uu.seUppsala University Publications
Change search
Refine search result
1 - 38 of 38
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1. Chockalingam, Sabarathinam
    et al.
    Hadziosmanovic, Dina
    Pieters, Wolter
    Teixeira, Andre
    van Gelder, Pieter
    Integrated Safety and Security Risk Assessment Methods: A Survey of Key Characteristics and Applications2017In: Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), Springer, Cham , 2017, p. 50-62Chapter in book (Other academic)
    Abstract [en]

    Over the last years, we have seen several security incidents that compromised system safety, of which some caused physical harm to people. Meanwhile, various risk assessment methods have been developed that integrate safety and security, and these could help to address the corresponding threats by implementing suitable risk treatment plans. However, an overarching overview of these methods, systematizing the characteristics of such methods, is missing. In this paper, we conduct a systematic literature review, and identify 7 integrated safety and security risk assessment methods. We analyze these methods based on 5 different criteria, and identify key characteristics and applications. A key outcome is the distinction between sequential and non-sequential integration of safety and security, related to the order in which safety and security risks are assessed. This study provides a basis for developing more effective integrated safety and security risk assessment methods in the future.

  • 2. Chockalingam, Sabarathinam
    et al.
    Pieters, Wolter
    Teixeira, André
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Khakzad, Nima
    Van Gelder, Pieter
    Combining Bayesian Networks and Fishbone Diagrams to Distinguish between Intentional Attacks and Accidental Technical Failures2018In: Proc. Graph. Model. Secur., 2018Conference paper (Refereed)
    Abstract [en]

    Because of modern societies’ dependence on industrial control systems, adequate response to system failures is essential. In order to take appropriate measures, it is crucial for operators to be able to distinguish between intentional attacks and accidental technical failures. However, adequate decision support for this matter is lacking. In this paper, we use Bayesian Networks (BNs) to distinguish between intentional attacks and accidental technical failures, based on contributory factors and observations (or test results). To facilitate knowledge elicitation, we use extended shbone diagrams for discussions with experts, and then translate those into the BN formalism. We demonstrate the methodology using an example in a case study from the water management domain. M4 - Citavi

  • 3. Chockalingam, Sabarathinam
    et al.
    Pieters, Wolter
    Teixeira, André
    van Gelder, Pieter
    Bayesian Network Models in Cyber Security: A Systematic Review2017In: Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), Springer, Cham , 2017, p. 105-122Chapter in book (Other academic)
    Abstract [en]

    © 2017, Springer International Publishing AG. Bayesian Networks (BNs) are an increasingly popular modelling technique in cyber security especially due to their capability to overcome data limitations. This is also exemplified by the growth of BN models development in cyber security. However, a comprehensive comparison and analysis of these models is missing. In this paper, we conduct a systematic review of the scientific literature and identify 17 standard BN models in cyber security. We analyse these models based on 8 different criteria and identify important patterns in the use of these models. A key outcome is that standard BNs are noticeably used for problems especially associated with malicious insiders. This study points out the core range of problems that were tackled using standard BN models in cyber security, and illuminates key research gaps.

  • 4.
    Chong, Michelle S.
    et al.
    KTH Royal Inst Technol, Div Decis & Control Syst, Stockholm, Sweden.
    Sandberg, Henrik
    KTH Royal Inst Technol, Div Decis & Control Syst, Stockholm, Sweden.
    Teixeira, André M.H.
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    A Tutorial Introduction to Security and Privacy for Cyber-Physical Systems2019In: 2019 18Th European Control Conference (ECC), IEEE, 2019, p. 968-978Conference paper (Refereed)
    Abstract [en]

    This tutorial provides a high-level introduction to novel control-theoretic approaches for the security and privacy of cyber-physical systems (CPS). It takes a risk-based approach to the problem and develops a model framework that allows us to introduce and relate many of the recent contributions to the area. In particular, we explore the concept of risk in the context of CPS under cyber-attacks, paying special attention to the characterization of attack scenarios and to the interpretation of impact and likelihood for CPS. The risk management framework is then used to give an overview of and map different contributions in the area to three core parts of the framework: attack scenario description, quantification of impact and likelihood, and mitigation strategies. The overview is by no means complete, but it illustrates the breadth of the problems considered and the control-theoretic solutions proposed so far.

