Change search
Link to record
Permanent link

Direct link
BETA
Publications (10 of 189) Show all publications
Milosevic, J., Gracy, S. & Sandberg, H. (2020). On actuator security indices. In: 14th International Conference on Critical Information Infrastructures Security, CRITIS 2019: . Paper presented at Critical Information Infrastructures Security - 14th International Conference, CRITIS 2019, Linköping, Sweden, September 23-25, 2019 (pp. 182-187). Springer
Open this publication in new window or tab >>On actuator security indices
2020 (English)In: 14th International Conference on Critical Information Infrastructures Security, CRITIS 2019, Springer , 2020, p. 182-187Conference paper, Published paper (Refereed)
Abstract [en]

Actuator security indices are developed for risk assessment purposes. Particularly, these indices can tell a system operator which of the actuators in a critical infrastructure network are the most vulnerable to cyber-attacks. Once the operator has this information, he/she can focus the security budget to protect these actuators. In this short paper, we first revisit one existing definition of an actuator security index, and then discuss possible directions for future research.

Place, publisher, year, edition, pages
Springer, 2020
Keywords
Cyber-attacks, Cyber-physical systems, Risk assessment, Actuators, Budget control, Computer crime, Cyber Physical System, Embedded systems, Network security, Security budget, Security indices, System operator, Critical infrastructures
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-267997 (URN)10.1007/978-3-030-37670-3_16 (DOI)2-s2.0-85077509323 (Scopus ID)9783030376697 (ISBN)
Conference
Critical Information Infrastructures Security - 14th International Conference, CRITIS 2019, Linköping, Sweden, September 23-25, 2019
Note

QC 20200328

Available from: 2020-03-28 Created: 2020-03-28 Last updated: 2020-03-28Bibliographically approved
Tuul, V. & Sandberg, H. (2020). Testbed evaluation of DoS attacks on PID-controllers: (Short paper). In: 14th International Conference on Critical Information Infrastructures Security, CRITIS 2019: . Paper presented at Critical Information Infrastructures Security - 14th International Conference, CRITIS 2019, Linköping, Sweden, September 23-25, 2019 (pp. 188-194). Springer
Open this publication in new window or tab >>Testbed evaluation of DoS attacks on PID-controllers: (Short paper)
2020 (English)In: 14th International Conference on Critical Information Infrastructures Security, CRITIS 2019, Springer , 2020, p. 188-194Conference paper, Published paper (Refereed)
Abstract [en]

We present ongoing work in evaluating the performance of PID-controllers under DoS attacks. The experiments are conducted in a recently developed virtual testbed, which is openly available. An important observation is that also benign physical processes may exhibit potentially dangerous oscillations under DoS attacks unless care is taken in the control implementation. An event-based PID-controller with adaptive gain shows promising performance under DoS attack.

Place, publisher, year, edition, pages
Springer, 2020
Series
Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349 ; 11777
Keywords
Cyber-physical attack, DoS attacks, PID-control, Controllers, Critical infrastructures, Denial-of-service attack, Electric control equipment, Proportional control systems, Testbeds, Adaptive gain, Control implementation, Cyber physicals, Event-based, Physical process, PID controllers, Virtual test beds, Three term control systems
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-267998 (URN)10.1007/978-3-030-37670-3_17 (DOI)2-s2.0-85077506056 (Scopus ID)9783030376697 (ISBN)
Conference
Critical Information Infrastructures Security - 14th International Conference, CRITIS 2019, Linköping, Sweden, September 23-25, 2019
Note

QC 20200328

Available from: 2020-03-29 Created: 2020-03-29 Last updated: 2020-03-29Bibliographically approved
Pirani, M., Nekouei, E., Sandberg, H. & Johansson, K. H. (2019). A game-theoretic framework for security-aware sensor placement problem in networked control systems. In: Proceedings of the American Control Conference: . Paper presented at 2019 American Control Conference, ACC 2019; Philadelphia; United States; 10 July 2019 through 12 July 2019 (pp. 114-119). Institute of Electrical and Electronics Engineers (IEEE), Article ID 8814443.
Open this publication in new window or tab >>A game-theoretic framework for security-aware sensor placement problem in networked control systems
2019 (English)In: Proceedings of the American Control Conference, Institute of Electrical and Electronics Engineers (IEEE), 2019, p. 114-119, article id 8814443Conference paper, Published paper (Refereed)
Abstract [en]

This paper studies the sensor placement problem in a networked control system for improving its security against cyber-physical attacks. The problem is formulated as a zero-sum game between an attacker and a detector. The attacker's decision is to select f nodes of the network to attack whereas the detector's decision is to place f sensors to detect the presence of the attack signals. In our formulation, the attacker minimizes its visibility, defined as the system L2 gain from the attack signals to the deployed sensors' outputs, and the detector maximizes the visibility of the attack signals. The equilibrium strategy of the game determines the optimal locations of the sensors. The existence of Nash equilibrium for the attacker-detector game is studied when the underlying connectivity graph is a directed or an undirected tree. When the game does not admit a Nash equilibrium, it is shown that the Stackelberg equilibrium of the game, with the detector as the game leader, can be computed efficiently. Our results show that, under the optimal sensor placement strategy, an undirected topology provides a higher security level for a networked control system compared with its corresponding directed topology.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2019
Series
Proceedings of the American Control Conference, ISSN 07431619
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-262596 (URN)2-s2.0-85072277874 (Scopus ID)9781538679265 (ISBN)
Conference
2019 American Control Conference, ACC 2019; Philadelphia; United States; 10 July 2019 through 12 July 2019
Note

QC 20191016

Available from: 2019-10-16 Created: 2019-10-16 Last updated: 2019-10-16Bibliographically approved
Milosevic, J., Sandberg, H. & Johansson, K. H. (2019). A Security Index for Actuators Based on Perfect Undetectability: Properties and Approximation. In: 2018 56th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2018: . Paper presented at 56th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2018, 2 October 2018 through 5 October 2018 (pp. 235-241). Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>A Security Index for Actuators Based on Perfect Undetectability: Properties and Approximation
2019 (English)In: 2018 56th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2018, Institute of Electrical and Electronics Engineers (IEEE), 2019, p. 235-241Conference paper, Published paper (Refereed)
Abstract [en]

A novel security index based on the definition of perfect undetectability is proposed. The index is a tool that can help a control system operator to localize the most vulnerable actuators in the network. In particular, the security index of actuator i represents the minimal number of sensors and actuators that needs to be compromised in addition to i, such that a perfectly undetectable attack is possible. A method for computing this index for small scale systems is derived, and difficulties with the index once the system is of large scale are outlined. An upper bound for the index that overcomes these difficulties is then proposed. The theoretical developments are illustrated on a numerical example. 

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2019
Series
Annual Allerton Conference on Communication Control and Computing, ISSN 2474-0195
Keywords
Computer programming, Computer science, Control engineering, Security indices, Sensors and actuators, Small-scale systems, System operator, Theoretical development, Upper Bound, Actuators
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-252077 (URN)10.1109/ALLERTON.2018.8635906 (DOI)000461021200034 ()2-s2.0-85062843906 (Scopus ID)978-1-5386-6596-1 (ISBN)
Conference
56th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2018, 2 October 2018 through 5 October 2018
Projects
CERCES
Note

QC 20190801

Available from: 2019-08-01 Created: 2019-08-01 Last updated: 2019-12-09Bibliographically approved
Chong, M., Sandberg, H. & Teixeira, A. M. H. (2019). A Tutorial Introduction to Security and Privacy for Cyber-Physical Systems. In: Proceedings 2019 18th European Control Conference (ECC): . Paper presented at 18th European Control Conference (ECC), Naples, ITALY, JUN 25-28, 2019 (pp. 968-978). IEEE
Open this publication in new window or tab >>A Tutorial Introduction to Security and Privacy for Cyber-Physical Systems
2019 (English)In: Proceedings 2019 18th European Control Conference (ECC), IEEE , 2019, p. 968-978Conference paper, Published paper (Refereed)
Abstract [en]

This tutorial provides a high-level introduction to novel control-theoretic approaches for the security and privacy of cyber-physical systems (CPS). It takes a risk-based approach to the problem and develops a model framework that allows us to introduce and relate many of the recent contributions to the area. In particular, we explore the concept of risk in the context of CPS under cyber-attacks, paying special attention to the characterization of attack scenarios and to the interpretation of impact and likelihood for CPS. The risk management framework is then used to give an overview of and map different contributions in the area to three core parts of the framework: attack scenario description, quantification of impact and likelihood, and mitigation strategies. The overview is by no means complete, but it illustrates the breadth of the problems considered and the control-theoretic solutions proposed so far.

Place, publisher, year, edition, pages
IEEE, 2019
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-263389 (URN)10.23919/ECC.2019.8795652 (DOI)000490488300155 ()2-s2.0-85071575881 (Scopus ID)9783907144008 (ISBN)
Conference
18th European Control Conference (ECC), Naples, ITALY, JUN 25-28, 2019
Projects
CERCES
Note

QC 20191114

Available from: 2019-11-14 Created: 2019-11-14 Last updated: 2019-12-10Bibliographically approved
Saritas, S., Shereen, E., Sandberg, H. & Dán, G. (2019). Adversarial Attacks on Continuous Authentication Security: A Dynamic Game Approach. In: 10th International Conference, GameSec 2019, Stockholm, Sweden, October 30 – November 1, 2019, Proceedings: . Paper presented at 10th International Conference, GameSec 2019, Stockholm, Sweden, October 30 – November 1, 2019, (pp. 439-458). , 11836
Open this publication in new window or tab >>Adversarial Attacks on Continuous Authentication Security: A Dynamic Game Approach
2019 (English)In: 10th International Conference, GameSec 2019, Stockholm, Sweden, October 30 – November 1, 2019, Proceedings, 2019, Vol. 11836, p. 439-458Conference paper, Published paper (Refereed)
Abstract [en]

Identity theft through phishing and session hijacking attacks has become a major attack vector in recent years, and is expected to become more frequent due to the pervasive use of mobile devices. Continuous authentication based on the characterization of user behavior, both in terms of user interaction patterns and usage patterns, is emerging as an effective solution for mitigating identity theft, and could become an important component of defense-in-depth strategies in cyber-physical systems as well. In this paper, the interaction between an attacker and an operator using continuous authentication is modeled as a stochastic game. In the model, the attacker observes and learns the behavioral patterns of an authorized user whom it aims at impersonating, whereas the operator designs the security measures to detect suspicious behavior and to prevent unauthorized access while minimizing the monitoring expenses. It is shown that the optimal attacker strategy exhibits a threshold structure, and consists of observing the user behavior to collect information at the beginning, and then attacking (rather than observing) after gathering enough data. From the operator’s side, the optimal design of the security measures is provided. Numerical results are used to illustrate the intrinsic trade-off between monitoring cost and security risk, and show that continuous authentication can be effective in minimizing security risk.

Series
Lecture Notes in Computer Science ; 11836
National Category
Other Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
urn:nbn:se:kth:diva-263971 (URN)2-s2.0-85076429620 (Scopus ID)
Conference
10th International Conference, GameSec 2019, Stockholm, Sweden, October 30 – November 1, 2019,
Projects
CERCES
Note

QC 20191125

Available from: 2019-11-19 Created: 2019-11-19 Last updated: 2020-02-04Bibliographically approved
Pirani, M., Nekouei, E., Dibaji, S. M., Sandberg, H. & Johansson, K. H. (2019). Design of Attack-Resilient Consensus Dynamics: A Game-Theoretic Approach. In: Proceedings 2019 18th European Control Conference (ECC): . Paper presented at 18th European Control Conference (ECC), Naples, ITALY, JUN 25-28, 2019 (pp. 2227-2232). IEEE
Open this publication in new window or tab >>Design of Attack-Resilient Consensus Dynamics: A Game-Theoretic Approach
Show others...
2019 (English)In: Proceedings 2019 18th European Control Conference (ECC), IEEE , 2019, p. 2227-2232Conference paper, Published paper (Refereed)
Abstract [en]

We propose a game-theoretic framework for improving the resilience of multi-agent consensus dynamics in the presence of a strategic attacker. In this game, the attacker selects a set of network nodes to inject the attack signals. The attacker's objective is to minimize the required energy for steering the consensus towards its desired direction. This energy is captured by the trace of controllability Gramian of the system when the input is the attack signal. The defender improves the resilience of dynamics by adding self-feedback loops to certain nodes of the system and its objective is to maximize the trace of controllability Gramian. The Stackelberg equilibrium of the game is studied with the defender as the game leader. When the underlying network topology is a tree and the defender can select only one node, we show that the optimal strategy of the defender is determined by a specific distance-based network centrality measure, called network's f-center. In addition, we show that the degree-based centralities solutions may lead to undesirable payoffs for the defender. At the end, we discuss the case of multiple attack and defense nodes on general graphs.

Place, publisher, year, edition, pages
IEEE, 2019
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-263390 (URN)10.23919/ECC.2019.8796291 (DOI)000490488302041 ()2-s2.0-85071562919 (Scopus ID)9783907144008 (ISBN)
Conference
18th European Control Conference (ECC), Naples, ITALY, JUN 25-28, 2019
Note

QC 20191114

Available from: 2019-11-14 Created: 2019-11-14 Last updated: 2019-11-14Bibliographically approved
Farokhi, F. & Sandberg, H. (2019). Ensuring privacy with constrained additive noise by minimizing Fisher information. Paper presented at 56th IEEE Annual Conference on Decision and Control (CDC), DEC 12-15, 2017, Melbourne, AUSTRALIA, ARKE BS, 1990, IEEE TRANSACTIONS ON INFORMATION THEORY, V36, P453. Automatica, 99, 275-288
Open this publication in new window or tab >>Ensuring privacy with constrained additive noise by minimizing Fisher information
2019 (English)In: Automatica, ISSN 0005-1098, E-ISSN 1873-2836, Vol. 99, p. 275-288Article in journal (Refereed) Published
Abstract [en]

The problem of preserving the privacy of individual entries of a database when responding to linear or nonlinear queries with constrained additive noise is considered. For privacy protection, the response to the query is systematically corrupted with an additive random noise whose support is a subset or equal to a pre-defined constraint set. A measure of privacy using the inverse of the trace of the Fisher information matrix is developed. The Cramer-Rao bound relates the variance of any estimator of the database entries to the introduced privacy measure. The probability density that minimizes the trace of the Fisher information (as a proxy for maximizing the measure of privacy) is computed. An extension to dynamic problems is also presented. Finally, the results are compared to the differential privacy methodology. Crown Copyright

Place, publisher, year, edition, pages
PERGAMON-ELSEVIER SCIENCE LTD, 2019
Keywords
Privacy, Additive constrained noise, Fisher information
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-242254 (URN)10.1016/j.automatica.2018.10.012 (DOI)000454965300031 ()2-s2.0-85056467557 (Scopus ID)
Conference
56th IEEE Annual Conference on Decision and Control (CDC), DEC 12-15, 2017, Melbourne, AUSTRALIA, ARKE BS, 1990, IEEE TRANSACTIONS ON INFORMATION THEORY, V36, P453
Projects
CERCES
Note

QC 20190225

Available from: 2019-01-31 Created: 2019-01-31 Last updated: 2019-12-04Bibliographically approved
Tegling, E., Bamieh, B. & Sandberg, H. (2019). Localized high-order consensus destabilizes large-scale networks. In: Proceedings of the American Control Conference: . Paper presented at 2019 American Control Conference, ACC 2019; Philadelphia; United States; 10 July 2019 through 12 July 2019 (pp. 760-765). Institute of Electrical and Electronics Engineers (IEEE), Article ID 8815369.
Open this publication in new window or tab >>Localized high-order consensus destabilizes large-scale networks
2019 (English)In: Proceedings of the American Control Conference, Institute of Electrical and Electronics Engineers (IEEE), 2019, p. 760-765, article id 8815369Conference paper, Published paper (Refereed)
Abstract [en]

We study the problem of distributed consensus in networks where the local agents have high-order (n ≥ 3) integrator dynamics, and where all feedback is localized in that each agent has a bounded number of neighbors. We prove that no consensus algorithm based on relative differences between states of neighboring agents can then achieve consensus in networks of any size. That is, while a given algorithm may allow a small network to converge to consensus, the same algorithm will lead to instability if agents are added to the network so that it grows beyond a certain finite size. This holds in classes of network graphs whose algebraic connectivity, that is, the smallest non-zero Laplacian eigenvalue, is decreasing towards zero in network size. This applies, for example, to all planar graphs. Our proof, which relies on Routh-Hurwitz criteria for complex-valued polynomials, holds true for directed graphs with normal graph Laplacians. We survey classes of graphs where this issue arises, and also discuss leader-follower consensus, where instability will arise in any growing, undirected network as long as the feedback is localized.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2019
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-262597 (URN)2-s2.0-85072275786 (Scopus ID)9781538679265 (ISBN)
Conference
2019 American Control Conference, ACC 2019; Philadelphia; United States; 10 July 2019 through 12 July 2019
Note

QC 20191022

Available from: 2019-10-22 Created: 2019-10-22 Last updated: 2019-12-20Bibliographically approved
Pare, P. E., Hashemi, E., Stern, R., Sandberg, H. & Johansson, K. H. (2019). Networked Model for Cooperative Adaptive Cruise Control. In: IFAC PAPERSONLINE: . Paper presented at 8th IFAC Workshop on Distributed Estimation and Control in Networked Systems (NECSYS), SEP 16-17, 2019, Loyola Univ, Chicago, IL (pp. 151-156). ELSEVIER, 52(20)
Open this publication in new window or tab >>Networked Model for Cooperative Adaptive Cruise Control
Show others...
2019 (English)In: IFAC PAPERSONLINE, ELSEVIER , 2019, Vol. 52, no 20, p. 151-156Conference paper, Published paper (Refereed)
Abstract [en]

This paper proposes a cooperative adaptive cruise control model, adding a communication network structure to an existing model that has been shown to capture real commercial adaptive cruise control vehicle behavior. The proposed model is interesting because it only requires minimal information sharing, facilitating the creation of platoons comprised of vehicles from different manufacturers. We prove the stability of the model and discuss string stability. Algorithms for estimating the velocity of the vehicles locally and for estimating the velocities of all the vehicles in the platoon are presented. We simulate vehicle platoon control with the lead vehicle following an experimentally collected trajectory, showing that adding communication can cause a string unstable platoon to become stable. 

Place, publisher, year, edition, pages
ELSEVIER, 2019
Keywords
Semi-autonomous vehicles, Intelligent cruise control, Networks, Traffic control
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-266510 (URN)10.1016/j.ifacol.2019.12.150 (DOI)000504302900027 ()
Conference
8th IFAC Workshop on Distributed Estimation and Control in Networked Systems (NECSYS), SEP 16-17, 2019, Loyola Univ, Chicago, IL
Note

QC 20200205

Available from: 2020-02-05 Created: 2020-02-05 Last updated: 2020-02-05Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0003-1835-2963

Search in DiVA

Show all publications