Matching Items (8)
Filtering by
- Creators: Arizona State University
- Creators: Kosut, Oliver
- Resource Type: Text
Description
The cyber-physical systems (CPS) are emerging as the underpinning technology for major industries in the 21-th century. This dissertation is focused on two fundamental issues in cyber-physical systems: network interdependence and information dynamics. It consists of the following two main thrusts. The first thrust is targeted at understanding the impact of network interdependence. It is shown that a cyber-physical system built upon multiple interdependent networks are more vulnerable to attacks since node failures in one network may result in failures in the other network, causing a cascade of failures that would potentially lead to the collapse of the entire infrastructure. There is thus a need to develop a new network science for modeling and quantifying cascading failures in multiple interdependent networks, and to develop network management algorithms that improve network robustness and ensure overall network reliability against cascading failures. To enhance the system robustness, a "regular" allocation strategy is proposed that yields better resistance against cascading failures compared to all possible existing strategies. Furthermore, in view of the load redistribution feature in many physical infrastructure networks, e.g., power grids, a CPS model is developed where the threshold model and the giant connected component model are used to capture the node failures in the physical infrastructure network and the cyber network, respectively. The second thrust is centered around the information dynamics in the CPS. One speculation is that the interconnections over multiple networks can facilitate information diffusion since information propagation in one network can trigger further spread in the other network. With this insight, a theoretical framework is developed to analyze information epidemic across multiple interconnecting networks. It is shown that the conjoining among networks can dramatically speed up message diffusion. Along a different avenue, many cyber-physical systems rely on wireless networks which offer platforms for information exchanges. To optimize the QoS of wireless networks, there is a need to develop a high-throughput and low-complexity scheduling algorithm to control link dynamics. To that end, distributed link scheduling algorithms are explored for multi-hop MIMO networks and two CSMA algorithms under the continuous-time model and the discrete-time model are devised, respectively.
ContributorsQian, Dajun (Author) / Zhang, Junshan (Thesis advisor) / Ying, Lei (Committee member) / Zhang, Yanchao (Committee member) / Cochran, Douglas (Committee member) / Arizona State University (Publisher)
Created2012
Description
With growing complexity of power grid interconnections, power systems may become increasingly vulnerable to low frequency oscillations (especially inter-area oscillations) and dependent on stabilizing controls using either local signals or wide-area signals to provide adequate damping. In recent years, the ability and potential to use wide-area signals for control purposes has increased since a significant investment has been made in the U. S. in deploying synchrophasor measurement technology. Fast and reliable communication systems are essential to enable the use of wide-area signals in controls. If wide-area signals find increased applicability in controls the security and reliability of power systems could be vulnerable to disruptions in communication systems. Even though numerous modern techniques have been developed to lower the probability of communication errors, communication networks cannot be designed to be always reliable. Given this background the motivation of this work is to build resiliency in the power grid controls to respond to failures in the communication network when wide-area control signals are used. In addition, this work also deals with the delay uncertainty associated with the wide-area signal transmission. In order to counteract the negative impact of communication failures on control effectiveness, two approaches are proposed and both approaches are motivated by considering the use of a robustly designed supplementary damping control (SDC) framework associated with a static VAr compensator (SVC). When there is no communication failure, the designed controller guarantees enhanced improvement in damping performance. When the wide-area signal in use is lost due to a communication failure, however, the resilient control provides the required damping of the inter-area oscillations by either utilizing another wide-area measurement through a healthy communication route or by simply utilizing an appropriate local control signal. Simulation results prove that with either of the proposed controls included, the system is stabilized regardless of communication failures, and thereby the reliability and sustainability of power systems is improved. The proposed approaches can be extended without loss of generality to the design of any resilient controller in cyber-physical engineering systems.