  • 5. Farokhi, Farhad
    et al.
    Teixeira, Andre M. H.
    Langbort, Cedric
    Estimation With Strategic Sensors2017In: IEEE Transactions on Automatic Control, ISSN 0018-9286, E-ISSN 1558-2523, Vol. 62, no 2, p. 724-739Article in journal (Refereed)
    Abstract [en]

    © 1963-2012 IEEE. We introduce a model of estimation in the presence of strategic, self-interested sensors. We employ a game-Theoretic setup to model the interaction between the sensors and the receiver. The cost function of the receiver is equal to the estimation error variance while the cost function of the sensor contains an extra term which is determined by its private information. We start by the single sensor case in which the receiver has access to a noisy but honest side information in addition to the message transmitted by a strategic sensor. We study both static and dynamic estimation problems. For both these problems, we characterize a family of equilibria in which the sensor and the receiver employ simple strategies. Interestingly, for the dynamic estimation problem, we find an equilibrium for which the strategic sensor uses a memory-less policy. We generalize the static estimation setup to multiple sensors with synchronous communication structure (i.e., all the sensors transmit their messages simultaneously). We prove the maybe surprising fact that, for the constructed equilibrium in affine strategies, the estimation quality degrades as the number of sensors increases. However, if the sensors are herding (i.e., copying each other policies), the quality of the receiver’s estimation improves as the number of sensors increases. Finally, we consider the asynchronous communication structure (i.e., the sensors transmit their messages sequentially).

  • 6. Ferrari, Riccardo M.G.
    et al.
    Teixeira, André
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Detection and isolation of routing attacks through sensor watermarking2017In: 2017 Am. Control Conf., IEEE , 2017, p. 5436-5442Conference paper (Refereed)
    Abstract [en]

    In networked control systems, leveraging the peculiarities of the cyber-physical domains and their interactions may lead to novel detection and defense mechanisms against malicious cyber-attacks. In this paper, we propose a multiplicative sensor watermarking scheme, where each sensor's output is separately watermarked by a Single Input Single Output (SISO) filter. Hence, such scheme does not require communication between multiple sensors, but can still lead to detection and isolation of malicious cyber-attacks. In particular, we analyze the benefits of the proposed watermarking scheme for two attack scenarios: the physical sensor re-routing attack and the cyber measurement re-routing one. For each attack scenario, detectability and isolability properties are analyzed with and without the proposed watermarking scheme and we show how the watermarking scheme can be leveraged to detect cyber sensor routing attacks. In order to detect compromised sensors, we design an observer-based detector with a robust adaptive threshold. Additionally, we identify the sensors involved in the re-routing attacks by means of a tailored Recursive Least Squares parameter estimation algorithm. The results are illustrated through a numerical example.

  • 7. Ferrari, Riccardo M.G.
    et al.
    Teixeira, André M.H.
    Detection and Isolation of Replay Attacks through Sensor Watermarking2017In: IFAC-PapersOnLine, ISSN 2405-8963, Vol. 50, no 1, p. 7363-7368Article in journal (Refereed)
    Abstract [en]

    This paper addresses the detection and isolation of replay attacks on sensor measurements. As opposed to previously proposed additive watermarking, we propose a multiplicative watermarking scheme, where each sensor’s output is separately watermarked by being fed to a SISO watermark generator. Additionally, a set of equalizing filters is placed at the controller’s side, which reconstructs the original output signals from the received watermarked data. We show that the proposed scheme has several advantages over existing approaches: it has no detrimental effects on the closed-loop performance in the absence of attacks; it can be designed in a modular fashion, independently of the design of the controller and anomaly detector; it facilitates the detection of replay attacks and the isolation of the time at which the replayed data was recorded. These properties are discussed in detail and the results are illustrated through a numerical example.

  • 8. Fichtner, Laura
    et al.
    Pieters, Wolter
    Teixeira, André
    Cybersecurity as a Politikum2016In: Proc. 2016 New Secur. Paradig. Work. - NSPW, 2016, Vol. 26-29-Sept, p. 36-48Conference paper (Refereed)
    Abstract [en]

    © 2016 ACM. In the cybersecurity community it is common to think of security as a design feature for systems and infrastructures that may be difficult to balance with other requirements. What is less studied is how security requirements come about, for which reasons, and what their influence is on the actions the system facilitates. Security is for example often used as an argument for or against granting access rights that are of importance to stakeholders, such as in the discussion on counterterrorism and privacy. This paper argues that the ongoing politicization of security issues calls for a paradigm to study cybersecurity as a Politikum: a matter of political concern, embedded in existing and future infrastructures. We summarize literature which inspired this paper and explain the role of security arguments for infrastructure governance. Then we outline the new paradigm and its core concepts and contribution, including the notion of framing. Finally, we present discourse analysis and infrastructure ethnography as research methods and discuss cases in which discourses (may) shape infrastructures, in particular smart cities.

