To improve the estimation accuracy of state of charge(SOC)and state of health(SOH)for lithium-ion batteries,in this paper,a joint estimation method of SOC and SOH at charging cut-off voltage based on genetic algorithm...To improve the estimation accuracy of state of charge(SOC)and state of health(SOH)for lithium-ion batteries,in this paper,a joint estimation method of SOC and SOH at charging cut-off voltage based on genetic algorithm(GA)combined with back propagation(BP)neural network is proposed,the research addresses the issue of data manipulation resulting fromcyber-attacks.Firstly,anomalous data stemming fromcyber-attacks are identified and eliminated using the isolated forest algorithm,followed by data restoration.Secondly,the incremental capacity(IC)curve is derived fromthe restored data using theKalman filtering algorithm,with the peak of the ICcurve(ICP)and its corresponding voltage serving as the health factor(HF).Thirdly,the GA-BP neural network is applied to map the relationship between HF,constant current charging time,and SOH,facilitating the estimation of SOH based on HF.Finally,SOC estimation at the charging cut-off voltage is calculated by inputting the SOH estimation value into the trained model to determine the constant current charging time,and by updating the maximum available capacity.Experiments show that the root mean squared error of the joint estimation results does not exceed 1%,which proves that the proposed method can estimate the SOC and SOH accurately and stably even in the presence of false data injection attacks.展开更多
We propose a new approach to discuss the consensus problem of multi-agent systems with time-varying delayed control inputs, switching topologies, and stochastic cyber-attacks under hybrid-triggered mechanism.A Bernoul...We propose a new approach to discuss the consensus problem of multi-agent systems with time-varying delayed control inputs, switching topologies, and stochastic cyber-attacks under hybrid-triggered mechanism.A Bernoulli variable is used to describe the hybrid-triggered scheme, which is introduced to alleviate the burden of the network.The mathematical model of the closed-loop control system is established by taking the influences of time-varying delayed control inputs,switching topologies, and stochastic cyber-attacks into account under the hybrid-triggered scheme.A theorem as the main result is given to make the system consistent based on the theory of Lyapunov stability and linear matrix inequality.Markov jumps with uncertain rates of transitions are applied to describe the switch of topologies.Finally, a simulation example demonstrates the feasibility of the theory in this paper.展开更多
In this paper, we investigate the group consensus for leaderless multi-agent systems. The group consensus protocol based on the position information from neighboring agents is designed. The network may be subjected to...In this paper, we investigate the group consensus for leaderless multi-agent systems. The group consensus protocol based on the position information from neighboring agents is designed. The network may be subjected to frequent cyberattacks, which is close to an actual case. The cyber-attacks are assumed to be recoverable. By utilizing algebraic graph theory, linear matrix inequality(LMI) and Lyapunov stability theory, the multi-agent systems can achieve group consensus under the proposed control protocol. The sufficient conditions of the group consensus for the multi-agent networks subjected to cyber-attacks are given. Furthermore, the results are extended to the consensus issue of multiple subgroups with cyber-attacks. Numerical simulations are performed to demonstrate the effectiveness of the theoretical results.展开更多
This paper examines the stabilization problem of a distributed networked control system under the effect of cyberattacks by employing a hybrid aperiodic triggering mechanism.The cyber-attack considered in the paper is...This paper examines the stabilization problem of a distributed networked control system under the effect of cyberattacks by employing a hybrid aperiodic triggering mechanism.The cyber-attack considered in the paper is a stochastic deception attack at the sensor-controller end. The probability of the occurrence of attack on a subsystem is represented using a random variable. A decentralized hybrid sampled-data strategy is introduced to save energy consumption and reduce the transmission load of the network. In the proposed decentralized strategy, each subsystem can decide independently whether its state should be transmitted to the controller or not. The scheme of the hybrid triggering mechanism for each subsystem composed of two stages: In the first stage, the next sampling instant is computed using a self-triggering strategy. Subsequently, in the second stage, an event-triggering condition is checked at these sampling instants and the control signal is computed only if the event-triggering condition is violated. The self-triggering condition used in the first stage is dependent on the selection of eventtriggering condition of the second stage. Finally, a comparison of the proposed approach with other triggering mechanisms existing in the literature is presented in terms of the sampling instants,transmission frequency and performance measures through simulation examples.展开更多
