1 |
Intrusion Detection and Recovery of a Cyber-Power SystemZhu, Ruoxi 06 June 2024 (has links)
The advent of Information and Communications Technology (ICT) in power systems has revolutionized the monitoring, operation, and control mechanisms through advanced control and communication functions. However, this integration significantly elevates the vulnerability of modern power systems to cyber intrusions, posing severe risks to the integrity and reliability of the power grid. This dissertation presents the results of a comprehensive study into the detection of cyber intrusions and restoration of cyber-power systems post-attack with a focus on IEC 61850 based substations and recovery methodologies in the cyber-physical system framework.
The first step of this study is to develop a novel Intrusion Detection System (IDS) specifically designed for deployment in automated substations. The proposed IDS effectively identifies falsified measurements within Manufacturing Messaging Specification (MMS) messages by verifying the consistency of electric circuit laws. This distributed approach helps avoid the transfer of contaminated measurements from substations to the control center, ensuring the integrity of SCADA systems. Utilizing a cyber-physical system testbed and the IEEE 39-bus test system, the IDS demonstrates high detection accuracy and validates its efficacy in real-time operational environments.
Building upon the intrusion detection methodology, this dissertation advances into cyber system recovery strategies, which are designed to meet the challenges of restoring a power grid as a cyber-physical system following catastrophic cyberattacks. A novel restoration strategy is proposed, emphasizing the self-recovery of a substation automation system (SAS) within the substation through dynamic network reconfiguration and collaborative efforts among Intelligent Electronic Devices (IEDs). This strategy, validated through a cyber-power system testbed incorporating SDN technology and IEC 61850 protocol, highlights the critical role of cyber recovery in maintaining grid resilience.
Further, this research extends its methodology to include a cyber-physical system restoration strategy that integrates an optimization-based multi-system restoration approach with cyber-power system simulation for constraint checking. This innovative strategy developed and validated using an Software Defined Networking (SDN) network for the IEEE 39-bus system, demonstrates the capability to efficiently restore the cyber-power system and maximize restoration capability following a large-scale cyberattack.
Overall, this dissertation makes original contributions to the field of power system security by developing and validating effective mechanisms for the detection of and recovery from cyber intrusions in the cyber-power system. Here are the main contributions of this dissertation:
1) This work develops a distributed IDS, specifically designed for the substation automation environment, capable of pinpointing the targets of cyberattacks, including sophisticated attacks involving multiple substations. The effectiveness of this IDS in a real-time operational context is validated to demonstrate its efficiency and potential for widespread deployment.
2) A novel recovery strategy is proposed to restore the critical functions of substations following cyberattacks. This strategy emphasizes local recovery procedures that leverage the collaboration of devices within the substation network, circumventing the need for external control during the initial recovery phase. The implementation and validation of this method through a cyber-physical system testbed—specifically, within an IEC 61850 based Substation Automation System (SAS)—underscores its practicality and effectiveness in real-world scenarios.
3) The dissertation results in a new co-restoration strategy that integrates mixed integer linear programming to sequentially optimize the restoration of generators, power components, and communication nodes. This approach ensures optimal restoration decisions within a limited time horizon, enhancing the recovery capabilities of the cyber-power system. The application of an SDN based network simulator facilitates accurate modeling of cyber-power system interactions, including communication constraints and dynamic restoration scenarios. The strategy's adaptability is further improved by real-time assessment of the feasibility of the restoration sequence incorporating power flow and communication network constraints to ensure an effective recovery process. / Doctor of Philosophy / Electricity is a critical service that supports the society and economy. Today, electric power systems are becoming smarter, using advanced Information and Communications Technology to manage and distribute electricity more efficiently. This new technology creates a smart grid, a network that not only delivers power but also uses computers and other tools to remotely monitor electricity flows and address any issues that may arise. However, these smart systems with high connectivity utilizing information and communication systems can be vulnerable to cyberattacks, which could disrupt the electricity supply.
To protect against these threats, this study is focused on creating systems that can detect when an abnormal condition is taking place in the cyber-power grid. These detection systems are designed to detect and identify signs of cyberattacks at key points in the power network, particularly at substations, which play a vital role in the delivery of electricity. Substations control the power grid operating conditions to make sure that electricity service is reliable and efficient for the consumers Just like traffic lights help manage the flow of vehicles, substations manage the flow of electricity to make sure electric energy is delivered to where it needed.