ContributorsZhang, Song (Author) / Vittal, Vijay (Thesis advisor) / Heydt, Gerald (Committee member) / Si, Jennie (Committee member) / Undrill, John (Committee member) / Arizona State University (Publisher)
Created2014
Description
The large distributed electric power system is a hierarchical network involving the
transportation of power from the sources of power generation via an intermediate
densely connected transmission network to a large distribution network of end-users
at the lowest level of the hierarchy. At each level of the hierarchy (generation/ trans-
mission/ distribution), the system is managed and monitored with a combination of
(a) supervisory control and data acquisition (SCADA); and (b) energy management
systems (EMSs) that process the collected data and make control and actuation de-
cisions using the collected data. However, at all levels of the hierarchy, both SCADA
and EMSs are vulnerable to cyber attacks. Furthermore, given the criticality of the
electric power infrastructure, cyber attacks can have severe economic and social con-
sequences.
This thesis focuses on cyber attacks on SCADA and EMS at the transmission
level of the electric power system. The goal is to study the consequences of three
classes of cyber attacks that can change topology data. These classes include: (i)
unobservable state-preserving cyber attacks that only change the topology data; (ii)
unobservable state-and-topology cyber-physical attacks that change both states and
topology data to enable a coordinated physical and cyber attack; and (iii) topology-
targeted man-in-the-middle (MitM) communication attacks that alter topology data
shared during inter-EMS communication. Specically, attack class (i) and (ii) focus on
the unobservable attacks on single regional EMS while class (iii) focuses on the MitM
attacks on communication links between regional EMSs. For each class of attacks,
the theoretical attack model and the implementation of attacks are provided, and the
worst-case attack and its consequences are exhaustively studied. In particularly, for
class (ii), a two-stage optimization problem is introduced to study worst-case attacks
that can cause a physical line over
ow that is unobservable in the cyber layer. The long-term implication and the system anomalies are demonstrated via simulation.
For attack classes (i) and (ii), both mathematical and experimental analyses sug-
gest that these unobservable attacks can be limited or even detected with resiliency
mechanisms including load monitoring, anomalous re-dispatches checking, and his-
torical data comparison. For attack class (iii), countermeasures including anomalous
tie-line interchange verication, anomalous re-dispatch alarms, and external contin-
gency lists sharing are needed to thwart such attacks.
transportation of power from the sources of power generation via an intermediate
densely connected transmission network to a large distribution network of end-users
at the lowest level of the hierarchy. At each level of the hierarchy (generation/ trans-
mission/ distribution), the system is managed and monitored with a combination of
(a) supervisory control and data acquisition (SCADA); and (b) energy management
systems (EMSs) that process the collected data and make control and actuation de-
cisions using the collected data. However, at all levels of the hierarchy, both SCADA
and EMSs are vulnerable to cyber attacks. Furthermore, given the criticality of the
electric power infrastructure, cyber attacks can have severe economic and social con-
sequences.
This thesis focuses on cyber attacks on SCADA and EMS at the transmission
level of the electric power system. The goal is to study the consequences of three
classes of cyber attacks that can change topology data. These classes include: (i)
unobservable state-preserving cyber attacks that only change the topology data; (ii)
unobservable state-and-topology cyber-physical attacks that change both states and
topology data to enable a coordinated physical and cyber attack; and (iii) topology-
targeted man-in-the-middle (MitM) communication attacks that alter topology data
shared during inter-EMS communication. Specically, attack class (i) and (ii) focus on
the unobservable attacks on single regional EMS while class (iii) focuses on the MitM
attacks on communication links between regional EMSs. For each class of attacks,
the theoretical attack model and the implementation of attacks are provided, and the
worst-case attack and its consequences are exhaustively studied. In particularly, for
class (ii), a two-stage optimization problem is introduced to study worst-case attacks
that can cause a physical line over
ow that is unobservable in the cyber layer. The long-term implication and the system anomalies are demonstrated via simulation.
For attack classes (i) and (ii), both mathematical and experimental analyses sug-
gest that these unobservable attacks can be limited or even detected with resiliency
mechanisms including load monitoring, anomalous re-dispatches checking, and his-
torical data comparison. For attack class (iii), countermeasures including anomalous
tie-line interchange verication, anomalous re-dispatch alarms, and external contin-
gency lists sharing are needed to thwart such attacks.