This paper presents the attack tree modeling technique of quantifying cyber-attacks on a hypothetical school network system. Attack trees are constructed by decomposing the path in the network system where attacks are...This paper presents the attack tree modeling technique of quantifying cyber-attacks on a hypothetical school network system. Attack trees are constructed by decomposing the path in the network system where attacks are plausible. Considered for the network system are two possible network attack paths. One network path represents an attack through the Internet, and the other represents an attack through the Wireless Access Points (WAPs) in the school network. The probabilities of success of the events, that is, 1) the attack payoff, and 2) the commitment of the attacker to infiltrate the network are estimated for the leaf nodes. These are used to calculate the Returns on Attacks (ROAs) at the Root Nodes. For Phase I, the “As Is” network, the ROA values for both attack paths, are higher than 7 (8.00 and 9.35 respectively), which are high values and unacceptable operationally. In Phase II, countermeasures are implemented, and the two attack trees reevaluated. The probabilities of success of the events, the attack payoff and the commitment of the attacker are then re-estimated. Also, the Returns on Attacks (ROAs) for the Root Nodes are re-assessed after executing the countermeasures. For one attack tree, the ROA value of the Root Node was reduced to 4.83 from 8.0, while, for the other attack tree, the ROA value of the Root Node changed to 3.30 from 9.35. ROA values of 4.83 and 3.30 are acceptable as they fall within the medium value range. The efficacy of this method whereby, attack trees are deployed to mitigate computer network risks, as well as using it to assess the vulnerability of computer networks is quantitatively substantiated.展开更多
Detecting cyber-attacks undoubtedly has become a big data problem. This paper presents a tutorial on data mining based cyber-attack detection. First,a data driven defence framework is presented in terms of cyber secur...Detecting cyber-attacks undoubtedly has become a big data problem. This paper presents a tutorial on data mining based cyber-attack detection. First,a data driven defence framework is presented in terms of cyber security situational awareness. Then, the process of data mining based cyber-attack detection is discussed. Next,a multi-loop learning architecture is presented for data mining based cyber-attack detection. Finally,common data mining techniques for cyber-attack detection are discussed.展开更多
The United States of America faces an increasing number of threats to its critical infrastructure due to cyber-attacks. With the constant advancement of technology and the interconnectedness of various systems, the vu...The United States of America faces an increasing number of threats to its critical infrastructure due to cyber-attacks. With the constant advancement of technology and the interconnectedness of various systems, the vulnerabilities in the nation’s infrastructure have become more pronounced. Cyber-attacks on critical infrastructure, such as power grids, transportation networks, and financial systems, pose a significant risk to national security and public safety. These attacks can disrupt essential services, cause economic losses, and potentially have severe consequences for the well-being of individuals and communities. The rise of cyber-terrorism is also a concern. Cyber-terrorists can exploit vulnerabilities in cyberspace to compromise infrastructure systems, causing chaos and panic among the population. The potential for destructive attacks on critical infrastructure is a pressing issue requiring constant attention and proactive measures.展开更多
In this paper, we study stealthy cyber-attacks on actuators of cyber-physical systems(CPS), namely zero dynamics and controllable attacks. In particular, under certain assumptions, we investigate and propose condition...In this paper, we study stealthy cyber-attacks on actuators of cyber-physical systems(CPS), namely zero dynamics and controllable attacks. In particular, under certain assumptions, we investigate and propose conditions under which one can execute zero dynamics and controllable attacks in the CPS. The above conditions are derived based on the Markov parameters of the CPS and elements of the system observability matrix. Consequently, in addition to outlining the number of required actuators to be attacked, these conditions provide one with the minimum system knowledge needed to perform zero dynamics and controllable cyber-attacks. As a countermeasure against the above stealthy cyber-attacks, we develop a dynamic coding scheme that increases the minimum number of the CPS required actuators to carry out zero dynamics and controllable cyber-attacks to its maximum possible value. It is shown that if at least one secure input channel exists, the proposed dynamic coding scheme can prevent adversaries from executing the zero dynamics and controllable attacks even if they have complete knowledge of the coding system. Finally, two illustrative numerical case studies are provided to demonstrate the effectiveness and capabilities of our derived conditions and proposed methodologies.展开更多