Once a cyberattack is detected, the next step is to stop the attack and mitigate the impact it may have made to ensure that the power grid returns to normal operations as quickly as possible. This dissertation is concerned with the development and validation of analytical and computational methods to quickly identify the cyberattacks and prevent the disruptions to the electricity service.
Also, the focus of this work is also on a coordinated recovery of both the cyber system ( digital controls and monitoring) and power system (physical infrastructure including transformers and transmission and distribution lines). This co-restoration approach is key to sustain the critical electricity service and ensures that the grid is resilient against the cyber threats. By developing strategies that address both the cyber and physical aspects, the proposed methodology aims to minimize downtime and reduce the impact of large-scale cyberattacks on the electrical infrastructure. The impact of the results of this dissertation is the enhancement of security and resilience of the electric energy supply in an era where the risks of cyber threats are increasingly significantly.
Overall, by developing new methodologies to detect and respond to cyberattacks, the cyber-power system's capability to withstand and recover from cyberattacks is enhanced in the increasingly technology-dependent power grid environment.
|
2 |
Automatically Identifying Configuration FilesHuang, Zhen 19 January 2010 (has links)
Systems can become misconfigured for a variety of reasons such as operator errors or buggy patches. When a misconfiguration is discovered, usually the first order of business is to restore availability, often by undoing the misconfiguration. To simplify this task, we propose Ocasta to automatically determine which files contain configuration state.
Ocasta uses a novel {\em similarity} metric to measures how similar a file's versions are to each other, and a set of filters to eliminate non-persistent files from consideration. These two mechanisms enable Ocasta to identify all 72 configuration files out of 2363 versioned files from 6 common applications in two user traces, while mistaking only 33 non-configuration files as configuration files. Ocasta allows a versioning file system to eliminate roughly 66\% of non-configuration file versions from its logs, thus reducing the number of file versions that a user must manually examine to recover from a misconfiguration.
|
3 |
Automatically Identifying Configuration FilesHuang, Zhen 19 January 2010 (has links)
Systems can become misconfigured for a variety of reasons such as operator errors or buggy patches. When a misconfiguration is discovered, usually the first order of business is to restore availability, often by undoing the misconfiguration. To simplify this task, we propose Ocasta to automatically determine which files contain configuration state.
Ocasta uses a novel {\em similarity} metric to measures how similar a file's versions are to each other, and a set of filters to eliminate non-persistent files from consideration. These two mechanisms enable Ocasta to identify all 72 configuration files out of 2363 versioned files from 6 common applications in two user traces, while mistaking only 33 non-configuration files as configuration files. Ocasta allows a versioning file system to eliminate roughly 66\% of non-configuration file versions from its logs, thus reducing the number of file versions that a user must manually examine to recover from a misconfiguration.
|
4 |
Cell therapy for spinal cord injury, studies of motor and sensory systems /Hofstetter, Christoph, January 2005 (has links)
Diss. (sammanfattning) Stockholm : Karolinska institutet, 2005. / Härtill 6 uppsatser.