ContributorsZhang, Jiazi (Author) / Sankar, Lalitha (Thesis advisor) / Hedman, Kory (Committee member) / Kosut, Oliver (Committee member) / Arizona State University (Publisher)
Created2015
Description
Lighting systems and air-conditioning systems are two of the largest energy consuming end-uses in buildings. Lighting control in smart buildings and homes can be automated by having computer controlled lights and window blinds along with illumination sensors that are distributed in the building, while temperature control can be automated by having computer controlled air-conditioning systems. However, programming actuators in a large-scale environment for buildings and homes can be time consuming and expensive. This dissertation presents an approach that algorithmically sets up the control system that can automate any building without requiring custom programming. This is achieved by imbibing the system self calibrating and self learning abilities.
For lighting control, the dissertation describes how the problem is non-deterministic polynomial-time hard(NP-Hard) but can be resolved by heuristics. The resulting system controls blinds to ensure uniform lighting and also adds artificial illumination to ensure light coverage remains adequate at all times of the day, while adjusting for weather and seasons. In the absence of daylight, the system resorts to artificial lighting.
For temperature control, the dissertation describes how the temperature control problem is modeled using convex quadratic programming. The impact of every air conditioner on each sensor at a particular time is learnt using a linear regression model. The resulting system controls air-conditioning equipments to ensure the maintenance of user comfort and low cost of energy consumptions. The system can be deployed in large scale environments. It can accept multiple target setpoints at a time, which improves the flexibility and efficiency of cooling systems requiring temperature control.
The methods proposed work as generic control algorithms and are not preprogrammed for a particular place or building. The feasibility, adaptivity and scalability features of the system have been validated through various actual and simulated experiments.
For lighting control, the dissertation describes how the problem is non-deterministic polynomial-time hard(NP-Hard) but can be resolved by heuristics. The resulting system controls blinds to ensure uniform lighting and also adds artificial illumination to ensure light coverage remains adequate at all times of the day, while adjusting for weather and seasons. In the absence of daylight, the system resorts to artificial lighting.
For temperature control, the dissertation describes how the temperature control problem is modeled using convex quadratic programming. The impact of every air conditioner on each sensor at a particular time is learnt using a linear regression model. The resulting system controls air-conditioning equipments to ensure the maintenance of user comfort and low cost of energy consumptions. The system can be deployed in large scale environments. It can accept multiple target setpoints at a time, which improves the flexibility and efficiency of cooling systems requiring temperature control.
The methods proposed work as generic control algorithms and are not preprogrammed for a particular place or building. The feasibility, adaptivity and scalability features of the system have been validated through various actual and simulated experiments.
ContributorsWang, Yuan (Author) / Dasgupta, Partha (Thesis advisor) / Davulcu, Hasan (Committee member) / Huang, Dijiang (Committee member) / Reddy, T. Agami (Committee member) / Arizona State University (Publisher)
Created2015
Description
Our daily life is becoming more and more reliant on services provided by the infrastructures
power, gas , communication networks. Ensuring the security of these
infrastructures is of utmost importance. This task becomes ever more challenging as
the inter-dependence among these infrastructures grows and a security breach in one
infrastructure can spill over to the others. The implication is that the security practices/
analysis recommended for these infrastructures should be done in coordination.
This thesis, focusing on the power grid, explores strategies to secure the system that
look into the coupling of the power grid to the cyber infrastructure, used to manage
and control it, and to the gas grid, that supplies an increasing amount of reserves to
overcome contingencies.
The first part (Part I) of the thesis, including chapters 2 through 4, focuses on
the coupling of the power and the cyber infrastructure that is used for its control and
operations. The goal is to detect malicious attacks gaining information about the
operation of the power grid to later attack the system. In chapter 2, we propose a
hierarchical architecture that correlates the analysis of high resolution Micro-Phasor
Measurement Unit (microPMU) data and traffic analysis on the Supervisory Control
and Data Acquisition (SCADA) packets, to infer the security status of the grid and
detect the presence of possible intruders. An essential part of this architecture is
tied to the analysis on the microPMU data. In chapter 3 we establish a set of anomaly
detection rules on microPMU data that
flag "abnormal behavior". A placement strategy
of microPMU sensors is also proposed to maximize the sensitivity in detecting anomalies.