Cyber-attacks that tamper with measurement information threaten the security of state estimation for the current distribution system.This paper proposes a cyber-attack detection strategy based on distribution system s...Cyber-attacks that tamper with measurement information threaten the security of state estimation for the current distribution system.This paper proposes a cyber-attack detection strategy based on distribution system state estimation(DSSE).The uncertainty of the distribution network is represented by the interval of each state variable.A three-phase interval DSSE model is proposed to construct the interval of each state variable.An improved iterative algorithm(IIA)is developed to solve the interval DSSE model and to obtain the lower and upper bounds of the interval.A cyber-attack is detected when the value of the state variable estimated by the traditional DSSE is out of the corresponding interval determined by the interval DSSE.To validate the proposed cyber-attack detection strategy,the basic principle of the cyber-attack is studied,and its general model is formulated.The proposed cyber-attack model and detection strategy are conducted on the IEEE 33-bus and 123-bus systems.Comparative experiments of the proposed IIA,Monte Carlo simulation algorithm,and interval Gauss elimination algorithm prove the validation of the proposed method.展开更多
Due to the tight coupling between the cyber and physical sides of a cyber-physical power system(CPPS),the safe and reliable operation of CPPSs is being increasingly impacted by cyber security.This situation poses a ch...Due to the tight coupling between the cyber and physical sides of a cyber-physical power system(CPPS),the safe and reliable operation of CPPSs is being increasingly impacted by cyber security.This situation poses a challenge to traditional security defense systems,which considers the threat from only one side,i.e.,cyber or physical.To cope with cyberattacks,this paper reaches beyond the traditional one-side security defense systems and proposes the concept of cyber-physical coordinated situation awareness and active defense to improve the ability of CPPSs.An example of a regional frequency control system is used to show the validness and potential of this concept.Then,the research framework is presented for studying and implementing this concept.Finally,key technologies for cyber-physical coordinated situation awareness and active defense against cyber-attacks are introduced.展开更多
Communication plays a vital role in incorporating smartness into the interconnected power system.However,historical records prove that the data transfer has always been vulnerable to cyber-attacks.Unless these cyber-a...Communication plays a vital role in incorporating smartness into the interconnected power system.However,historical records prove that the data transfer has always been vulnerable to cyber-attacks.Unless these cyber-attacks are identified and cordoned off,they may lead to black-out and result in national security issues.This paper proposes an optimal two-stage Kalman filter(OTS-KF)for simultaneous state and cyber-attack estimation in automatic generation control(AGC)system.Biases/cyber-attacks are modeled as unknown inputs in the AGC dynamics.Five types of cyber-attacks,i.e.,false data injection(FDI),data replay attack,denial of service(DoS),scaling,and ramp attacks,are injected into the measurements and estimated using OTS-KF.As the load variations of each area are seldom available,OTS-KF is reformulated to estimate the states and outliers along with the load variations of the system.The proposed technique is validated on the benchmark two-area,three-area,and five-area power system models.The simulation results under various test conditions demonstrate the efficacy of the proposed filter.展开更多
With the widespread use of communication and information technology,power system has been evolving into cyber-physical power system(CPPS)and becoming more vulnerable to cyber-attacks.Therefore,it is necessary to enhan...With the widespread use of communication and information technology,power system has been evolving into cyber-physical power system(CPPS)and becoming more vulnerable to cyber-attacks.Therefore,it is necessary to enhance the ability of the communication and information system in CPPS to defend against cyber-attacks.This paper proposes a method to enhance the survivability of the communication and information system in CPPS.Firstly,the communication and information system for critical business of power system is decomposed into certain types of atomic services,and then the survivability evaluation indexes and their corresponding calculation method for the communication and information system are proposed.Secondly,considering the efficacy and cost defensive resources,a defensive resource allocation model is proposed to maximize the survivability of communication and information system in CPPS.Then,a modified genetic algorithm is adopted to solve the proposed model.Finally,the simulation results of CPPS for an IEEE 30-node system verify the proposed method.展开更多