  • 9. Fjällström, Eva
    et al.
    Atta, Khalid
    Knorn, Steffi
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Sandin, Fredrik
    Sas, Gabriel
    Staffas, Kjell
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Teixeira, André
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Varagnolo, Damiano
    Creating a quantitative basis for course and program development in higher education - a report from field tests2019Conference paper (Refereed)
  • 10. Ghadimi, E.
    et al.
    Teixeira, A.
    Rabbat, M. G.
    Johansson, M.
    The ADMM algorithm for distributed averaging: Convergence rates and optimal parameter selection2015In: Asilomar Conf. Signals, Syst. Comput., 2015, Vol. 2015-AprilConference paper (Refereed)
    Abstract [en]

    © 2014 IEEE. We derive the optimal step-size and over-relaxation parameter that minimizes the convergence time of two ADMM-based algorithms for distributed averaging. Our study shows that the convergence times for given step-size and over-relaxation parameters depend on the spectral properties of the normalized Laplacian of the underlying communication graph. Motivated by this, we optimize the edge-weights of the communication graph to improve the convergence speed even further. The performance of the ADMM algorithms with our parameter selection are compared with alternatives from the literature in extensive numerical simulations on random graphs.

  • 11. Ghadimi, Euhanna
    et al.
    Teixeira, André
    Shames, Iman
    Johansson, Mikael
    Optimal parameter selection for the Alternating Direction Method of Multipliers (ADMM): Quadratic problems2015In: IEEE Transactions on Automatic Control, ISSN 0018-9286, E-ISSN 1558-2523, Vol. 60, no 3, p. 644-658Article in journal (Refereed)
    Abstract [en]

    The alternating direction method of multipliers (ADMM) has emerged as a powerful technique for large-scale structured optimization. Despite many recent results on the convergence properties of ADMM, a quantitative characterization of the impact of the algorithm parameters on the convergence times of the method is still lacking. In this paper we find the optimal algorithm parameters that minimize the convergence factor of the ADMM iterates in the context of l2-regularized minimization and constrained quadratic programming. Numerical examples show that our parameter selection rules significantly outperform existing alternatives in the literature.

  • 12.
    Knorn, Steffi
    et al.
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Teixeira, André
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Effects of jamming attacks on a control system with energy harvesting2019In: IEEE Control Systems Letters, Vol. 3, no 4, p. 829-834Article in journal (Refereed)
    Abstract [en]

    We consider the problem of control and remote state estimation with battery constraints and energy harvesting at the sensor (transmitter) under DoS/jamming attacks. We derive the optimal non-causal energy allocation policy that depends on current properties of the channel and on future energy usage. The performance of this policy is analyzed under jamming attacks on the wireless channel, in which the assumed and the true channel gains differ, and we show that the resulting control cost is not monotonic with respect to the assumed channel gain used in the transmission policy. Additionally, we show that, in case there exists a stabilizing policy, then the optimal causal policy ensures stability of the estimation process. The results were illustrated for non-causal and causal energy allocation policies under different jamming attacks.

  • 13.
    Knorn, Steffi
    et al.
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Teixeira, André
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Effects on Jamming attacks on a control system with energy harvesting2019Conference paper (Refereed)
  • 14. Ma, Mingxiao
    et al.
    Teixeira, André
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    van den Berg, Jan
    Palensky, Peter
    Voltage Control in Distributed Generation under Measurement Falsification Attacks2017In: IFAC-PapersOnLine, ISSN 2405-8963, Vol. 50, no 1, p. 8379-8384Article in journal (Refereed)
    Abstract [en]

    Low-voltage distribution grids experience a rising penetration of inverter-based, distributed generation. In order to not only contribute to but also solve voltage problems, these inverters are increasingly asked to participate in intelligent grid controls. Communicating inverters implement distributed voltage droop controls. The impact of cyber-attacks to the stability of such distributed grid controls is poorly researched and therefore addressed in this article. We characterize the potential impact of several attack scenarios by employing the positivity and diagonal dominance properties. In particular, we discuss measurement falsification scenarios where the attacker corrupts voltage measurement data received by the voltage droop controllers. Analytical, control-theoretic methods for assessing the impact on system stability and voltage magnitude are presented and validated via simulation.

