Logo: to the web site of Uppsala University

uu.sePublications from Uppsala University
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Risk assessment and optimal allocation of security measures under stealthy false data injection attacks
Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Electrical Engineering, Signals and Systems.ORCID iD: 0000-0002-9948-4118
Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Division of Systems and Control. Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Automatic control.ORCID iD: 0000-0001-5491-4068
Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Electrical Engineering, Signals and Systems.ORCID iD: 0000-0001-9066-5468
2022 (English)In: 2022 IEEE Conference on Control Technology and Applications (CCTA), Institute of Electrical and Electronics Engineers (IEEE), 2022, p. 1347-1353Conference paper, Published paper (Refereed)
Abstract [en]

This paper firstly addresses the problem of risk assessment under false data injection attacks on uncertain control systems. We consider an adversary with complete system knowledge, injecting stealthy false data into an uncertain control system. We then use the Value-at-Risk to characterize the risk associated with the attack impact caused by the adversary. The worst-case attack impact is characterized by the recently proposed output-to-output gain. We observe that the risk assessment problem corresponds to an infinite non-convex robust optimization problem. To this end, we use dissipative system theory and the scenario approach to approximate the risk-assessment problem into a convex problem and also provide probabilistic certificates on approximation. Secondly, we con-sider the problem of security measure allocation. We consider an operator with a constraint on the security budget. Under this constraint, we propose an algorithm to optimally allocate the security measures using the calculated risk such that the resulting Value-at-risk is minimized. Finally, we illustrate the results through a numerical example. The numerical example also illustrates that the security allocation using the Value-at-risk, and the impact on the nominal system may have different outcomes: thereby depicting the benefit of using risk metrics.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2022. p. 1347-1353
Series
Control Technology and Applications, E-ISSN 2768-0770
National Category
Control Engineering
Identifiers
URN: urn:nbn:se:uu:diva-510181DOI: 10.1109/CCTA49430.2022.9966025ISBN: 978-1-6654-7339-2 (print)ISBN: 978-1-6654-7338-5 (electronic)OAI: oai:DiVA.org:uu-510181DiVA, id: diva2:1791381
Conference
IEEE Conference on Control Technology and Applications (CCTA), 23-25 August 2022, Trieste, Italy
Available from: 2023-08-25 Created: 2023-08-25 Last updated: 2024-04-07Bibliographically approved
In thesis
1. Risk-Based Analysis and Design of Secure Control Systems
Open this publication in new window or tab >>Risk-Based Analysis and Design of Secure Control Systems
2024 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Networked Control Systems (NCSs) are integral to many critical infrastructures such as power grids, transportation, and production systems. The resilient operation of such NCS against cyber-attacks is essential for society, and risk management presents an effective framework for addressing these security challenges. The risk management framework encompasses two steps: risk assessment and risk mitigation. The risk assessment step aims to quantify the risk, whereas the risk mitigation step focuses on designing mitigation strategies. This thesis leverages the risk management framework to analyze and design NCSs that are resilient to cyber-attacks. In particular, this thesis aims to address the following research challenges. 

Firstly, we aim to assess the risk of attack scenarios that are realistic (risk assessment step). In particular, we consider adversaries and operators with different levels of knowledge about the NCS. For instance, an adversary or operator may possess complete knowledge of the system dynamics or have only partial knowledge with varying degrees of uncertainty. Hence, we describe a systematic approach to assess the risk considering the interplay between the knowledge levels of adversaries and operators.

Secondly, we aim to design the NCS to minimize the risk of attacks (risk mitigation step). We explore three different strategies to minimize the risk: (a) controller/detector design, (b) security measure allocation, and (c) system architecture design. In the first strategy, we design the controller and detector gains to minimize the risk of attacks. Here, risk is characterized by the performance loss caused by stealthy attacks on the NCS. In the second strategy, we consider a distributed NCS where certain distributed devices can be secured from attacks by deploying secure sensors and actuators. Then, we aim to strategically determine the devices to secure and mitigate the risk of attacks effectively. Finally, inspired by digital watermarking, we explore the idea of introducing watermarks in NCS to detect attacks efficiently. Throughout the thesis, we provide various numerical examples to depict the efficacy of risk assessment and risk mitigation algorithms. We also provide numerous discussions and avenues for future research directions.

Place, publisher, year, edition, pages
Uppsala: Acta Universitatis Upsaliensis, 2024. p. 83
Series
Digital Comprehensive Summaries of Uppsala Dissertations from the Faculty of Science and Technology, ISSN 1651-6214 ; 2391
Keywords
Cyber-Security, Cyber-Attacks, Cyber-Physical Systems, Risk Management, Risk Metrics, Impact Metrics, Networked Control Systems, Privacy, Controller Design, Robust Control
National Category
Control Engineering
Research subject
Electrical Engineering with specialization in Automatic Control
Identifiers
urn:nbn:se:uu:diva-525726 (URN)978-91-513-2101-1 (ISBN)
Public defence
2024-05-30, Häggsalen, Ångströmslaboratoriet, Lägerhyddsvägen 1, Uppsala, 09:00 (English)
Opponent
Supervisors
Funder
Swedish Foundation for Strategic ResearchSwedish Research Council, 2018-04396
Available from: 2024-05-02 Created: 2024-04-07 Last updated: 2024-05-02

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Authority records

Coimbatore Anand, SribalajiTeixeira, André M. H.Ahlén, Anders

Search in DiVA

By author/editor
Coimbatore Anand, SribalajiTeixeira, André M. H.Ahlén, Anders
By organisation
Signals and SystemsDivision of Systems and ControlAutomatic control
Control Engineering

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 27 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf