Logo: to the web site of Uppsala University

uu.sePublikasjoner fra Uppsala universitet
Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Security Allocation in Networked Control Systems
Uppsala universitet, Teknisk-naturvetenskapliga vetenskapsområdet, Matematisk-datavetenskapliga sektionen, Institutionen för informationsteknologi, Avdelningen för systemteknik. Uppsala universitet, Teknisk-naturvetenskapliga vetenskapsområdet, Matematisk-datavetenskapliga sektionen, Institutionen för informationsteknologi, Reglerteknik.ORCID-id: 0000-0001-9316-233X
2023 (engelsk)Licentiatavhandling, med artikler (Annet vitenskapelig)
Abstract [en]

Sustained use of critical infrastructure, such as electrical power and water distribution networks, requires efficient management and control. Facilitated by the advancements in computational devices and non-proprietary communication technology, such as the Internet, the efficient operation of critical infrastructure relies on network decomposition into interconnected subsystems, thus forming networked control systems. However, the use of public and pervasive communication channels leaves these systems vulnerable to cyber attacks. Consequently, the critical infrastructure is put at risk of suffering operation disruption and even physical damage that would inflict financial costs as well as pose a hazard to human health. Therefore, security is crucial to the sustained efficient operation of critical infrastructure. This thesis develops a framework for evaluating and improving the security of networked control systems in the face of cyberattacks. The considered security problem involves two strategic agents, namely a malicious adversary and a defender, pursuing their specific and conflicting goals. The defender aims to efficiently allocate defense resources with the purpose of detecting malicious activities. Meanwhile, the malicious adversary simultaneously conducts cyber attacks and remains stealthy to the defender. We tackle the security problem by proposing a game-theoretic framework and characterizing its main components: the payoff function, the action space, and the available information for each agent. Especially, the payoff function is characterized based on the output-to-output gain security metric that fully explores the worst-case attack impact. Then, we investigate the properties of the game and how to efficiently compute its equilibrium. Given the combinatorial nature of the defender’s actions, one important challenge is to alleviate the computational burden. To overcome this challenge, the thesis contributes several system- and graph-theoretic conditions that enable the defender to shrink the action space, efficiently allocating the defense resources. The effectiveness of the proposed framework is validated through numerical examples. 

sted, utgiver, år, opplag, sider
Uppsala: Uppsala universitet, 2023. , s. 79
Serie
IT licentiate theses / Uppsala University, Department of Information Technology, ISSN 1404-5117 ; 2023-003
HSV kategori
Forskningsprogram
Elektroteknik med inriktning mot reglerteknik
Identifikatorer
URN: urn:nbn:se:uu:diva-518890OAI: oai:DiVA.org:uu-518890DiVA, id: diva2:1822818
Presentation
2023-10-13, Uppsala, 10:15 (engelsk)
Opponent
Veileder
Tilgjengelig fra: 2024-01-31 Laget: 2023-12-28 Sist oppdatert: 2024-01-31bibliografisk kontrollert
Delarbeid
1. A Single-Adversary-Single-Detector Zero-Sum Game in Networked Control Systems
Åpne denne publikasjonen i ny fane eller vindu >>A Single-Adversary-Single-Detector Zero-Sum Game in Networked Control Systems
2022 (engelsk)Inngår i: IFAC-PapersOnLine, E-ISSN 2405-8963, Vol. 55, nr 13, s. 49-54Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

This paper proposes a game-theoretic approach to address the problem of optimal sensor placement for detecting cyber-attacks in networked control systems. The problem is formulated as a zero-sum game with two players, namely a malicious adversary and a detector. Given a protected target vertex, the detector places a sensor at a single vertex to monitor the system and detect the presence of the adversary. On the other hand, the adversary selects a single vertex through which to conduct a cyber-attack that maximally disrupts the target vertex while remaining undetected by the detector. As our first contribution, for a given pair of attack and monitor vertices and a known target vertex, the game payoff function is defined as the output-to-output gain of the respective system. Then, the paper characterizes the set of feasible actions by the detector that ensures bounded values of the game payoff. Finally, an algebraic sufficient condition is proposed to examine whether a given vertex belongs to the set of feasible monitor vertices. The optimal sensor placement is then determined by computing the mixed-strategy Nash equilibrium of the zero-sum game through linear programming. The approach is illustrated via a numerical example of a 10-vertex networked control system with a given target vertex.

sted, utgiver, år, opplag, sider
Elsevier, 2022
Emneord
Cyber-physical security, networked control systems, game theory
HSV kategori
Identifikatorer
urn:nbn:se:uu:diva-485955 (URN)10.1016/j.ifacol.2022.07.234 (DOI)000852734000009 ()
Konferanse
9th IFAC Conference on Networked Systems (NECSYS), JUL 05-07, 2022, Zurich, Switzerland
Forskningsfinansiär
Swedish Research Council, 2018-04396Swedish Research Council, 2021-06316Swedish Foundation for Strategic Research
Tilgjengelig fra: 2022-09-30 Laget: 2022-09-30 Sist oppdatert: 2023-12-28bibliografisk kontrollert
2. A Zero-Sum Game Framework for Optimal Sensor Placement in Uncertain Networked Control Systems under Cyber-Attacks
Åpne denne publikasjonen i ny fane eller vindu >>A Zero-Sum Game Framework for Optimal Sensor Placement in Uncertain Networked Control Systems under Cyber-Attacks
2022 (engelsk)Inngår i: 2022 IEEE 61st Conference on Decision and Control (CDC), Institute of Electrical and Electronics Engineers (IEEE), 2022, , s. 8s. 6126-6133Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

This paper proposes a game-theoretic approach to address the problem of optimal sensor placement against an adversary in uncertain networked control systems. The problem is formulated as a zero-sum game with two players, namely a malicious adversary and a detector. Given a protected performance vertex, we consider a detector, with uncertain system knowledge, that selects another vertex on which to place a sensor and monitors its output with the aim of detecting the presence of the adversary. On the other hand, the adversary, also with uncertain system knowledge, chooses a single vertex and conducts a cyber-attack on its input. The purpose of the adversary is to drive the attack vertex as to maximally disrupt the protected performance vertex while remaining undetected by the detector. As our first contribution, the game payoff of the above-defined zero-sum game is formulated in terms of the Value-at-Risk of the adversary’s impact. However, this game payoff corresponds to an intractable optimization problem. To tackle the problem, we adopt the scenario approach to approximately compute the game payoff. Then, the optimal monitor selection is determined by analyzing the equilibrium of the zero-sum game. The proposed approach is illustrated via a numerical example of a 10-vertex networked control system.

sted, utgiver, år, opplag, sider
Institute of Electrical and Electronics Engineers (IEEE), 2022. s. 8
Serie
Proceedings of the IEEE Conference on Decision & Control, ISSN 0743-1546, E-ISSN 2576-2370
Emneord
Systems and Control (eess.SY), FOS: Electrical engineering, electronic engineering, information engineering
HSV kategori
Identifikatorer
urn:nbn:se:uu:diva-489467 (URN)10.1109/CDC51059.2022.9992468 (DOI)000948128105028 ()978-1-6654-6762-9 (ISBN)978-1-6654-6761-2 (ISBN)978-1-6654-6760-5 (ISBN)
Konferanse
2022 IEEE 61st Conference on Decision and Control (CDC), 6-9 December 2022, Cancun, Mexico
Forskningsfinansiär
Swedish Research Council, 2018-04396Swedish Research Council, 2021-06316Swedish Foundation for Strategic Research
Tilgjengelig fra: 2022-11-30 Laget: 2022-11-30 Sist oppdatert: 2023-12-28bibliografisk kontrollert
3. Optimal Detector Placement in Networked Control Systems under Cyber-attacks with Applications to Power Networks
Åpne denne publikasjonen i ny fane eller vindu >>Optimal Detector Placement in Networked Control Systems under Cyber-attacks with Applications to Power Networks
2023 (engelsk)Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

