| 1. |
- Alisic, Rijad, et al.
(författare)
-
Change time estimation uncertainty in nonlinear dynamical systems with applications to COVID-19
- 2022
-
Ingår i: International Journal of Robust and Nonlinear Control. - : Wiley. - 1049-8923 .- 1099-1239.
-
Tidskriftsartikel (refereegranskat)abstract
- The impact that each individual non-pharmaceutical intervention (NPI) had on the spread rate of COVID-19 is difficult to estimate, since several NPIs were implemented in rapid succession in most countries. In this article, we analyze the detectability of sudden changes in a parameter of nonlinear dynamical systems, which could be used to represent NPIs or mutations of the virus, in the presence of measurement noise. Specifically, by taking an agnostic approach, we provide necessary conditions for when the best possible unbiased estimator is able to isolate the effect of a sudden change in a model parameter, by using the Hammersley–Chapman–Robbins (HCR) lower bound. Several simplifications to the calculation of the HCR lower bound are given, which depend on the amplitude of the sudden change and the dynamics of the system. We further define the concept of the most informative sample based on the largest (Formula presented.) distance between two output trajectories, which is a good indicator of when the HCR lower bound converges. These results are thereafter used to analyze the susceptible-infected-removed model. For instance, we show that performing analysis using the number of recovered/deceased, as opposed to the cumulative number of infected, may be an inferior signal to use since sudden changes are fundamentally more difficult to estimate and seem to require more samples. Finally, these results are verified by simulations and applied to real data from the spread of COVID-19 in France.
|
|
| 2. |
- Alisic, Rijad, et al.
(författare)
-
Data-injection Attacks Using Historical Inputs and Outputs
- 2021
-
Ingår i: Proceedings European Control Conference, ECC 2021. - : Institute of Electrical and Electronics Engineers (IEEE). ; , s. 1399-1405
-
Konferensbidrag (refereegranskat)abstract
- Data-driven, model-free control has become popular in recent years, due to their ease of implementation and minimal information requirement about the system. In this paper, we investigate whether the same methods could be used by an adversary to synthesize undetectable data-injection attacks on cyber-physical systems using Willems' Fundamental Lemma. We show that if the adversary is able to upper bound the order of a linear, time-invariant system and read all its inputs and outputs, then the adversary will be able to generate undetectable attack signals in the form of covert attacks. Additionally, we provide conditions on the disclosed data set that enable the adversary to generate zero dynamics attacks. These conditions give operators insights into when enough information about the system has been revealed for an adversary to conduct an undetectable attack. Finally, the different attack strategies are verified through a numerical example.
|
|
| 3. |
- Alisic, Rijad
(författare)
-
Defense of Cyber-Physical Systems Against Learning-based Attackers
- 2023
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Cyberattacks against critical infrastructures pose a serious threat to society, as they can have devastating consequences on the economy, security, or public health. These infrastructures rely on a large network of cyber components, such as sensors, controllers, computers, and communication devices, to monitor and control their physical processes. An adversary can exploit the vulnerabilities in these cyber components to gain access to the system and manipulate its behavior or functionality.This thesis proposes methods that can be employed as a first line of defense against such attacks for Cyber-Physical Systems. In the first part of the thesis, we consider how uninformed attackers can learn to attack a Cyber-Physical System by eavesdropping through the cyber component. By learning to manipulate the plant, the attacker could figure out how to destroy the physical system before it is too late or completely take it over without raising any alarms. Stopping the attacker at the learning stage would force the attacker to act obliviously, increasing the chances of detecting them.We analyze how homomorphic encryption, a technique that allows computation on encrypted data, hinders an attacker's learning process and reduces its capabilities to attack the system. Specifically, we show that an attacker must solve challenging lattice problems to find attacks that are difficult to detect. Additionally, we show how the detection probability is affected by the attacker's solution to the problems and what parameters of the encryption scheme can be tweaked to increase the detection probability. We also develop a novel method that enables anomaly detection over homomorphically encrypted data without revealing the actual signals to the detector, thereby discouraging attackers from launching attacks on the detector. The detection can be performed using a hypothesis test. However, special care must be taken to ensure that fresh samples are used to detect changes from nominal behavior. We also explore how the adversary can try to evade detection using the same test and how the system can be designed to make detection easier for the defender and more challenging for the attacker.In the second part of the thesis, we study how information leakage about changes in the system depends on the system's dynamics. We use a mathematical tool called the Hammersley-Chapman-Robbins lower bound to measure how much information is leaked and how to minimize it. Specifically, we study how structured input sequences, which we call events, can be obtained through the output of a dynamical system and how this information can be hidden by adding noise or changing the inputs. The system’s speed and sensor locations affect how much information is leaked. We also consider balancing the system’s performance and privacy when using optimal control. Finally, we show how to estimate when the adversary’s knowledge of the event becomes accurate enough to launch an attack and how to change the system before that happens. These results are then used to aid the operator in detecting privacy vulnerabilities when designing a Cyber-Physical System, which increases the overall security when removed.
|
|
| 4. |
- Alisic, Rijad, et al.
(författare)
-
Ensuring privacy of occupancy changes in smart buildings
- 2020
-
Ingår i: CCTA 2020 - 4th IEEE Conference on Control Technology and Applications. - : Institute of Electrical and Electronics Engineers Inc.. ; , s. 871-876
-
Konferensbidrag (refereegranskat)abstract
- Smart building management systems rely on sensors to optimize the operation of buildings. If an unauthorized user gains access to these sensors, a privacy leak may occur. This paper considers such a potential leak of privacy in a smart residential building, and how it may be mitigated by corrupting the measurements with additive Gaussian noise. This corruption is done in order to hide when the occupancy changes in an apartment. A lower bound on the variance of any estimator that estimates the change time is derived. The bound is then used to analyze how different model parameters affect the variance. It is shown that the signal to noise ratio and the system dynamics are the main factors that affect the bound. These results are then verified on a simulator of the KTH Live-In Lab Testbed, showing good correspondence with theoretical results.
|
|
| 5. |
- Alisic, Rijad, et al.
(författare)
-
Maximizing Privacy in MIMO Cyber-Physical Systems Using the Chapman-Robbins Bound
- 2020
-
Ingår i: Proceedings of the IEEE Conference on Decision and Control. - : Institute of Electrical and Electronics Engineers Inc.. ; , s. 6272-6277
-
Konferensbidrag (refereegranskat)abstract
- Privacy breaches of cyber-physical systems could expose vulnerabilities to an adversary. Here, privacy leaks of step inputs to linear time-invariant systems are mitigated through additive Gaussian noise. Fundamental lower bounds on the privacy are derived, which are based on the variance of any estimator that seeks to recreate the input. Fully private inputs are investigated and related to transmission zeros. Thereafter, a method to increase the privacy of optimal step inputs is presented and a privacy-utility trade-off bound is derived. Finally, these results are verified on data from the KTH Live-In Lab Testbed, showing good correspondence with theoretical results.
|
|
| 6. |
- Alisic, Rijad, et al.
(författare)
-
Model-Free Undetectable Attacks on Linear Systems Using LWE-Based Encryption
- 2023
-
Ingår i: IEEE Control Systems Letters. - : Institute of Electrical and Electronics Engineers (IEEE). - 2475-1456. ; 7, s. 1249-1254
-
Tidskriftsartikel (refereegranskat)abstract
- We show that the homomorphic property, a desired property in encrypted control, can lead to failure in the cyber defense of a dynamical control system from undetectable attacks, even though individual signal sequences remain unknown to the attacker. We consider an encryption method based on the Learning with Errors (LWE) problem and demonstrate how model-free undetectable attacks on linear systems over integers can be computed from sampled inputs and outputs that are encrypted. Previous work has shown that computing such attacks is possible on nonencrypted systems. Applying this earlier work to our scenario, with minor modifications, typically amplifies the error in encrypted messages unless a short vector problem is solved. Given that an attacker obtains a short vector, we derive the probability that the attack is detected and show how it explicitly depends on the encryption parameters. Finally, we simulate an attack obtained by our method on an encrypted linear system over integers and conduct an analysis of the probability that the attack will be detected.
|
|
| 7. |
- Alisic, Rijad, et al.