In chapter 4, we focus on developing rules that can localize the source of an events
using microPMU to further check whether a cyber attack is causing the anomaly, by
correlating SCADA traffic with the microPMU data analysis results. The thread that
unies the data analysis in this chapter is the fact that decision are made without fully estimating the state of the system; on the contrary, decisions are made using
a set of physical measurements that falls short by orders of magnitude to meet the
needs for observability. More specifically, in the first part of this chapter (sections 4.1-
4.2), using microPMU data in the substation, methodologies for online identification of
the source Thevenin parameters are presented. This methodology is used to identify
reconnaissance activity on the normally-open switches in the substation, initiated
by attackers to gauge its controllability over the cyber network. The applications
of this methodology in monitoring the voltage stability of the grid is also discussed.
In the second part of this chapter (sections 4.3-4.5), we investigate the localization
of faults. Since the number of PMU sensors available to carry out the inference
is insufficient to ensure observability, the problem can be viewed as that of under-sampling
a "graph signal"; the analysis leads to a PMU placement strategy that can
achieve the highest resolution in localizing the fault, for a given number of sensors.
In both cases, the results of the analysis are leveraged in the detection of cyber-physical
attacks, where microPMU data and relevant SCADA network traffic information
are compared to determine if a network breach has affected the integrity of the system
information and/or operations.
In second part of this thesis (Part II), the security analysis considers the adequacy
and reliability of schedules for the gas and power network. The motivation for
scheduling jointly supply in gas and power networks is motivated by the increasing
reliance of power grids on natural gas generators (and, indirectly, on gas pipelines)
as providing critical reserves. Chapter 5 focuses on unveiling the challenges and
providing solution to this problem.
power, gas , communication networks. Ensuring the security of these
infrastructures is of utmost importance. This task becomes ever more challenging as
the inter-dependence among these infrastructures grows and a security breach in one
infrastructure can spill over to the others. The implication is that the security practices/
analysis recommended for these infrastructures should be done in coordination.
This thesis, focusing on the power grid, explores strategies to secure the system that
look into the coupling of the power grid to the cyber infrastructure, used to manage
and control it, and to the gas grid, that supplies an increasing amount of reserves to
overcome contingencies.
The first part (Part I) of the thesis, including chapters 2 through 4, focuses on
the coupling of the power and the cyber infrastructure that is used for its control and
operations. The goal is to detect malicious attacks gaining information about the
operation of the power grid to later attack the system. In chapter 2, we propose a
hierarchical architecture that correlates the analysis of high resolution Micro-Phasor
Measurement Unit (microPMU) data and traffic analysis on the Supervisory Control
and Data Acquisition (SCADA) packets, to infer the security status of the grid and
detect the presence of possible intruders. An essential part of this architecture is
tied to the analysis on the microPMU data. In chapter 3 we establish a set of anomaly
detection rules on microPMU data that
flag "abnormal behavior". A placement strategy
of microPMU sensors is also proposed to maximize the sensitivity in detecting anomalies.
In chapter 4, we focus on developing rules that can localize the source of an events
using microPMU to further check whether a cyber attack is causing the anomaly, by
correlating SCADA traffic with the microPMU data analysis results. The thread that
unies the data analysis in this chapter is the fact that decision are made without fully estimating the state of the system; on the contrary, decisions are made using
a set of physical measurements that falls short by orders of magnitude to meet the
needs for observability. More specifically, in the first part of this chapter (sections 4.1-
4.2), using microPMU data in the substation, methodologies for online identification of
the source Thevenin parameters are presented. This methodology is used to identify
reconnaissance activity on the normally-open switches in the substation, initiated
by attackers to gauge its controllability over the cyber network. The applications
of this methodology in monitoring the voltage stability of the grid is also discussed.
In the second part of this chapter (sections 4.3-4.5), we investigate the localization
of faults. Since the number of PMU sensors available to carry out the inference
is insufficient to ensure observability, the problem can be viewed as that of under-sampling
a "graph signal"; the analysis leads to a PMU placement strategy that can
achieve the highest resolution in localizing the fault, for a given number of sensors.
