Securing critical networked cyber-physical systems (NCPSs) such as the power grid or transportation systems has emerged as a major national and global priority. The networked nature of such systems renders them vulnerable to a range of attacks both in cyber and physical domains as corroborated by recent threats such as the Stuxnet worm. Developing security mechanisms for such NCPSs significantly differs from traditional networked systems due to interdependence between cyber and physical subsystems (with attacks originating from either subsystem), possible cooperation between attackers or defenders, and the presence of human decision makers in the loop. The main goal of this research is to develop the necessary science and engineering tools for designing NCPS security solutions that are applicable to a broad range of application domains.
This project will develop a multidisciplinary framework that weaves together principles from cybersecurity, control theory, networking and criminology. The framework will include novel security mechanisms for NCPSs founded on solid control-theoretic and related notions, analytical tools that allow incorporation of bounded human rationality in NCPS security, and experiments with real-world attack scenarios. A newly built cross-institutional NCPS simulator will be used to evaluate the proposed mechanisms in realistic environments. This research transcends specific cyber-physical systems domains and provides the necessary tools to building secure and trustworthy NCPSs. The broader impacts include a new infrastructure for NCPS research and education, training of students, new courses, and outreach events focused on under-represented student groups.
Off
Temple University
-
National Science Foundation
Aunshul Rege
Securing critical networked cyber-physical systems (NCPSs) such as the power grid or transportation systems has emerged as a major national and global priority. The networked nature of such systems renders them vulnerable to a range of attacks both in cyber and physical domains as corroborated by recent threats such as the Stuxnet worm. Developing security mechanisms for such NCPSs significantly differs from traditional networked systems due to interdependence between cyber and physical subsystems (with attacks originating from either subsystem), possible cooperation between attackers or defenders, and the presence of human decision makers in the loop. The main goal of this research is to develop the necessary science and engineering tools for designing NCPS security solutions that are applicable to a broad range of application domains.
This project will develop a multidisciplinary framework that weaves together principles from cybersecurity, control theory, networking and criminology. The framework will include novel security mechanisms for NCPSs founded on solid control-theoretic and related notions, analytical tools that allow incorporation of bounded human rationality in NCPS security, and experiments with real-world attack scenarios. A newly built cross-institutional NCPS simulator will be used to evaluate the proposed mechanisms in realistic environments. This research transcends specific cyber-physical systems domains and provides the necessary tools to building secure and trustworthy NCPSs. The broader impacts include a new infrastructure for NCPS research and education, training of students, new courses, and outreach events focused on under-represented student groups.
Off
Florida International University
-
National Science Foundation
Trustworthy operation of next-generation complex power grid critical infrastructures requires mathematical and practical verification solutions to guarantee the correct infrastructural functionalities. This project develops the foundations of theoretical modeling, synthesis and real-world deployment of a formal and scalable controller code verifier for programmable logic controllers (PLCs) in cyber-physical settings. PLCs are widely used for control automation in industrial control systems. A PLC is typically connected to an engineering workstation where engineers develop the control logic to process the input values from sensors and issue control commands to actuators. The project focuses on protecting infrastructures against malicious control injection attacks on PLCs, such as Stuxnet, that inject malicious code on the device to drive the underlying physical platform to an unsafe state. The broader impact of this proposal is highly significant. It offers potential for real-time security for critical infrastructure systems covering sectors such as energy and manufacturing.
The project's intellectual merit is in providing a mathematical and practical verification framework for cyber-physical systems through integration of offline formal methods, online monitoring solutions, and power systems analysis. Offline formal methods do not scale for large-scale platforms due to their exhaustive safety analysis of all possible system states, while online monitoring often reports findings too late for preventative action. This project takes a hybrid approach that dynamically predicts the possible next security incidents and reports to operators before an unsafe state is encountered, allowing time for response. The broader impact of this project is in providing practical mathematical analysis capabilities for general cyber-physical safety-critical infrastructure with potential direct impact on our national security. The research outcomes are integrated into education modules for graduate, undergraduate, and K-12 classrooms.
Off
University of Illinois at Urbana-Champaign
-
National Science Foundation
Project
CPS: Synergy: Adaptive Management of Large Energy Storage Systems for Vehicle Electrification
Large battery systems with 100s/1000s cells are being used to power various physical platforms. For example, automobiles are transitioning from conventional powertrains to (plug-in) hybrid and electric vehicles (EVs). To achieve the desired efficiency of EVs, significant improvements are needed in the architecture and algorithms of battery management. This project will develop a new comprehensive battery management architecture, called Smart Battery Management System (SBMS). The research is expected to bridge the wide gap existing between cyber-physical system (CPS) research and electrification industry communities, provide environment-friendly solutions, increase the awareness of CPS, and develop skilled human resources.
This project will incorporate and enhance a battery management system (BMS) by including battery state-of-charge (SoC) and state-of-health (SoH) algorithms as well as power management strategies on both pack and cell levels. Specifically, it consists of five main research tasks: (i) design a dynamically reconfigurable energy storage system to tolerate harsh internal and external stresses; (ii) develop cell-level thermal management algorithms; (iii) develop efficient, dependable charge and discharge scheduling algorithms in hybrid energy storage systems; (iv) develop a comprehensive, diagnostic/prognostic (P/D) algorithm with system parameters adjusted for making optimal decisions; and (v) build a testbed and evaluate the proposed architecture and algorithms on the testbed.
This research will advance the state-of-the-art in the management of large-scale energy storage systems, extending their life and operation-time significantly, which is key to a wide range of battery-powered physical platforms. That is, SBMS will enable batteries to withstand excessive stresses and power physical platforms for a much longer time, all at low costs. SBMS will also serve as a basic framework for various aspects of CPS research, integrating (cyber) dynamic control and P/D mechanisms, and (physical) energy storage system dynamics.
Off
University of Michigan Ann Arbor
-
National Science Foundation
Submitted by Kang Shin on December 21st, 2015
This project will design next-generation defense mechanisms to protect critical infrastructures, such as power grids, large industrial plants, and water distribution systems. These critical infrastructures are complex primarily due to the integration of cyber and physical components, the presence of high-order behaviors and functions, and an intricate and large interconnection pattern. Malicious attackers can exploit the complexity of the infrastructure, and compromise a system's functionality through cyber attacks (that is hacking into the computation and communication systems) and/or physical attacks (tampering with the actuators, sensors and the control system). This work will develop mathematical models of critical infrastructures and attacks, develop intelligent control-theoretic security mechanisms, and validate the findings on an industry-accredited simulation platform. This project will directly impact national security and economic competitiveness, and the results will be available and useful to utility companies. To accompany the scientific advances, the investigators will also engage in educational efforts to bring this research to the classroom at UCR, and will disseminate their results via scientific publications. The work will also create several opportunities for undergraduate and graduate students to engage in research at UCR, one of the nation's most ethnically diverse research-intensive institutions.
This study encompasses theoretical, computational, and experimental research at UCR aimed at characterizing vulnerabilities of complex cyber-physical systems, with a focus on electric power networks, and control-theoretic defense mechanisms to ensure protection and graceful performance degradation against accidental faults and malicious attacks. This project proposes a transformative approach to cyber-physical security, which builds on a unified control-theoretic framework to model cyber-physical systems, attacks, and defense strategies. This project will undertake three main research initiatives ranging from fundamental scientific and engineering research to analysis using industry-accepted simulation tools: (1) modeling and analysis of cyber-physical attacks, and their impact on system stability and performance; (2) design of monitors to reveal and distinguish between accidental and malignant contingencies; and (3) synthesis of adaptive defense strategies for stochastic and highly dynamic cyber-physical systems. Results will first be characterized from a pure control-theoretic perspective with focus on stochastic, switching, and dynamic cyber-physical systems, so as to highlight fundamental research challenges, and then specialized for the case of smart grid, so as to clarify the implementation of monitors, attacks, and defense strategies. The findings and strategies will be validated for the case of power networks by using the RTDS simulation system, which is an industry-accredited tool for real-time tests of dynamic behavior, faults, attacks, monitoring systems, and defensive strategies.