  • 15. Miloševiç, Jezdimir
    et al.
    Teixeira, André
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Tanaka, Takashi
    Johansson, Karl H.
    Sandberg, Henrik
    Security Measure Allocation for Industrial Control Systems: Exploiting Systematic Search Techniques and Submodularity2018In: International Journal of Robust and Nonlinear Control, ISSN 1049-8923, E-ISSN 1099-1239Article in journal (Refereed)
    Abstract [en]

    To protect industrial control systems from cyberattacks, multiple layers of security measures need to be allocated to prevent critical security vulnerabilities. However, both finding the critical vulnerabilities and then allocating security measures in a cost‐efficient way become challenging when the number of vulnerabilities and measures is large. This paper proposes a framework that can be used once this is the case. In our framework, the attacker exploits security vulnerabilities to gain control over some of the sensors and actuators. The critical vulnerabilities are those that are not complex to exploit and can lead to a large impact on the physical world through the compromised sensors and actuators. To find these vulnerabilities efficiently, we propose an algorithm that uses the nondecreasing properties of the impact and complexity functions and properties of the security measure allocation problem to speed up the search. Once the critical vulnerabilities are located, the security measure allocation problem reduces to an integer linear program. Since integer linear programs are NP‐hard in general, we reformulate this problem as a problem of minimizing a linear set function subject to a submodular constraint. A polynomial time greedy algorithm can then be applied to obtain a solution with guaranteed approximation bound. The applicability of our framework is demonstrated on a control system used for regulation of temperature within a building.

  • 16. Pan, Kaikai
    et al.
    Teixeira, Andre
    Cvetkovic, Milos
    Palensky, Peter
    Data attacks on power system state estimation: Limited adversarial knowledge vs. limited attack resources2017In: IECON 2017 - 43rd Annu. Conf. IEEE Ind. Electron. Soc., IEEE , 2017, p. 4313-4318Conference paper (Refereed)
    Abstract [en]

    © 2017 IEEE. It has shown that with perfect knowledge of the system model and the capability to manipulate a certain number of measurements, the false data injection (FDI) attacks, as a class of data integrity attacks, can coordinate measurements corruption to keep stealth against the bad data detection schemes. However, a more realistic attack is essentially an attack with limited adversarial knowledge of the system model and limited attack resources due to various reasons. In this paper, we generalize the data attacks that they can be pure FDI attacks or combined with availability attacks (e.g., DoS attacks) and analyze the attacks with limited adversarial knowledge or limited attack resources. The attack impact is evaluated by the proposed metrics and the detection probability of attacks is calculated using the distribution property of data with or without attacks. The analysis is supported with results from a power system use case. The results show how important the knowledge is to the attacker and which measurements are more vulnerable to attacks with limited resources.

  • 17. Pan, Kaikai
    et al.
    Teixeira, Andre M.H.
    Cvetkovic, Milos
    Palensky, Peter
    Combined data integrity and availability attacks on state estimation in cyber-physical power grids2016In: 2016 IEEE Int. Conf. Smart Grid Commun., IEEE , 2016, p. 271-277Conference paper (Refereed)
    Abstract [en]

    © 2016 IEEE. This paper introduces combined data integrity and availability attacks to expand the attack scenarios against power system state estimation. The goal of the adversary, who uses the combined attack, is to perturb the state estimates while remaining hidden from the observer. We propose security metrics that quantify vulnerability of power grids to combined data attacks under single and multi-path routing communication models. In order to evaluate the proposed security metrics, we formulate them as mixed integer linear programming (MILP) problems. The relation between the security metrics of combined data attacks and pure data integrity attacks is analyzed, based on which we show that, when data availability and data integrity attacks have the same cost, the two metrics coincide. When data availability attacks have a lower cost than data integrity attacks, we show that a combined data attack could be executed with less attack resources compared to pure data integrity attacks. Furthermore, it is shown that combined data attacks would bypass integrity-focused mitigation schemes. These conclusions are supported by the results obtained on a power system model with and without a communication model with single or multi-path routing.