In both cases, the results of the analysis are leveraged in the detection of cyber-physical
attacks, where microPMU data and relevant SCADA network traffic information
are compared to determine if a network breach has affected the integrity of the system
information and/or operations.
In second part of this thesis (Part II), the security analysis considers the adequacy
and reliability of schedules for the gas and power network. The motivation for
scheduling jointly supply in gas and power networks is motivated by the increasing
reliance of power grids on natural gas generators (and, indirectly, on gas pipelines)
as providing critical reserves. Chapter 5 focuses on unveiling the challenges and
providing solution to this problem.
ContributorsJamei, Mahdi (Author) / Scaglioe, Anna (Thesis advisor) / Ayyanar, Raja (Committee member) / Hedman, Kory W (Committee member) / Kosut, Oliver (Committee member) / Arizona State University (Publisher)
Created2018
Description
Multiple-channel detection is considered in the context of a sensor network where data can be exchanged directly between sensor nodes that share a common edge in the network graph. Optimal statistical tests used for signal source detection with multiple noisy sensors, such as the Generalized Coherence (GC) estimate, use pairwise measurements from every pair of sensors in the network and are thus only applicable when the network graph is completely connected, or when data are accumulated at a common fusion center. This thesis presents and exploits a new method that uses maximum-entropy techniques to estimate measurements between pairs of sensors that are not in direct communication, thereby enabling the use of the GC estimate in incompletely connected sensor networks. The research in this thesis culminates in a main conjecture supported by statistical tests regarding the topology of the incomplete network graphs.
ContributorsCrider, Lauren Nicole (Author) / Cochran, Douglas (Thesis director) / Renaut, Rosemary (Committee member) / Kosut, Oliver (Committee member) / Barrett, The Honors College (Contributor) / School of Mathematical and Statistical Sciences (Contributor)
Created2014-05
Description
Lossy compression is a form of compression that slightly degrades a signal in ways that are ideally not detectable to the human ear. This is opposite to lossless compression, in which the sample is not degraded at all. While lossless compression may seem like the best option, lossy compression, which is used in most audio and video, reduces transmission time and results in much smaller file sizes. However, this compression can affect quality if it goes too far. The more compression there is on a waveform, the more degradation there is, and once a file is lossy compressed, this process is not reversible. This project will observe the degradation of an audio signal after the application of Singular Value Decomposition compression, a lossy compression that eliminates singular values from a signal’s matrix.
ContributorsHirte, Amanda (Author) / Kosut, Oliver (Thesis director) / Bliss, Daniel (Committee member) / Electrical Engineering Program (Contributor, Contributor) / Barrett, The Honors College (Contributor)
Created2021-05
Description
Recent advances in cyber-physical systems, artificial intelligence, and cloud computing have driven the widespread deployment of Internet-of-Things (IoT) devices in smart homes. However, the spate of cyber attacks exploiting the vulnerabilities and weak security management of smart home IoT devices have highlighted the urgency and challenges of designing efficient mechanisms for detecting, analyzing, and mitigating security threats towards them. In this dissertation, I seek to address the security and privacy issues of smart home IoT devices from the perspectives of traffic measurement, pattern recognition, and security applications. I first propose an efficient multidimensional smart home network traffic measurement framework, which enables me to deeply understand the smart home IoT ecosystem and detect various vulnerabilities and flaws. I further design intelligent schemes to efficiently extract security-related IoT device event and user activity patterns from the encrypted smart home network traffic. Based on the knowledge of how smart home operates, different systems for securing smart home networks are proposed and implemented, including abnormal network traffic detection across multiple IoT networking protocol layers, smart home safety monitoring with extracted spatial information about IoT device events, and system-level IoT vulnerability analysis and network hardening.
ContributorsWan, Yinxin (Author) / Xue, Guoliang (Thesis advisor) / Xu, Kuai (Thesis advisor) / Yang, Yezhou (Committee member) / Zhang, Yanchao (Committee member) / Arizona State University (Publisher)
Created2023