Off
University of California at Riverside
-
National Science Foundation
Submitted by Fabio Pasqualetti on December 21st, 2015
The goal of this project is to establish a theoretical and empirical foundation for secured and efficient energy resource management in the smart grid - a typical energy-based cyber-physical system and the future critical energy infrastructure for the nation. However, as a large distributed and complex system, the smart grid inherently operates under the presence of various uncertainties, which can be raised from natural disasters, malicious attacks, distributed renewable energy resources, plug-in electrical vehicles, habits of energy usage, and weather. These uncertainties make the development of a secured and efficient energy resource management system challenging. To address this challenging problem, a novel modeling framework and techniques to deal with these uncertainties will be developed. Threats and their impact on both system operations and end users will be studied and effective defensive schemes will be developed. The outcomes of this project will have broader impacts on the higher education system and national economy and will provide a scientific foundation for designing a secured and efficient energy-based critical infrastructure.
The contributions of this project include: a theoretical framework, techniques, and toolkits for smart grid research and education. Specifically, a modeling framework for secured and efficient energy resource management will be developed to quantify uncertainties from both the cyber and physical power grids. Techniques based on statistical modeling, data mining, forecasting, and others will be developed to manage energy resources efficiently. Based on the developed framework, the space of attacks against system operations and end users from key function modules, attack venue, abilities of adversaries, and system knowledge will be studied systematically. Based on the deep understanding of attacks, novel schemes to prevent, detect, and attribute attacks will be developed. An integrated cyber and physical power grid simulation tool and testbed will be developed to evaluate the proposed modeling framework and techniques using realistic scenarios. This project will integrate research, education, and outreach. The outcomes of the project will be integrated into curriculum development and provide research and educational opportunities for both graduate and undergraduate students, including underrepresented minorities and CyberCorps: Scholarship for Service students.
Off
Towson University
-
National Science Foundation
Submitted by Yu Wei on December 21st, 2015
This project focuses on the problem of information acquisition, state estimation and control in the context of cyber physical systems. In our underlying model, a (set of) decision maker(s), by controlling a sequence of actions with uncertain outcomes, dynamically refines the belief about stochastically time-varying parameters of interest. These parameters are then used to control the physical system efficiently and robustly. Here the cyber system collects, processes, and acquires information about the underlying physical system of interest, which is used for its control. The proposed work will develop a new theoretical framework for stochastic learning, decision-making, and control in stochastically-varying cyber physical systems.
In order to obtain analytical insights into the structure of efficient design, we first consider the case where the actions of the cyber system only affect the estimate of the underlying physical system. This class of problems arises in the context of (distributed) sensing/tracking of a physical system in isolation from cyber system control of the physical system's state. Joint state estimation and control for cyber-physical systems will then be considered. Here the most natural first step is to obtain sufficient conditions and/or special classes of systems where a separated approach to the information acquisition and efficient control is (near) optimal. To demonstrate its utility in practice, our theoretical framework will be applied in the specific context of energy efficient control of data centers and robust control of the smart grid under limited sensing.
The intellectual merit of this work will be to develop a theoretical framework for the design of cyber-physical systems including information acquisition, state estimation, and control. In addition, separation theorems for the optimality of separate state estimation and control will be explored.
In terms of broader impacts, significant performance improvement of control systems closed over communication networks will impact a wide range of applications for societal benefit, including smart buildings, intelligent transportation systems, energy-efficient data centers, and the future smart-grid. The PIs plan to disseminate the research results widely through conferences and journals, as well as by organizing specialized workshops and conference sessions related to cyber physical systems. The proposed project will train Ph.D. students as well as enrich the curriculum taught by the PIs in communications, stochastic control, and networks. The PIs have a strong track record in diversity and outreach activities, which for this project will include exposure and involvement of high school and undergraduate students, including under-represented minorities and women.