  • 18. Pan, Kaikai
    et al.
    Teixeira, André
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Cvetkovic, Milos
    Palensky, Peter
    Cyber Risk Analysis of Combined Data Attacks Against Power System State Estimation2019In: IEEE Transactions on Smart Grid, ISSN 1949-3053, E-ISSN 1949-3061, Vol. 10, no 3, p. 3044-3056Article in journal (Refereed)
    Abstract [en]

    Understanding smart grid cyber attacks is key for developing appropriate protection and recovery measures. Advanced attacks pursue maximized impact at minimized costs and detectability. This paper conducts risk analysis of combined data integrity and availability attacks against the power system state estimation. We compare the combined attacks with pure integrity attacks-false data injection (FDI) attacks. A security index for vulnerability assessment to these two kinds of attacks is proposed and formulated as a mixed integer linear programming problem. We show that such combined attacks can succeed with fewer resources than FDI attacks. The combined attacks with limited knowledge of the system model also expose advantages in keeping stealth against the bad data detection. Finally, the risk of combined attacks to reliable system operation is evaluated using the results from vulnerability assessment and attack impact analysis. The findings in this paper are validated and supported by a detailed case study.

  • 19. Pan, Kaikai
    et al.
    Teixeira, André
    López, Claudio
    Palensky, Peter
    Co-simulation for Cyber Security Analysis: Data Attacks against Energy Management System2017In: 2017 IEEE Int. Conf. Smart Grid Commun., 2017, p. 253-258Conference paper (Refereed)
    Abstract [en]

    It is challenging to assess the vulnerability of a cyber-physical power system to data attacks from an integral perspective. In order to support vulnerability assessment except analytic analysis, suitable platform for security tests needs to be developed. In this paper we analyze the cyber security of energy management system (EMS) against data attacks. First we extend our analytic framework that characterizes data attacks as optimization problems with the objectives specified as security metrics and constraints corresponding to the communication network properties. Second, we build a platform in the form of co-simulation - coupling the power system simulator DIgSILENT PowerFactory with communication network simulator OMNeT++, and Matlab for EMS applications (state estimation, optimal power flow). Then the framework is used to conduct attack simulations on the co-simulation based platform for a power grid test case. The results indicate how vulnerable of EMS to data attacks and how co-simulation can help assess vulnerability.

  • 20. Paridari, K.
    et al.
    Mady, A. E. -D
    La Porta, S.
    Chabukswar, R.
    Blanco, J.
    Teixeira, A.
    Sandberg, H.
    Boubekeur, M.
    Cyber-Physical-Security Framework for Building Energy Management System2016In: 2016 ACM/IEEE 7th Int. Conf. Cyber-Physical Syst. ICCPS 2016, 2016Conference paper (Refereed)
    Abstract [en]

    © 2016 IEEE. Energy management systems (EMS) are used to control energy usage in buildings and campuses, by employing technologies such as supervisory control and data acquisition (SCADA) and building management systems (BMS), in order to provide reliable energy supply and maximise user comfort while minimising energy usage. Historically, EMS systems were installed when potential security threats were only physical. Nowadays, EMS systems are connected to the building network and as a result directly to the outside world. This extends the attack surface to potential sophisticated cyber-attacks, which adversely impact EMS operation, resulting in service interruption and downstream financial implications. Currently, the security systems that detect attacks operate independently to those which deploy resiliency policies and use very basic methods. We propose a novel EMS cyber-physical-security framework that executes a resilient policy whenever an attack is detected using security analytics. In this framework, both the resilient policy and the security analytics are driven by EMS data, where the physical correlations between the data-points are identified to detect outliers and then the control loop is closed using an estimated value in place of the outlier. The framework has been tested using a reduced order model of a real EMS site.

  • 21. Rostampour, Vahab
    et al.
    Ferrari, Riccardo
    Teixeira, André M.H.
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Keviczky, Tamás
    Differentially-Private Distributed Fault Diagnosis for Large-Scale Nonlinear Uncertain Systems2018In: IFAC-PapersOnLine, ISSN 2405-8963, Vol. 51, no 24, p. 975-982Article in journal (Refereed)
    Abstract [en]

    Distributed fault diagnosis has been proposed as an effective technique for monitoring large scale, nonlinear and uncertain systems. It is based on the decomposition of the large scale system into a number of interconnected subsystems, each one monitored by a dedicated Local Fault Detector (LFD). Neighboring LFDs, in order to successfully account for subsystems interconnection, are thus required to communicate with each other some of the measurements from their subsystems. Anyway, such communication may expose private information of a given subsystem, such as its local input. To avoid this problem, we propose here to use differential privacy to pre-process data before transmission.