|
5 |
Fault-tolerant control of an octorotor unmanned aerial vehicle under actuators failures / Commande tolérante aux fautes lors de pannes de moteurs d’un droneSaied, Majd 08 July 2016 (has links)
La sûreté de fonctionnement est devenue indispensable pour tous les systèmes critiques où des vies humaines sont en jeu (comme l’aéronautique, le ferroviaire, etc.). Ceci a conduit à la conception et au développement des architectures tolérantes aux fautes, l’objectif de ces architectures étant de maintenir un service correct délivré par le système malgré la présence de fautes, et en particulier de garantir la sécurité-innocuité et la fiabilité du système. La tolérance aux fautes sur les drones aériens multirotors a récemment reçu une attention importante de la part de la communauté scientifique. En particulier, plusieurs travaux ont été développés sur la tolérance aux fautes des quadrirotors suite à des fautes partielles sur les actionneurs, et récemment des recherches ont abordé le problème de panne totale de l’un des actionneurs. D’après ces études, il a été montré qu’une défaillance totale d’un actionneur dans un quadrirotor rend le système non complètement contrôlable. Une solution proposée est de considérer des multirotors avec des actionneurs redondants (hexarotors ou octorotors). La redondance inhérente disponible dans ces véhicules est exploitée, en cas de défaillance sur les actionneurs, pour redistribuer les efforts de commande sur les moteurs sains de façon à garantir la stabilité et la contrôlabilité complète du système. Dans ce travail de thèse, des approches pour la conception de systèmes de commande tolérants aux fautes des drones multirotors sont étudiées et appliquées au contrôle des octorotors. Toutefois, les algorithmes sont conçus de manière à être applicables sur les autres types de multirotors avec des modifications mineures. D’abord, une analyse de contrôlabilité de l’octorotor après l’occurrence de défaillances sur les actionneurs est présentée. Ensuite, un module de détection et d’isolation de pannes moteurs basé sur un observateur non-linéaire et les mesures de la centrale inertielle est proposé. Les mesures des vitesses et des courants de moteurs fournis par les contrôleurs de vitesse sont également utilisées dans un autre algorithme de détection pour détecter les défaillances des actionneurs et distinguer les pannes moteurs des pertes des hélices. Un module de rétablissement basé sur la reconfiguration du multiplexage est proposé pour redistribuer les efforts de commande d’une manière optimale sur les actionneurs sains après l’occurrence de défaillances dans le système. Une architecture complète, comprenant la détection et l’isolation des défauts suivie par le rétablissement du système est validée expérimentalement sur un octorotor coaxial puis elle est comparée à d’autres architectures basées sur l’allocation de commande et la tolérance aux fautes passive par mode glissant. / With growing demands for safety and reliability, and an increasing awareness about the risks associated with system malfunction, dependability has become an essential concern in modern technological systems, particularly safety-critical systems such as aircrafts or railway systems. This has led to the design and development of fault tolerant control systems (FTC). The main objective of a FTC architecture is to maintain the desirable performance of the system in the event of faults and to prevent local faults from causing failures. The last years witnessed many developments in the area of fault detection and diagnosis and fault tolerant control for Unmanned Aerial rotary-wing Vehicles. In particular, there has been extensive work on stability improvements for quadrotors in case of partial failures, and recently, some works addressed the problem of a quadrotor complete propeller failure. However, these studies demonstrated that a complete loss of a quadrotor motor results in a vehicle that is not fully controllable. An alternative is then to consider multirotors with redundant actuators (octorotors or hexarotors). Inherent redundancy available in these vehicles can be exploited, in the event of an actuator failure, to redistribute the control effort among the remaining working actuators such that stability and complete controllability are retained. In this thesis, fault-tolerant control approaches for rotary-wing UAVs are investigated. The work focuses on developing algorithms for a coaxial octorotor UAV. However, these algorithms are designed to be applicable to any redundant multirotor under minor modifications. A nonlinear model-based fault detection and isolation system for motors failures is constructed based on a nonlinear observer and on the outputs of the inertial measurement unit. Motors speeds and currents given by the electronic speed controllers are also used in another fault detection and isolation module to detect actuators failures and distinguish between motors failures and propellers damage. An offline rule-based reconfigurable control mixing is designed in order to redistribute the control effort on the healthy actuators in case of one or more motors failures. A complete architecture including fault detection and isolation followed by system recovery is tested experimentally on a coaxial octorotor and compared to other architectures based on pseudo-inverse control allocation and a robust controller using second order sliding mode.
