Coordinated cyber-physical attacks (CCPA) have been touted as a serious threat for several years, where "coordinated" means that attackers have complete knowledge of the physical plant and status, and sometimes can even create physical defects, to assist cyber attacks, and vice versa. In recent years, these attacks have crept from theory to reality, with attacks on vehicles, electrical grids, and industrial plants, which have the potential to cause destruction and even death outside of the digital world. CCPA raise a unique challenge with respect to cyber-physical systems (CPS) safety. Historically, technologies to defend cyber attacks and physical attacks are developed separately under different assumptions and models. For instance, cyber security technologies often require the complete profile of the physical dynamics and the observation of the system state, which may not be available when physical defects exist. Similarly, existing system control techniques may efficiently compensate for the physical damage, but under the assumption that the control software and the sensor data are not compromised. There is a lack of unified approaches against CCPA. With this observation, this project focuses on the development of unified models with coherent set of assumptions, supported by integrated technologies, upon which CCPA can be defended much more effectively. To establish theoretical foundations and engineering principles for resilient CPS architectures, this project will investigate unified models and platforms that represent the scientific understanding of resilient CPS against CCPA. Engineering of CPS will be addressed through the development and integration of complexity-reduced software architectures, along with their design principles, which lead to verifiable and certifiable architectures with higher level of system resilience. Technology of CPS will be addressed through the design of new attack detection, isolation, and recovery tools as well as timing and control techniques to ensure appropriate responses to CCPA. The proposed inherently interdisciplinary research will ensure predictable performance for resilient CPS, by leveraging the disciplinary advances in (i) the design and evaluation of robust fault-tolerant control systems yielding significantly enhanced levels of safety in highly unpredictable environments; (ii) the design and implementation of complexity reduction architecture yielding a significant reduction in the verification time from hours to seconds; (iii) the development of multi-rate sampled-data control and robust reachability-based attack detection techniques ensuring that the sensor data is reliable; and (iv) the development of cyber-physical co-adaptation that optimizes control performance and computation task scheduling to guarantee system safety and efficient recovery from CCPA. The target application of this project is unmanned aerial vehicles (UAVs). The research results will be evaluated in three different testbeds: UAV testbed, generic transportation model (GTM) aircraft, and power system virtual testbed (VTB). The technological advancement from this project will provide solutions for the safety and reliability issues faced by today's CPS and deliver dependable CPS that are applicable without sacrificing functionality or accessibility in complex and potentially hostile networked environment. The results of this project will be communicated in archival journal publications, conference venues and various workshops and lectures, and will be integrated at different academic levels.

As evidenced by the recent cyberattacks against Ukrainian power grids, attack strategies have advanced and new malware agents will continue to emerge. The current measures to audit the critical cyber assets of the electric power infrastructure do not provide a quantitative guidance that can be used to address security protection improvement. Investing in cybersecurity protection is often limited to compliance enforcement based on reliability standards. Auditors and investors must understand the implications of hypothetical worst case scenarios due to cyberattacks and how they could affect the power grids. This project aims to establish an actuarial framework for strategizing technological improvements of countermeasures against emerging cyberattacks on wide-area power networks. By establishing an actuarial framework to evaluate and manage cyber risks, this project will promote a self-sustaining ecosystem for the energy infrastructure, which will eventually help to improve overall social welfare. The advances in cyber insurance will stimulate actuarial research in handling extreme cyber events. In addition, the research and practice related to cybersecurity and cyber insurance for the critical energy infrastructure will be promoted by educating the next generation of the workforce and disseminating the research results. The objective of this project is to develop an actuarial framework of risk management for power grid cybersecurity. It involves transformative research on using insurance as a cyber risk management instrument for contemporary power grids. The generation of comprehensive vulnerabilities and reliability-based knowledge from extracted security logs and cyber-induced reliability degradation analysis can enable the establishment of risk portfolios for electric utilities to improve their preparedness in protecting the power infrastructure against cyber threats. The major thrusts of this project are: 1) developing an approach to quantifying cyber risks in power grids and determining how mitigation schemes could affect the cascading consequences to widespread instability; 2) studying comprehensively how hypothesized cyberattack scenarios would impact the grid reliability by performing a probabilistic cyber risk assessment; and 3) using the findings from the first two thrusts to construct actuarial models. Potential cyberattack-induced losses on electric utilities will be assessed, based on which insurance policies will be designed and the associated capital market will be explored.

Cyber-physical systems (CPS) are engineered systems created as networks of interacting physical and computational processes. Most modern products in major industrial sectors, such as automotive, avionics, medical devices, and power systems already are or rapidly becoming CPS driven by new requirements and competitive pressures. However, in recent years, a number of successful cyber attacks against CPS targets, some of which have even caused severe physical damage, have demonstrated that security and resilience of CPS is a very critical problem, and that new methods and technologies are required to build dependable systems. Modern automotive vehicles, for example, employ sensors such as laser range finders and cameras, GPS and inertial measurement units, on-board computing, and network connections all of which contribute to vulnerabilities that can be exploited for deploying attacks with possibly catastrophic consequences. Securing such systems requires that potential points of compromise and vehicle-related data are protected. In order to fulfill the great promise of CPS technologies such as autonomous vehicles and realize the potential technological, economic, and societal impact, it is necessary to develop principles and methods that ensure the development of CPS capable of functioning dependably, safely, and securely. In view of these challenges, the project develops an approach for integration of reconfigurable control software design and moving target defense for CPS. The main idea is to improve CPS security by making the attack surface dynamic and unpredictable while ensuring safe behavior and correct functionality of the overall system. The proposed energy-based control design approach generates multiple alternatives of the software application that are robust to performance variability and uncertainty. A runtime environment is designed to implement instruction set randomization, address space randomization, and data space randomization. The heart of the runtime environment is a configuration manager that can modify the software configuration, either proactively or reactively upon detection of attacks, while preserving the functionality and ensuring stable and safe CPS behavior. By changing the control software on-the-fly, the approach creates a cyber moving target and raises significantly the cost for a successful attack without impacting the essential behavior and functionality. Demonstration and experimental evaluation will be performed using a hardware-in-the-loop simulation testbed for automotive CPS.