  • 22. Sandberg, Henrik
    et al.
    Teixeira, Andre M.H.
    From control system security indices to attack identifiability2016In: 2016 Sci. Secur. Cyber-Physical Syst. Work., IEEE , 2016, p. 1-6Conference paper (Refereed)
    Abstract [en]

    © 2016 IEEE. In this paper, we investigate detectability and identifiability of attacks on linear dynamical systems that are subjected to external disturbances. We generalize a concept for a security index, which was previously introduced for static systems. The index exactly quantifies the resources necessary for targeted attacks to be undetectable and unidentifiable in the presence of disturbances. This information is useful for both risk assessment and for the design of anomaly detectors. Finally, we show how techniques from the fault detection literature can be used to decouple disturbances and to identify attacks, under certain sparsity constraints.

  • 23. Teixeira, A
    et al.
    Dán, G
    Sandberg, H
    Berthier, R
    Bobba, R B
    Valdes, A
    Security of smart distribution grids: Data integrity attacks on integrated volt/VAR control and countermeasures2014In: Am. Control Conf., 2014, p. 4372-4378Conference paper (Refereed)
  • 24. Teixeira, A
    et al.
    Sou, K
    Sandberg, H
    Johansson, K
    Secure Control Systems: A Quantitative Risk Management Approach2015In: IEEE Control Syst. Mag., Vol. 35, no 1, p. 24-45Article in journal (Refereed)
  • 25. Teixeira, Andre
    et al.
    Ghadimi, Euhanna
    Shames, Iman
    Sandberg, Henrik
    Johansson, Mikael
    The ADMM Algorithm for Distributed Quadratic Problems: Parameter Selection and Constraint Preconditioning2016In: IEEE Transactions on Signal Processing, ISSN 1053-587X, E-ISSN 1941-0476, Vol. 64, no 2, p. 290-305Article in journal (Refereed)
    Abstract [en]

    © 2015 IEEE. This paper presents optimal parameter selection and preconditioning of the alternating direction method of multipliers (ADMM) algorithm for a class of distributed quadratic problems, which can be formulated as equality-constrained quadratic programming problems. The parameter selection focuses on the ADMM step-size and relaxation parameter, while the preconditioning corresponds to selecting the edge weights of the underlying communication graph. We optimize these parameters to yield the smallest convergence factor of the iterates. Explicit expressions are derived for the step-size and relaxation parameter, as well as for the corresponding convergence factor. Numerical simulations justify our results and highlight the benefits of optimal parameter selection and preconditioning for the ADMM algorithm.

  • 26. Teixeira, Andre M. H.
    et al.
    Araujo, Jose
    Sandberg, Henrik
    Johansson, K.H. Karl H.
    Distributed sensor and actuator reconfiguration for fault-tolerant networked control systems2017In: IEEE Transactions on Control of Networked Systems, p. 1-1Article in journal (Refereed)
    Abstract [en]

    IEEE In this paper, we address the problem of distributed reconfiguration of networked control systems upon the removal of misbehaving sensors and actuators. In particular, we consider systems with redundant sensors and actuators cooperating to recover from faults. Reconfiguration is performed while minimizing a steady-state estimation error covariance and a quadratic control cost. A model-matching condition is imposed on the reconfiguration scheme. It is shown that the reconfiguration and its underlying computation can be distributed. Using an average dwell-time approach, the stability of the distributed reconfiguration scheme under finite-time termination is analyzed. The approach is illustrated in a numerical example.

  • 27. Teixeira, Andre
    et al.
    Paridari, Kaveh
    Sandberg, Henrik
    Johansson, K.H. Karl H.
    Voltage control for interconnected microgrids under adversarial actions2015In: 2015 IEEE 20th Conf. Emerg. Technol. Fact. Autom., IEEE , 2015, p. 1-8Conference paper (Refereed)
    Abstract [en]

    © 2015 IEEE. In this paper, we study the impact of adversarial actions on voltage control schemes in interconnected microgrids. Each microgrid is abstracted as a power inverter that can be controlled to regulate its voltage magnitude and phase-angle independently. Moreover, each power inverter is modeled as a single integrator, whose input is given by a voltage droop-control policy that is computed based on voltage magnitude and reactive power injection measurements. Under mild assumptions, we then establish important properties of the nominal linearized closed-loop system, such as stability, positivity, and diagonal dominance. These properties play an important role when characterizing the potential impact of different attack scenarios. In particular, we discuss two attack scenarios where the adversary corrupts measurement data and reference signals received by the voltage droop controllers. The potential impact of instances of each scenario is analyzed using control-theoretic tools, which may be used to develop methodologies for identifying high-risk attack scenarios, as is illustrated by numerical examples.