|
6 |
Design and Development of Intelligent Security Management Systems: Threat Detection and Response in Cyber-based InfrastructuresYahya Javed (11792741) 19 December 2021 (has links)
<div>Cyber-based infrastructures and systems serve as the operational backbone of many industries and resilience of such systems against cyber-attacks is of paramount importance. As the complexity and scale of the Cyber-based Systems (CBSs) has increased many folds over the years, the attack surface has also been widened, making CBSs more vulnerable to cyber-attacks. This dissertation addresses the challenges in post intrusion security management operations of threat detection and threat response in the networks connecting CBSs. In threat detection, the increase in scale of cyber networks and the rise in sophistication of cyber-attacks has introduced several challenges. The primary challenge is the requirement to detect complex multi-stage cyber-attacks in realtime by processing the immense amount of traffic produced by present-day networks. In threat response, the issue of delay in responding to cyber-attacks and the functional interdependencies among different systems of CBS has been observed to have catastrophic effects, as a cyber attack that compromises one constituent system of a CBS can quickly disseminate to others. This can result in a cascade effect that can impair the operability of the entire CBS. To address the challenges in threat detection, this dissertation proposes PRISM, a hierarchical threat detection architecture that uses a novel attacker behavior model-based sampling technique to minimize the realtime traffic processing overhead. PRISM has a unique multi-layered architecture that monitors network traffic distributedly to provide efficiency in processing and modularity in design. PRISM employs a Hidden Markov Model-based prediction mechanism to identify multi-stage attacks and ascertain the attack progression for a proactive response. Furthermore, PRISM introduces a stream management procedure that rectifies the issue of alert reordering when collected from distributed alert reporting systems. To address the challenges in threat response, this dissertation presents TRAP, a novel threat response and recovery architecture that localizes the cyber-attack in a timely manner, and simultaneously recovers the affected system functionality. The dissertation presents comprehensive performance evaluation of PRISM and TRAP through extensive experimentation, and shows their effectiveness in identifying threats and responding to them while achieving all of their design objectives.</div>
|
7 |
Modelagem de um ambiente para análise de DNA em genética forenseSarmento, Felipe José de Queiroz 12 May 2006 (has links)
The advances in molecular biology have increased the production of enormous
amount of genetic information in a small period of time. This capacity of data production
motivated the researchers to increase the rhythm of their researches. This
necessity demands the use of efficient softwares in order to manage these data. Besides
this, it also demands the development of good softwares in order to assist the
researchers in the task of analyzing the data and giving them a biological meaning
in a brief space of time. This work proposes a software model that will support the
study of Forensic DNA, whose main repository is the autossomic DNA. This software
intends to support the researchers in the identification of condemned persons or persons
that are suspected of a crime. It also intends to assist the researchers in the
study of paternity and the search for disappeared persons. The results of this work
will be applied in the Forensic DNA Laboratory of UFAL. The software modeled here
has four modules study of paternity , criminal , disappeared people and the bank
of populational frequencies . The modules were modeled independently from each
other, considering the specifications related to the analysis of genetic links. The software
was developed using the JAVA programming language together with PostgreSQL
database. Both are free software and have an excellent relationship between cost and
benefit usage / Fundação de Amparo a Pesquisa do Estado de Alagoas / Os avanços da biologia molecular vêm favorecendo a geração de uma enorme
quantidade de informações genéticas em um tempo cada vez menor. Essa capacidade
de geração de dados permite que os pesquisadores acelerem o ritmo de suas
pesquisas, exigindo a utilização de ferramentas eficientes para o gerenciamento desses
dados. Outra necessidade está relacionada com o desenvolvimento de ferramentas
computacionais com capacidade de auxiliar na tarefa de análisar e dar um significado
biológico a estes dados em um breve espaço de tempo para os pesquisadores. Este
trabalho propõe a modelagem de um ambiente de apoio à análise e ao estudo do DNA
Forense, cujo principal repositório seja o DNA autossômico. Este ambiente visa dar
suporte a identificação de pessoas condenadas ou suspeitas de ter realizado algum
tipo de crime contra a sociedade, bem como auxiliar no estudo de paternidade e na
busca de pessoas desaparecidas. Este ambiente irá atender ao Laboratório de DNA
Forense, da UFAL, que vêm realizando estas atividades. O modelo do ambiente aqui
proposto, possui quatro módulos, estudo de paternidade , criminal , desaparecido
e o banco de freqüência das populações . Os módulos foram modelados de forma que
funcionem independentemente, atendendo as especificações inerentes à análise sobre
vínculo genético. O sistema foi desenvolvido na linguagem de programação JAVA com
banco de dados PostgreSQL. Ambas as ferramentas possuem característica de software
aberto e uma relação custo/benefício excelentes
|
Page generated in 0.0447 seconds