(författare)
-
Modeling and Stability of Prosumer Heat Networks
- 2019
-
Ingår i: IFAC PAPERSONLINE. - : ELSEVIER. - 2405-8963. ; , s. 235-240
-
Konferensbidrag (refereegranskat)abstract
- The energy sector is going through a large transformation due to public demands of renewable energy sources. However, a major issue is that these energy sources are intermittent. If designed correctly, district heating systems can naturally contain energy storing units, for example by storing heat in the isolated pipes that make up the heat grid. Additionally, this makes it easier to reuse and transport already generated heat to other users. This paper proposes a mathematical model of such a grid, where excess energy can be retracted from one user and distributed to other users using a network of heat pumps. In some cases, one can balance residual heat production with the heat consumption, temporarily eliminating the need for a centralized heating plant. Existence conditions for stable steady states of such a network with general topology are given. Finally, energy optimal stable steady states are obtained through convex optimization.
|
|
| 8. |
- Alisic, Rijad, et al.
(författare)
-
Privacy Enhancement of Structured Inputs in Cyber-Physical Systems
- 2021
-
Ingår i: 2021 60th IEEE conference on decision and control (CDC). - : Institute of Electrical and Electronics Engineers (IEEE). ; , s. 4888-4894
-
Konferensbidrag (refereegranskat)abstract
- Privacy is often the first line of defense against cyber-physical attacks. In this paper, we derive guarantees for the privacy of structured inputs to linear time-invariant systems, where the eavesdropper either does not know the input or only knows parts of it a priori. The input is be parametrized by a mixture of discrete and continuous parameters. Privacy guarantees for these parameters are then derived using a Barankin-style bound. Given an open-loop control objective, a modification to the cost function is proposed to enhance privacy. Privacy-utility trade-off bounds are derived for these private open-loop control signals. Finally, the theoretical results are verified both using the physical Temperature Control Lab and a numerical simulation of it.
|
|
| 9. |
- Alisic, Rijad, 1994-
(författare)
-
Privacy of Sudden Events in Cyber-Physical Systems
- 2021
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Cyberattacks against critical infrastructures has been a growing problem for the past couple of years. These infrastructures are a particularly desirable target for adversaries, due to their vital importance in society. For instance, a stop in the operation of a critical infrastructure could result in a crippling effect on a nation's economy, security or public health. The reason behind this increase is that critical infrastructures have become more complex, often being integrated with a large network of various cyber components. It is through these cyber components that an adversary is able to access the system and conduct their attacks.In this thesis, we consider methods which can be used as a first line of defence against such attacks for Cyber-Physical Systems (CPS). Specifically, we start by studying how information leaks about a system's dynamics helps an adversary to generate attacks that are difficult to detect. In many cases, such attacks can be detrimental to a CPS since they can drive the system to a breaking point without being detected by the operator that is tasked to secure the system. We show that an adversary can use small amounts of data procured from information leaks to generate these undetectable attacks. In particular, we provide the minimal amount of information that is needed in order to keep the attack hidden even if the operator tries to probe the system for attacks. We design defence mechanisms against such information leaks using the Hammersley-Chapman-Robbins lower bound. With it, we study how information leakage could be mitigated through corruption of the data by injection of measurement noise. Specifically, we investigate how information about structured input sequences, which we call events, can be obtained through the output of a dynamical system and how this leakage depends on the system dynamics. For example, it is shown that a system with fast dynamical modes tends to disclose more information about an event compared to a system with slower modes. However, a slower system leaks information over a longer time horizon, which means that an adversary who starts to collect information long after the event has occured might still be able to estimate it. Additionally, we show how sensor placements can affect the information leak. These results are then used to aid the operator to detect privacy vulnerabilities in the design of a CPS.Based on the Hammersley-Chapman-Robbins lower bound, we provide additional defensive mechanisms that can be deployed by an operator online to minimize information leakage. For instance, we propose a method to modify the structured inputs in order to maximize the usage of the existing noise in the system. This mechanism allows us to explicitly deal with the privacy-utility trade-off, which is of interest when optimal control problems are considered. Finally, we show how the adversary's certainty of the event increases as a function of the number of samples they collect. For instance, we provide sufficient conditions for when their estimation variance starts to converge to its final value. This information can be used by an operator to estimate when possible attacks from an adversary could occur, and change the CPS before that, rendering the adversary's collected information useless.
|
|