Off
Stanford University
-
National Science Foundation
This project investigates new reinforcement learning algorithms to enable long-term real-time autonomous learning by cyber-physical systems (CPS). The complexity of CPS makes hand-programming safe and efficient controllers for them difficult. For CPS to meet their potential, they need methods that enable them to learn and adapt to novel situations that they were not programmed for. Reinforcement learning (RL) is a paradigm for learning sequential decision making processes with potential for solving this problem. However, existing RL algorithms do not meet all of the requirements of learning in CPS. Efficacy of the new algorithms for CPS is evaluated in the context of smart buildings and autonomous vehicles.
Cyber-physical systems (CPS) have the potential to revolutionize society by enabling smart buildings, transportation, medical technology, and electric grids. Success of this project could lead to a new generation of CPS that are capable of adapting to their situation and improving their performance autonomously over time. In addition to the traditional methods of dissemination, this project will develop and release open-source code implementing the new reinforcement learning algorithms. Education and outreach activities associated with the project include a Freshman Research Initiative course, participation in a UT Austin annual open house that draws in many underrepresented minorities to interest the public in computer science and science in general, and the department's annual summer school for high school girls called First Bytes.
Off
University of Texas at Austin
-
National Science Foundation
The electric power grid is a complex cyber-physical system, whose reliable and secure operation is of paramount importance to national security and economic vitality. There is a growing and evolving threat of cyber-based attacks, both in numbers and sophistication, on the nation's critical infrastructure. Therefore, cyber security "encompassing attack prevention, detection, mitigation, and resilience" is critical in today's power grid and the emerging smart grid. The goal of this project is to develop a unified system-theoretic framework and analytical tools for cyber-physical security of power systems, capturing the dynamics of the physical system as well as that of the cyber system. Research tasks include: 1) Development of a methodology for impact analysis that includes systematic identification of worst-case stealthy attacks on the power system's wide-area control and evaluating the resulting consequences in terms of stability violations and performance loss. 2) Development of robust cyber-physical countermeasures, employing a combination of methods from system theory, cyber security, and model-based/data-driven tools, in the form of domain-specific anomaly detection/tolerance algorithms and attack-resilient control algorithms. 3) Evaluating the effectiveness of the proposed impact modeling and mitigation algorithms through a combination of simulation and testbed-based evaluations, using realistic system topologies and attack scenarios. The project makes significant contributions to enhance the security and resiliency of the power grid and lays a scientific foundation for cyber-physical security of critical infrastructure. Also, the project develops novel curriculum modules, mentors graduate and undergraduate students including under-represented minorities, leverages industrial collaborations, and exposes high school students to cyber security concepts.
Off
Iowa State University
-
National Science Foundation
The electric power grid is a complex cyber-physical system, whose reliable and secure operation is of paramount importance to national security and economic vitality. There is a growing and evolving threat of cyber-based attacks, both in numbers and sophistication, on the nation's critical infrastructure. Therefore, cyber security "encompassing attack prevention, detection, mitigation, and resilience" is critical in today's power grid and the emerging smart grid. The goal of this project is to develop a unified system-theoretic framework and analytical tools for cyber-physical security of power systems, capturing the dynamics of the physical system as well as that of the cyber system. Research tasks include: 1) Development of a methodology for impact analysis that includes systematic identification of worst-case stealthy attacks on the power system's wide-area control and evaluating the resulting consequences in terms of stability violations and performance loss. 2) Development of robust cyber-physical countermeasures, employing a combination of methods from system theory, cyber security, and model-based/data-driven tools, in the form of domain-specific anomaly detection/tolerance algorithms and attack-resilient control algorithms. 3) Evaluating the effectiveness of the proposed impact modeling and mitigation algorithms through a combination of simulation and testbed-based evaluations, using realistic system topologies and attack scenarios. The project makes significant contributions to enhance the security and resiliency of the power grid and lays a scientific foundation for cyber-physical security of critical infrastructure. Also, the project develops novel curriculum modules, mentors graduate and undergraduate students including under-represented minorities, leverages industrial collaborations, and exposes high school students to cyber security concepts.
Off
Syracuse University
-
National Science Foundation