This paper proposes a game-theoretic method to address the problem of optimal detector placement in a networked control system under cyber-attacks. The networked control system is composed of interconnected agents where each agent is regulated by its local controller over unprotected communication, which leaves the system vulnerable to malicious cyber-attacks. To guarantee a given local performance, the defender optimally selects a single agent on which to place a detector at its local controller with the purpose of detecting cyber-attacks. On the other hand, an adversary optimally chooses a single agent on which to conduct a cyber-attack on its input with the aim of maximally worsening the local performance while remaining stealthy to the defender. First, we present a necessary and sufficient condition to ensure that the maximal attack impact on the local performance is bounded, which restricts the possible actions of the defender to a subset of available agents. Then, by considering the maximal attack impact on the local performance as a game payoff, we cast the problem of finding optimal actions of the defender and the adversary as a zero-sum game. Finally, with the possible action sets of the defender and the adversary, an algorithm is devoted to determining the Nash equilibria of the zero-sum game that yield the optimal detector placement. The proposed method is illustrated on an IEEE benchmark for power systems.

sted, utgiver, år, opplag, sider
Elsevier, 2023
HSV kategori
Identifikatorer
urn:nbn:se:uu:diva-518875 (URN)10.1016/j.ifacol.2023.10.1896 (DOI)
Konferanse
22nd IFAC World Congress: Yokohama, Japan, July 9-14, 2023
Tilgjengelig fra: 2023-12-27 Laget: 2023-12-27 Sist oppdatert: 2024-01-10bibliografisk kontrollert
4. Security Allocation in Networked Control Systems under Stealthy Attacks
Åpne denne publikasjonen i ny fane eller vindu >>Security Allocation in Networked Control Systems under Stealthy Attacks
(engelsk)Manuskript (preprint) (Annet vitenskapelig)
Abstract [en]

This paper considers the problem of security allocation in a networked control system under stealthy attacks in which the system is comprised of interconnected subsystems represented by vertices. A malicious adversary selects a single vertex on which to conduct a stealthy data injection attack to maximally disrupt the local performance while remaining undetected. On the other hand, a defender selects several vertices on which to allocate defense resources against the adversary. First, the objectives of the adversary and the defender with uncertain targets are formulated in probabilistic ways, resulting in an expected worst-case impact of stealthy attacks. Next, we provide a graph-theoretic necessary and sufficient condition under which the cost for the defender and the expected worst-case impact of stealthy attacks are bounded. This condition enables the defender to restrict the admissible actions to a subset of available vertex sets. Then, we cast the problem of security allocation in a Stackelberg game-theoretic framework. Finally, the contribution of this paper is highlighted by utilizing the proposed admissible actions of the defender in the context of large-scale networks. A numerical example of a 50-vertex networked control system is presented to validate the obtained results.

HSV kategori
Identifikatorer
urn:nbn:se:uu:diva-522013 (URN)
Tilgjengelig fra: 2024-01-31 Laget: 2024-01-31 Sist oppdatert: 2024-04-15bibliografisk kontrollert

Open Access i DiVA

fulltext(6047 kB)167 nedlastinger
Filinformasjon
Fil FULLTEXT01.pdfFilstørrelse 6047 kBChecksum SHA-512
b98b2f2f83766b1b8230094f781bd5c5a8a0e2351811cf3a1f5c07837c24aa4397c6508334553048aaddcedd3e0e8965e012cf81f36164d1fdd30fff6877a2dd
Type fulltextMimetype application/pdf

Person

Nguyen, Anh Tung

Søk i DiVA

Av forfatter/redaktør
Nguyen, Anh Tung
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 167 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

urn-nbn

Altmetric

urn-nbn
Totalt: 309 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf