mechanism that fine-tunes the local oscillator frequency of responders while they prepare to transmit, allowing us to simultaneously tackle the impact of clock drift on distance estimation. We demonstrate in our evaluation that with this compensation mechanism we can schedule transmissions with < 1 ns error, removing the need to share timestamps to precisely measure distance. We rebuild concurrent ranging around this mechanism, obtaining decimeter-level ranging and localization at a fraction of the cost of conventional schemes. These results turn concurrent ranging into an immediately applicable technique that new systems can now exploit, benefiting from a different set of trade-offs hitherto unavailable. Further, the TX compensation mechanism can be directly applied to Chorus, similarly making fast and accurate passive self-localization a tangible reality. We continue our endeavor with a systematic characterization of the conditions under which UWB concurrent transmissions succeed to provide reliable ranging and communication across different complex channels. The results we put forth empower developers to fully exploit concurrent transmissions in their designs, potentially inspiring a new wave of ranging, and also communication, primitives that can bring to UWB the same striking benefits found in low-power narrowband radios. The thesis is completed by looking at other challenges preventing the wide adoption of UWB localization systems, namely, large-scale operation, energy efficiency, and the complexity to install anchor deployments. We tackle these aspects in the last part of the thesis with three additional contributions. First, we propose Talla, a TDoA system that provides seamless large-scale localization for many tags across cells of time-synchronized anchors. Secondly, we fuse UWB ranging with odometry information and build an uncertainty model that only triggers new UWB estimates if and when needed, reducing consumption and channel utilization while satisfying the application-specific demands in terms of accuracy. And thirdly, we build state-of-the-art mechanisms to automatically compute the positions of all anchors deployed across large areas based on ranging information, facilitating anchor network deployment for the many UWB-based real-time location systems (RTLS) to come. Overall, this thesis changes the landscape of UWB localization with a new set of potentially disruptive schemes and systems that exploit the peculiar benefits of concurrent transmissions and that consequently redefine the trade-offs of the technology.
116

Integrating Cyber-Physical Systems in large manufacturing organizations : Analyzing organizational challenges and digital transformation strategy for integrating Cyber-Physical Systems in the welding process

Wikström, Jonatan, Gedda, Fredrik January 2022 (has links)
In the industrial sector, next generation technologies are being rapidly developed. One of the promising technologies is cyber-physical systems which are being used to revolutionize the welding process. A cyber-physical system can greatly improve the welding processes by taking over the tasks performed by humans, such as analysis, control and sensing which results in increased efficiency, quality, and stability of the welding process. However, integrating cyber-physical systems in the welding process requires a digital transformation strategy that outlines how organizational and technical challenges are intended to be resolved. The aim of the study is to identify the organizational challenges of integrating cyber-physical systems, and how to overcome them with the use of a digital transformation strategy. For this, the study adopts a qualitative case study approach to investigate the organizational challenges of integrating a cyber-physical system in the welding process of a large manufacturing organization. Further, it outlines aspects required in a digital transformation strategy to succeed with the integration.  The findings indicate that common challenges when integrating cyber-physical systems revolve around building secure networks, securing competencies, committing to the integration, and achieving transparency between management and employees. In addition, when formulating a digital transformation strategy, the findings indicate three factors that contribute to the success of the transformation. These are involvement of critical digital skills, undergoing required structural changes and reengineering organizational work processes where the cyber-physical system aims to be integrated.  Besides providing practical implications for the challenges and formulation of a digital transformation strategy for implementing cyber-physical systems in the welding process, the study contributes to the literature on digital transformation strategy and cyber-physical systems in manufacturing organizations.
117

Intelligence Orchestration in IoT and Cyber-Physical Systems

Jayagopan, Maheswaran, Saseendran, Ananthu January 2022 (has links)
The number of IoT and cyber-physical systems will be growing in the comingfuture. According to estimates, more than 21 billion IoT devices are expectedto exist by 2025. The adoption of Digital Twins and AI-enhanced IoTapplications is projected to fuel the expected increase in IoT spending.It is essential to accelerate the development., deployment, and administrationof these IoT applications, which can be accomplished by orchestrating IoTcomponents, devices, services, and systems. IoT Intelligence orchestrationposes several obstacles that must be overcome for a wide range of domainspecific use cases and applications to follow and support business logic.This thesis aims to create a secure and full proof way of orchestratingintelligence within IoT devices from multiple ecosystems.It also aims tobreak down the current approach of monolithic development and introduce amixture of visual programming and distributed systems considering all thenecessary cyber-security aspects,.A comparison of the developed framework and the existing tool with thenecessary characteristics like security, response time and the accuracy too isincluded.of the thesis.
118

Deterministic Reactive Programming for Cyber-physical Systems

Menard, Christian 03 June 2024 (has links)
Today, cyber-physical systems (CPSs) are ubiquitous. Whether it is robotics, electric vehicles, the smart home, autonomous driving, or smart prosthetics, CPSs shape our day-to-day lives. Yet, designing and programming CPSs becomes evermore challenging as the overall complexity of systems increases. CPSs need to interface (potentially distributed) computation with concurrent processes in the physical world while fulfilling strict safety requirements. Modern and popular frameworks for designing CPS applications, such as ROS and AUTOSAR, address the complexity challenges by emphasizing scalability and reactivity. This, however, comes at the cost of compromising determinism and the time predictability of applications, which ultimately compromises safety. This thesis argues that this compromise is not a necessity and demonstrates that scalability can be achieved while ensuring a predictable execution. At the core of this thesis is the novel reactor model of computation (MoC) that promises to provide timed semantics, reactivity, scalability, and determinism. A comprehensive study of related models indicates that there is indeed no other MoC that provides similar properties. The main contribution of this thesis is the introduction of a complete set of tools that make the reactor model accessible for CPS design and a demonstration of their ability to facilitate the development of scalable deterministic software. After introducing the reactor model, we discuss its key principles and utility through an adaptation of reactors in the DEAR framework. This framework integrates reactors with a popular runtime for adaptive automotive applications developed by AUTOSAR. An existing AUTOSAR demonstrator application serves as a case study that exposes the problem of nondeterminism in modern CPS frameworks. We show that the reactor model and its implementation in the DEAR framework are applicable for achieving determinism in industrial use cases. Building on the reactor model, we introduce the polyglot coordination language Lingua Franca (LF), which enables the definition of reactor programs independent of a concrete target programming language. Based on the DEAR framework, we develop a full-fledged C++ reactor runtime and a code generation backend for LF. Various use cases studied throughout the thesis illustrate the general applicability of reactors and LF to CPS design, and a comprehensive performance evaluation using an optimized version of the C++ reactor runtime demonstrates the scalability of LF programs. We also discuss some limitations of the current scheduling mechanisms and show how they can be overcome by partitioning programs. Finally, we consider design space exploration (DSE) techniques to further improve the scalability of LF programs and manage hardware complexity by automating the process of allocating hardware resources to specific components in the program. This thesis contributes the Mocasin framework, which resembles a modular platform for prototyping and researching DSE flows. While a concrete integration with LF remains for future work, Mocasin provides a foundation for exploring DSE in Lingua Franca.
119

Architectural Enhancements to Increase Trust in Cyber-Physical Systems Containing Untrusted Software and Hardware

Farag, Mohammed Morsy Naeem 25 October 2012 (has links)
Embedded electronics are widely employed in cyber-physical systems (CPSes), which tightly integrate and coordinate computational and physical elements. CPSes are extensively deployed in security-critical applications and nationwide infrastructure. Perimeter security approaches to preventing malware infiltration of CPSes are challenged by the complexity of modern embedded systems incorporating numerous heterogeneous and updatable components. Global supply chains and third-party hardware components, tools, and software limit the reach of design verification techniques and introduce security concerns about deliberate Trojan inclusions. As a consequence, skilled attacks against CPSes have demonstrated that these systems can be surreptitiously compromised. Existing run-time security approaches are not adequate to counter such threats because of either the impact on performance and cost, lack of scalability and generality, trust needed in global third parties, or significant changes required to the design flow. We present a protection scheme called Run-time Enhancement of Trusted Computing (RETC) to enhance trust in CPSes containing untrusted software and hardware. RETC is complementary to design-time verification approaches and serves as a last line of defense against the rising number of inexorable threats against CPSes. We target systems built using reconfigurable hardware to meet the flexibility and high-performance requirements of modern security protections. Security policies are derived from the system physical characteristics and component operational specifications and translated into synthesizable hardware integrated into specific interfaces on a per-module or per-function basis. The policy-based approach addresses many security challenges by decoupling policies from system-specific implementations and optimizations, and minimizes changes required to the design flow. Interface guards enable in-line monitoring and enforcement of critical system computations at run-time. Trust is only required in a small set of simple, self-contained, and verifiable guard components. Hardware trust anchors simultaneously addresses the performance, flexibility, developer productivity, and security requirements of contemporary CPSes. We apply RETC to several CPSes having common security challenges including: secure reconfiguration control in reconfigurable cognitive radio platforms, tolerating hardware Trojan threats in third-party IP cores, and preserving stability in process control systems. High-level architectures demonstrated with prototypes are presented for the selected applications. Implementation results illustrate the RETC efficiency in terms of the performance and overheads of the hardware trust anchors. Testbenches associated with the addressed threat models are generated and experimentally validated on reconfigurable platform to establish the protection scheme efficacy in thwarting the selected threats. This new approach significantly enhances trust in CPSes containing untrusted components without sacrificing cost and performance. / Ph. D.
120

Security of Critical Cyber-Physical Systems: Fundamentals and Optimization

Eldosouky Mahmoud Salama, Abdelrahman A. 18 June 2019 (has links)
Cyber-physical systems (CPSs) are systems that integrate physical elements with a cyber layer that enables sensing, monitoring, and processing the data from the physical components. Examples of CPSs include autonomous vehicles, unmanned aerial vehicles (UAVs), smart grids, and the Internet of Things (IoT). In particular, many critical infrastructure (CI) that are vital to our modern day cities and communities, are CPSs. This wide range of CPSs domains represents a cornerstone of smart cities in which various CPSs are connected to provide efficient services. However, this level of connectivity has brought forward new security challenges and has left CPSs vulnerable to many cyber-physical attacks and disruptive events that can utilize the cyber layer to cause damage to both cyber and physical components. Addressing these security and operation challenges requires developing new security solutions to prevent and mitigate the effects of cyber and physical attacks as well as improving the CPSs response in face of disruptive events, which is known as the CPS resilience. To this end, the primary goal of this dissertation is to develop novel analytical tools that can be used to study, analyze, and optimize the resilience and security of critical CPSs. In particular, this dissertation presents a number of key contributions that pertain to the security and the resilience of multiple CPSs that include power systems, the Internet of Things (IoT), UAVs, and transportation networks. First, a mathematical framework is proposed to analyze and mitigate the effects of GPS spoofing attacks against UAVs. The proposed framework uses system dynamics to model the optimal routes which UAVs can follow in normal operations and under GPS spoofing attacks. A countermeasure mechanism, built on the premise of cooperative localization, is then developed to mitigate the effects of these GPS spoofing attacks. To practically deploy the proposed defense mechanism, a dynamic Stackelberg game is formulated to model the interactions between a GPS spoofer and a drone operator. The equilibrium strategies of the game are analytically characterized and studied through a novel, computationally efficient algorithm. Simulation results show that, when combined with the Stackelberg strategies, the proposed defense mechanism will outperform baseline strategy selection techniques in terms of reducing the possibility of UAV capture. Next, a game-theoretic framework is developed to model a novel moving target defense (MTD) mechanism that enables CPSs to randomize their configurations to proactive deter impending attacks. By adopting an MTD approach, a CPS can enhance its security against potential attacks by increasing the uncertainty on the attacker. The equilibrium of the developed single-controller, stochastic MTD game is then analyzed. Simulation results show that the proposed framework can significantly improve the overall utility of the defender. Third, the concept of MTD is coupled with new cryptographic algorithms for enhancing the security of an mHealth Internet of Things (IoT) system. In particular, using a combination of theory and implementation, a framework is introduced to enable the IoT devices to update their cryptographic keys locally to eliminate the risk of being revealed while they are shared. Considering the resilience of CPSs, a novel framework for analyzing the component- and system-level resilience of CIs is proposed. This framework brings together new ideas from Bayesian networks and contract theory – a Nobel prize winning theory – to define a concrete system-level resilience index for CIs and to optimize the allocation of resources, such as redundant components, monitoring devices, or UAVs to help those CIs improve their resilience. In particular, the developed resilience index is able to account for the effect of CI components on the its probability of failure. Meanwhile, using contract theory, a comprehensive resource allocation framework is proposed enabling the system operator to optimally allocate resources to each individual CI based on its economic contribution to the entire system. Simulation results show that the system operator can economically benefit from allocating the resources while dams can have a significant improvement in their resilience indices. Subsequently, the developed contract-theoretic framework is extended to account for cases of asymmetric information in which the system operator has only partial information about the CIs being in some vulnerability and criticality levels. Under such asymmetry, it is shown that the proposed approach maximizes the system operator's utility while ensuring that no CI has an incentive to ask for another contract. Next, a proof-of-concept framework is introduced to analyze and improve the resilience of transportation networks against flooding. The effect of flooding on road capacities and on the free-flow travel time, is considered for different rain intensities and roads preparedness. Meanwhile, the total system's travel time before and after flooding is evaluated using the concept of a Wardrop equilibrium. To this end, a proactive mechanism is developed to reduce the system's travel time, after flooding, by shifting capacities (available lanes) between same road sides. In a nutshell, this dissertation provides a suite of analytical techniques that allow the optimization of security and resilience across multiple CPSs. / Doctor of Philosophy / Cyber-physical systems (CPSs) have recently been used in many application domains because of their ability to integrate physical elements with a cyber layer allowing for sensing, monitoring, and remote controlling. This pervasive use of CPSs in different applications has brought forward new security challenges and threats. Malicious attacks can now leverage the connectivity of the cyber layer to launch remote attacks and cause damage to the physical components. Taking these threats into consideration, it became imperative to ensure the security of CPSs. Given that many CPSs provide critical services, for instance many critical infrastructure (CI) are CPSs such as smart girds and nuclear reactors; it is then inevitable to ensure that these critical CPSs can maintain proper operation. One key measure of the CPS’s functionality, is resilience which evaluates the ability of a CPS to deliver its designated service under potentially disruptive situations. In general, resilience measures a CPS’s ability to adapt or rapidly recover from disruptive events. Therefore, it is crucial for CPSs to be resilient in face of potential failures. To this end, the central goal of this dissertation is to develop novel analytical frameworks that can evaluate and improve security and resilience of CPSs. In these frameworks, cross-disciplinary tools are used from game theory, contract theory, and optimization to develop robust analytical solutions for security and resilience problems. In particular, these frameworks led to the following key contributions in cyber security: developing an analytical framework to mitigate the effects of GPS spoofing attacks against UAVs, introducing a game-theoretic moving target defense (MTD) framework to improve the cyber security, and securing data privacy in m-health Internet of Things (IoT) networks using a MTD cryptographic framework. In addition, the dissertation led to the following contributions in CI resilience: developing a general framework using Bayesian Networks to evaluate and improve the resilience of CIs against their components failure, introducing a contract-theoretic model to allocate resources to multiple connected CIs under complete and asymmetric information scenarios, providing a proactive plan to improve the resilience of transportation networks against flooding, and, finally, developing an environment-aware framework to deploy UAVs in disaster-areas.

Page generated in 0.0756 seconds