Modern critical infrastructure,such as a water treatment plant,water distribution system,and power grid,are representative of Cyber Physical Systems(CPSs)in which the physical processes are monitored and controlled in...Modern critical infrastructure,such as a water treatment plant,water distribution system,and power grid,are representative of Cyber Physical Systems(CPSs)in which the physical processes are monitored and controlled in real time.One source of complexity in such systems is due to the intra-system interactions and inter-dependencies.Consequently,these systems are a potential target for attackers.When one or more of these infrastructure are attacked,the connected systems may also be affected due to potential cascading effects.In this paper,we report a study to investigate the cascading effects of cyber-attacks on two interdependent critical infrastructure namely,a Secure water treatment plant(SWaT)and a Water Distribution System(WADI).展开更多
As intelligent vehicles become increasingly computerized and networked,they gain more autonomous capabilities.However,they are also becoming more exposed to cyber-threats which are likely to be a more prominent concer...As intelligent vehicles become increasingly computerized and networked,they gain more autonomous capabilities.However,they are also becoming more exposed to cyber-threats which are likely to be a more prominent concern.This paper proposes a cyber-attack detection method for autonomous vehicles based on secure estimation of vehicle states,with an example application under attacks in the vehicle localization system.To investigate the effects of vehicle model and estimator on the attack detection performance,different nonlinear vehicle dynamic models and estimation approaches are employed.The deviation between the measurement from the onboard sensors and the state estimation is monitored in real time.With the designed vehicle state estimator and preset threshold,the cyber-attack detection algorithm is further developed for autonomous vehicles,whose performance is tested in simulations where the vehicle localization system is assumed to be compromised during a double lane change maneuver.The test results demonstrate the feasibility and effectiveness of the proposed cyber-attack algorithm.In addition,the results illustrate the impacts of vehicle nonlinear characteristics on the cyber-attack detection performance.Beyond this,the effects of different vehicle models on the attack detection performance,as well as the selection of suitable filtering approaches for the attack detection,are also discussed.展开更多
Smart Industrial environments use the Industrial Internet of Things(IIoT)for their routine operations and transform their industrial operations with intelligent and driven approaches.However,IIoT devices are vulnerabl...Smart Industrial environments use the Industrial Internet of Things(IIoT)for their routine operations and transform their industrial operations with intelligent and driven approaches.However,IIoT devices are vulnerable to cyber threats and exploits due to their connectivity with the internet.Traditional signature-based IDS are effective in detecting known attacks,but they are unable to detect unknown emerging attacks.Therefore,there is the need for an IDS which can learn from data and detect new threats.Ensemble Machine Learning(ML)and individual Deep Learning(DL)based IDS have been developed,and these individual models achieved low accuracy;however,their performance can be improved with the ensemble stacking technique.In this paper,we have proposed a Deep Stacked Neural Network(DSNN)based IDS,which consists of two stacked Convolutional Neural Network(CNN)models as base learners and Extreme Gradient Boosting(XGB)as the meta learner.The proposed DSNN model was trained and evaluated with the next-generation dataset,TON_IoT.Several pre-processing techniques were applied to prepare a dataset for the model,including ensemble feature selection and the SMOTE technique.Accuracy,precision,recall,F1-score,and false positive rates were used to evaluate the performance of the proposed ensemble model.Our experimental results showed that the accuracy for binary classification is 99.61%,which is better than in the baseline individual DL and ML models.In addition,the model proposed for IDS has been compared with similar models.The proposed DSNN achieved better performance metrics than the other models.The proposed DSNN model will be used to develop enhanced IDS for threat mitigation in smart industrial environments.展开更多
基金funded by the Scientific Research Project of the Education Department of Jilin Province(No.JJKH20230121KJ).
文摘To improve the estimation accuracy of state of charge(SOC)and state of health(SOH)for lithium-ion batteries,in this paper,a joint estimation method of SOC and SOH at charging cut-off voltage based on genetic algorithm(GA)combined with back propagation(BP)neural network is proposed,the research addresses the issue of data manipulation resulting fromcyber-attacks.Firstly,anomalous data stemming fromcyber-attacks are identified and eliminated using the isolated forest algorithm,followed by data restoration.Secondly,the incremental capacity(IC)curve is derived fromthe restored data using theKalman filtering algorithm,with the peak of the ICcurve(ICP)and its corresponding voltage serving as the health factor(HF).Thirdly,the GA-BP neural network is applied to map the relationship between HF,constant current charging time,and SOH,facilitating the estimation of SOH based on HF.Finally,SOC estimation at the charging cut-off voltage is calculated by inputting the SOH estimation value into the trained model to determine the constant current charging time,and by updating the maximum available capacity.Experiments show that the root mean squared error of the joint estimation results does not exceed 1%,which proves that the proposed method can estimate the SOC and SOH accurately and stably even in the presence of false data injection attacks.
基金Project supported by the National Natural Science Foundation of China(Grant Nos.61074159 and 61703286)
文摘We propose a new approach to discuss the consensus problem of multi-agent systems with time-varying delayed control inputs, switching topologies, and stochastic cyber-attacks under hybrid-triggered mechanism.A Bernoulli variable is used to describe the hybrid-triggered scheme, which is introduced to alleviate the burden of the network.The mathematical model of the closed-loop control system is established by taking the influences of time-varying delayed control inputs,switching topologies, and stochastic cyber-attacks into account under the hybrid-triggered scheme.A theorem as the main result is given to make the system consistent based on the theory of Lyapunov stability and linear matrix inequality.Markov jumps with uncertain rates of transitions are applied to describe the switch of topologies.Finally, a simulation example demonstrates the feasibility of the theory in this paper.
基金Project supported by the National Natural Science Foundation of China(Grant Nos.61807016 and 61772013)the Natural Science Foundation of Jiangsu Province,China(Grant No.BK20181342)
文摘In this paper, we investigate the group consensus for leaderless multi-agent systems. The group consensus protocol based on the position information from neighboring agents is designed. The network may be subjected to frequent cyberattacks, which is close to an actual case. The cyber-attacks are assumed to be recoverable. By utilizing algebraic graph theory, linear matrix inequality(LMI) and Lyapunov stability theory, the multi-agent systems can achieve group consensus under the proposed control protocol. The sufficient conditions of the group consensus for the multi-agent networks subjected to cyber-attacks are given. Furthermore, the results are extended to the consensus issue of multiple subgroups with cyber-attacks. Numerical simulations are performed to demonstrate the effectiveness of the theoretical results.
文摘This paper examines the stabilization problem of a distributed networked control system under the effect of cyberattacks by employing a hybrid aperiodic triggering mechanism.The cyber-attack considered in the paper is a stochastic deception attack at the sensor-controller end. The probability of the occurrence of attack on a subsystem is represented using a random variable. A decentralized hybrid sampled-data strategy is introduced to save energy consumption and reduce the transmission load of the network. In the proposed decentralized strategy, each subsystem can decide independently whether its state should be transmitted to the controller or not. The scheme of the hybrid triggering mechanism for each subsystem composed of two stages: In the first stage, the next sampling instant is computed using a self-triggering strategy. Subsequently, in the second stage, an event-triggering condition is checked at these sampling instants and the control signal is computed only if the event-triggering condition is violated. The self-triggering condition used in the first stage is dependent on the selection of eventtriggering condition of the second stage. Finally, a comparison of the proposed approach with other triggering mechanisms existing in the literature is presented in terms of the sampling instants,transmission frequency and performance measures through simulation examples.
文摘This paper presents the attack tree modeling technique of quantifying cyber-attacks on a hypothetical school network system. Attack trees are constructed by decomposing the path in the network system where attacks are plausible. Considered for the network system are two possible network attack paths. One network path represents an attack through the Internet, and the other represents an attack through the Wireless Access Points (WAPs) in the school network. The probabilities of success of the events, that is, 1) the attack payoff, and 2) the commitment of the attacker to infiltrate the network are estimated for the leaf nodes. These are used to calculate the Returns on Attacks (ROAs) at the Root Nodes. For Phase I, the “As Is” network, the ROA values for both attack paths, are higher than 7 (8.00 and 9.35 respectively), which are high values and unacceptable operationally. In Phase II, countermeasures are implemented, and the two attack trees reevaluated. The probabilities of success of the events, the attack payoff and the commitment of the attacker are then re-estimated. Also, the Returns on Attacks (ROAs) for the Root Nodes are re-assessed after executing the countermeasures. For one attack tree, the ROA value of the Root Node was reduced to 4.83 from 8.0, while, for the other attack tree, the ROA value of the Root Node changed to 3.30 from 9.35. ROA values of 4.83 and 3.30 are acceptable as they fall within the medium value range. The efficacy of this method whereby, attack trees are deployed to mitigate computer network risks, as well as using it to assess the vulnerability of computer networks is quantitatively substantiated.
文摘Detecting cyber-attacks undoubtedly has become a big data problem. This paper presents a tutorial on data mining based cyber-attack detection. First,a data driven defence framework is presented in terms of cyber security situational awareness. Then, the process of data mining based cyber-attack detection is discussed. Next,a multi-loop learning architecture is presented for data mining based cyber-attack detection. Finally,common data mining techniques for cyber-attack detection are discussed.
文摘The United States of America faces an increasing number of threats to its critical infrastructure due to cyber-attacks. With the constant advancement of technology and the interconnectedness of various systems, the vulnerabilities in the nation’s infrastructure have become more pronounced. Cyber-attacks on critical infrastructure, such as power grids, transportation networks, and financial systems, pose a significant risk to national security and public safety. These attacks can disrupt essential services, cause economic losses, and potentially have severe consequences for the well-being of individuals and communities. The rise of cyber-terrorism is also a concern. Cyber-terrorists can exploit vulnerabilities in cyberspace to compromise infrastructure systems, causing chaos and panic among the population. The potential for destructive attacks on critical infrastructure is a pressing issue requiring constant attention and proactive measures.
基金the financial support received from NATO under the Emerging Security Challenges Division programthe support received from NPRP (10-0105-17017) from the Qatar National Research Fund (a member of Qatar Foundation)+1 种基金the support received from the Natural Sciences and Engineering Research Council of Canada (NSERC) and the Department of National Defence (DND) under the Discovery Grant and DND Supplemental Programssupported in part by funding from the Innovation for Defence Excellence and Security (IDEaS) program from the Department of National Defence (DND)。
文摘In this paper, we study stealthy cyber-attacks on actuators of cyber-physical systems(CPS), namely zero dynamics and controllable attacks. In particular, under certain assumptions, we investigate and propose conditions under which one can execute zero dynamics and controllable attacks in the CPS. The above conditions are derived based on the Markov parameters of the CPS and elements of the system observability matrix. Consequently, in addition to outlining the number of required actuators to be attacked, these conditions provide one with the minimum system knowledge needed to perform zero dynamics and controllable cyber-attacks. As a countermeasure against the above stealthy cyber-attacks, we develop a dynamic coding scheme that increases the minimum number of the CPS required actuators to carry out zero dynamics and controllable cyber-attacks to its maximum possible value. It is shown that if at least one secure input channel exists, the proposed dynamic coding scheme can prevent adversaries from executing the zero dynamics and controllable attacks even if they have complete knowledge of the coding system. Finally, two illustrative numerical case studies are provided to demonstrate the effectiveness and capabilities of our derived conditions and proposed methodologies.
基金supported in part by the National Key Research and Development Program of China(No.2017YFB0902900)the State Grid Corporation of China
文摘Cyber-attacks that tamper with measurement information threaten the security of state estimation for the current distribution system.This paper proposes a cyber-attack detection strategy based on distribution system state estimation(DSSE).The uncertainty of the distribution network is represented by the interval of each state variable.A three-phase interval DSSE model is proposed to construct the interval of each state variable.An improved iterative algorithm(IIA)is developed to solve the interval DSSE model and to obtain the lower and upper bounds of the interval.A cyber-attack is detected when the value of the state variable estimated by the traditional DSSE is out of the corresponding interval determined by the interval DSSE.To validate the proposed cyber-attack detection strategy,the basic principle of the cyber-attack is studied,and its general model is formulated.The proposed cyber-attack model and detection strategy are conducted on the IEEE 33-bus and 123-bus systems.Comparative experiments of the proposed IIA,Monte Carlo simulation algorithm,and interval Gauss elimination algorithm prove the validation of the proposed method.
基金This work was supported in part by the National Key Research and Development Program of China(No.2017YFB0903000)the Science and Technology Project of the State Grid Corporation of China(Basic Theory and Methodology for Analysis and Control of Grid Cyber Physical Systems(Supporting Projects)).
文摘Due to the tight coupling between the cyber and physical sides of a cyber-physical power system(CPPS),the safe and reliable operation of CPPSs is being increasingly impacted by cyber security.This situation poses a challenge to traditional security defense systems,which considers the threat from only one side,i.e.,cyber or physical.To cope with cyberattacks,this paper reaches beyond the traditional one-side security defense systems and proposes the concept of cyber-physical coordinated situation awareness and active defense to improve the ability of CPPSs.An example of a regional frequency control system is used to show the validness and potential of this concept.Then,the research framework is presented for studying and implementing this concept.Finally,key technologies for cyber-physical coordinated situation awareness and active defense against cyber-attacks are introduced.
文摘Communication plays a vital role in incorporating smartness into the interconnected power system.However,historical records prove that the data transfer has always been vulnerable to cyber-attacks.Unless these cyber-attacks are identified and cordoned off,they may lead to black-out and result in national security issues.This paper proposes an optimal two-stage Kalman filter(OTS-KF)for simultaneous state and cyber-attack estimation in automatic generation control(AGC)system.Biases/cyber-attacks are modeled as unknown inputs in the AGC dynamics.Five types of cyber-attacks,i.e.,false data injection(FDI),data replay attack,denial of service(DoS),scaling,and ramp attacks,are injected into the measurements and estimated using OTS-KF.As the load variations of each area are seldom available,OTS-KF is reformulated to estimate the states and outliers along with the load variations of the system.The proposed technique is validated on the benchmark two-area,three-area,and five-area power system models.The simulation results under various test conditions demonstrate the efficacy of the proposed filter.
基金supported by“Research on Operation Situation Awareness and Proactive Defense of Power Cyber-Physical System Against Cyber Attacks”the Fundamental Research Funds for the Central Universities(No.2018B05814)
文摘With the widespread use of communication and information technology,power system has been evolving into cyber-physical power system(CPPS)and becoming more vulnerable to cyber-attacks.Therefore,it is necessary to enhance the ability of the communication and information system in CPPS to defend against cyber-attacks.This paper proposes a method to enhance the survivability of the communication and information system in CPPS.Firstly,the communication and information system for critical business of power system is decomposed into certain types of atomic services,and then the survivability evaluation indexes and their corresponding calculation method for the communication and information system are proposed.Secondly,considering the efficacy and cost defensive resources,a defensive resource allocation model is proposed to maximize the survivability of communication and information system in CPPS.Then,a modified genetic algorithm is adopted to solve the proposed model.Finally,the simulation results of CPPS for an IEEE 30-node system verify the proposed method.
基金the National Research Foundation(NRF),Prime Minister’s Office,Singapore,under its National Cybersecurity R&D Programme(Award No.NRF2015NCR-NCR003-001)and administered by the National Cybersecurity R&D Directorate.
文摘Modern critical infrastructure,such as a water treatment plant,water distribution system,and power grid,are representative of Cyber Physical Systems(CPSs)in which the physical processes are monitored and controlled in real time.One source of complexity in such systems is due to the intra-system interactions and inter-dependencies.Consequently,these systems are a potential target for attackers.When one or more of these infrastructure are attacked,the connected systems may also be affected due to potential cascading effects.In this paper,we report a study to investigate the cascading effects of cyber-attacks on two interdependent critical infrastructure namely,a Secure water treatment plant(SWaT)and a Water Distribution System(WADI).
基金Funding was provided by State Key Laboratory of Automotive Safety and Energy(Grant No.KF2021)SUG-NAP Grant of Nanyang Technological University,Singapore(Grant No.M4082268.050).
文摘As intelligent vehicles become increasingly computerized and networked,they gain more autonomous capabilities.However,they are also becoming more exposed to cyber-threats which are likely to be a more prominent concern.This paper proposes a cyber-attack detection method for autonomous vehicles based on secure estimation of vehicle states,with an example application under attacks in the vehicle localization system.To investigate the effects of vehicle model and estimator on the attack detection performance,different nonlinear vehicle dynamic models and estimation approaches are employed.The deviation between the measurement from the onboard sensors and the state estimation is monitored in real time.With the designed vehicle state estimator and preset threshold,the cyber-attack detection algorithm is further developed for autonomous vehicles,whose performance is tested in simulations where the vehicle localization system is assumed to be compromised during a double lane change maneuver.The test results demonstrate the feasibility and effectiveness of the proposed cyber-attack algorithm.In addition,the results illustrate the impacts of vehicle nonlinear characteristics on the cyber-attack detection performance.Beyond this,the effects of different vehicle models on the attack detection performance,as well as the selection of suitable filtering approaches for the attack detection,are also discussed.
文摘Smart Industrial environments use the Industrial Internet of Things(IIoT)for their routine operations and transform their industrial operations with intelligent and driven approaches.However,IIoT devices are vulnerable to cyber threats and exploits due to their connectivity with the internet.Traditional signature-based IDS are effective in detecting known attacks,but they are unable to detect unknown emerging attacks.Therefore,there is the need for an IDS which can learn from data and detect new threats.Ensemble Machine Learning(ML)and individual Deep Learning(DL)based IDS have been developed,and these individual models achieved low accuracy;however,their performance can be improved with the ensemble stacking technique.In this paper,we have proposed a Deep Stacked Neural Network(DSNN)based IDS,which consists of two stacked Convolutional Neural Network(CNN)models as base learners and Extreme Gradient Boosting(XGB)as the meta learner.The proposed DSNN model was trained and evaluated with the next-generation dataset,TON_IoT.Several pre-processing techniques were applied to prepare a dataset for the model,including ensemble feature selection and the SMOTE technique.Accuracy,precision,recall,F1-score,and false positive rates were used to evaluate the performance of the proposed ensemble model.Our experimental results showed that the accuracy for binary classification is 99.61%,which is better than in the baseline individual DL and ML models.In addition,the model proposed for IDS has been compared with similar models.The proposed DSNN achieved better performance metrics than the other models.The proposed DSNN model will be used to develop enhanced IDS for threat mitigation in smart industrial environments.