  • 28. Teixeira, Andre
    et al.
    Sandberg, Henrik
    Johansson, Karl H.
    Strategic stealthy attacks: The output-to-output l2-gain2015In: Proc. IEEE Conf. Decis. Control, 2015, Vol. 54rd IEEE, p. 2582-2587Conference paper (Refereed)
    Abstract [en]

    © 2015 IEEE.In this paper, we characterize and analyze the set of strategic stealthy false-data injection attacks on discrete-time linear systems. In particular, the threat scenarios tackled in the paper consider adversaries that aim at deteriorating the system’s performance by maximizing the corresponding quadratic cost function, while remaining stealthy with respect to anomaly detectors. As opposed to other work in the literature, the effect of the adversary’s actions on the anomaly detector’s output is not constrained to be zero at all times. Moreover, scenarios where the adversary has uncertain model knowledge are also addressed. The set of strategic attack policies is formulated as a non-convex constrained optimization problem, leading to a sensitivity metric denoted as the output-to-output ℓ2-gain. Using the framework of dissipative systems, the output-to-output gain is computed through an equivalent convex optimization problem. Additionally, we derive necessary and sufficient conditions for the output-to-output gain to be unbounded, with and without model uncertainties, which are tightly related to the invariant zeros of the system.

  • 29.
    Teixeira, André
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Invited plenary talk2019Conference paper (Other academic)
  • 30.
    Teixeira, André
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Optimal stealthy attacks on actuators for strictly proper systems2019Conference paper (Refereed)
  • 31.
    Teixeira, André
    et al.
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Ferrari, Riccardo M. G.
    Delft Tech Univ, Delft Ctr Syst & Controls, Delft, Netherlands.
    Detection of Sensor Data Injection Attacks with Multiplicative Watermarking2018In: 2018 European Control Conference (ECC), IEEE, 2018, p. 345-350Conference paper (Refereed)
    Abstract [en]

    In this paper, the problem of detecting stealthy false-data injection attacks on the measurements is considered. We propose a multiplicative watermarking scheme, where each sensor's output is individually fed to a SISO watermark generator whose parameters are supposed to be unknown to the adversary. Under such a scenario, the detectability properties of the attack are analyzed and guidelines for designing the watermarking filters are derived. Fundamental limitations to the case of single-output systems are also uncovered, for which an alternative approach is proposed. The results are illustrated through numerical examples.

  • 32. Teixeira, André
    et al.
    Kupzog, Friederich
    Sandberg, Henrik
    Johansson, Karl H.
    Cyber-Secure and Resilient Architectures for Industrial Control Systems2015In: Smart Grid Security Innovative Solutions for a Modernized Grid / [ed] Skopik, Florian; Smith, Paul, Elsevier Science Publishing Co Inc , 2015, p. 149-183Chapter in book (Other academic)
    Abstract [en]

    In this chapter, we survey cyber security solutions for control and monitoring systems that are used to manage the Smart Grid. We start with a short review of the history and use of Industrial Control Systems (ICSs) and Supervisory Control and Data Acquisition (SCADA) systems, and how cyber security in control systems has recently become a major concern, in the wake of the Stuxnet and other recently discovered malware. We follow up with surveying information technology and control-centric security tools that can be used to improve the resilience of industrial control systems. Feedback control loops are core components in the Smart Grid, as they enable the maximal utilization of the physical infrastructure and its resources. As the number of control loops in the Smart Grid increases, the cyber security challenges faced by ICSs become increasingly important within the Smart Grid’s context. To highlight such novel challenges, we give an overview of the envisioned control loops in future Smart Grids, and discuss the potential impact of cyber threats targeting critical Smart Grid functionalities. As a case study, false-data injection attacks on power transmission networks are considered. The level of resilience to such attacks is assessed through a control-centric risk assessment methodology, which is also used for allocating the deployment of more modern and secure equipment. The chapter ends with a discussion of future research challenges in the area.

  • 33.
    Teixeira, André M.H.
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Data Injection Attacks against Feedforward Controllers2019In: 2019 18Th European Control Conference (ECC), IEEE, 2019, p. 2233-2239Conference paper (Refereed)
    Abstract [en]

    This paper studies data injection attacks on disturbance measurements, which are forwarded to a feedforward controller. Fundamental limitations to the detectability of such attacks are examined, from which a class of stealthy attacks are characterized in terms of the zero dynamics of the plant and disturbance models. The impact of such attacks to the plant output and state estimates is also examined, in both cases of perfect and imperfect disturbance rejection by the feedforward controller. The analysis shows that, under perfect rejection, the impact of stealthy attacks on the plant output is exponentially decaying, while an exponentially increasing bias is induced on the state estimation error. The results are illustrated through numerical examples.

  • 34. Teixeira, André
    et al.
    Shames, Iman
    Sandberg, Henrik
    Johansson, Karl Henrik
    A secure control framework for resource-limited adversaries2015In: Automatica, ISSN 0005-1098, E-ISSN 1873-2836, Vol. 51, no 1, p. 135-148Article in journal (Refereed)
    Abstract [en]

    Cyber-secure networked control is modeled, analyzed, and experimentally illustrated in this paper. An attack space defined by the adversary’s model knowledge, disclosure, and disruption resources is introduced. Adversaries constrained by these resources are modeled for a networked control system architecture. It is shown that attack scenarios corresponding to denial-of-service, replay, zero-dynamics, and bias injection attacks on linear time-invariant systems can be analyzed using this framework. Furthermore, the attack policy for each scenario is described and the attack’s impact is characterized using the concept of safe sets. An experimental setup based on a quadruple-tank process controlled over a wireless network is used to illustrate the attack scenarios, their consequences, and potential counter-measures.

  • 35. Umsonst, D
    et al.
    Nekouei, E
    Teixeira, André
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Sandberg, H
    On the confidentiality of linear anomaly detector states2019Conference paper (Refereed)
  • 36.
    Voigt, Thiemo
    et al.
    Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computer Architecture and Computer Communication.
    Augustine, Robin
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Solid State Electronics.
    Asan, Noor Badariah
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Solid State Electronics.
    Perez, Mauricio D.
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Solid State Electronics.
    Ahlén, Anders
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Teixeira, André
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Hylamia, Sam
    Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computer Architecture and Computer Communication.
    Rohner, Christian
    Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computer Architecture and Computer Communication.
    Yan, Wenqing
    Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computer Architecture and Computer Communication.
    Joseph, Laya
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Solid State Electronics.
    Mani, Maria
    Uppsala University, Disciplinary Domain of Medicine and Pharmacy, Faculty of Medicine, Department of Surgical Sciences, Plastic Surgery.
    LifeSec - Don’t Hack my Body2019Conference paper (Refereed)
  • 37.
    Voigt, Thiemo
    et al.
    Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computer Architecture and Computer Communication. Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computer Systems.
    Augustine, Robin
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Solid State Electronics.
    Asan, Noor Badariah
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Solid State Electronics.
    Perez, Mauricio D.
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Solid State Electronics.
    Ahlén, Anders
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Teixeira, André
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Signals and Systems Group.
    Hylamia, Sam
    Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computer Architecture and Computer Communication.
    Rohner, Christian
    Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computer Architecture and Computer Communication. Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computer Systems.
    Yan, Wenqing
    Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computer Architecture and Computer Communication. Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computer Systems.
    Joseph, Laya
    Uppsala University, Disciplinary Domain of Science and Technology, Technology, Department of Engineering Sciences, Solid State Electronics.
    Mani, Maria
    Uppsala University, Disciplinary Domain of Medicine and Pharmacy, Faculty of Medicine, Department of Surgical Sciences, Plastic Surgery.
    Tumor Sensing Privacy in In-Body Networks2019Conference paper (Refereed)
  • 38. Wang, Yuxin
    et al.
    Teixeira, André A.H.
    Tian, Yifu
    Hulstijn, Joris
    Tan, Yao-Hua Y.-H.
    Fault Detection and Diagnosis for Compliance Monitoring in International Supply Chains2016In: 22nd Am. Conf. Inf. Syst., 2016Conference paper (Refereed)
    Abstract [en]

    Currently international supply chains are facing risks concerning faults in compliance, such as altering shipping documentations, fictitious inventory, and inter-company manipulations. In this paper a method to detect and diagnose fault scenarios regarding customs compliance in supply chains is proposed. This method forms part of a general approach called model-based auditing, which is based on a normative meta-model of the movement of money and goods or services. The modeling framework is proposed on compliance monitoring of supply chains with focus on information systems and compliance reporting tools. The innovation lies in the application and mapping of modeling techniques from dynamical systems engineering to business process analysis for audit and supervision purposes. Specifically, the application domain is where money, goods as well as information are transferred between international supply chain partners. A case study of a leading company in electronics manufacturing applying the model is analyzed.

1 - 38 of 38
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf