Change search
Link to record
Permanent link

Direct link
BETA
Milosevic, Jezdimir
Publications (5 of 5) Show all publications
Milosevic, J., Sandberg, H. & Johansson, K. H. (2019). A Security Index for Actuators Based on Perfect Undetectability: Properties and Approximation. In: 2018 56th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2018: . Paper presented at 56th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2018, 2 October 2018 through 5 October 2018 (pp. 235-241). Institute of Electrical and Electronics Engineers Inc.
Open this publication in new window or tab >>A Security Index for Actuators Based on Perfect Undetectability: Properties and Approximation
2019 (English)In: 2018 56th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2018, Institute of Electrical and Electronics Engineers Inc. , 2019, p. 235-241Conference paper, Published paper (Refereed)
Abstract [en]

A novel security index based on the definition of perfect undetectability is proposed. The index is a tool that can help a control system operator to localize the most vulnerable actuators in the network. In particular, the security index of actuator i represents the minimal number of sensors and actuators that needs to be compromised in addition to i, such that a perfectly undetectable attack is possible. A method for computing this index for small scale systems is derived, and difficulties with the index once the system is of large scale are outlined. An upper bound for the index that overcomes these difficulties is then proposed. The theoretical developments are illustrated on a numerical example. 

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers Inc., 2019
Keywords
Computer programming, Computer science, Control engineering, Security indices, Sensors and actuators, Small-scale systems, System operator, Theoretical development, Upper Bound, Actuators
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-252077 (URN)10.1109/ALLERTON.2018.8635906 (DOI)000461021200034 ()2-s2.0-85062843906 (Scopus ID)
Conference
56th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2018, 2 October 2018 through 5 October 2018
Projects
CERCES
Note

QC 20190801

Available from: 2019-08-01 Created: 2019-08-01 Last updated: 2019-11-19
Müller, M. I., Milosevic, J., Sandberg, H. & Rojas, C. R. (2018). A Risk-Theoretical Approach to H2-Optimal Control under Covert Attacks. In: 57th IEEE Conference on Decision and Control: . Paper presented at 57th IEEE Conference on Decision and Control (pp. 4553-4558). IEEE
Open this publication in new window or tab >>A Risk-Theoretical Approach to H2-Optimal Control under Covert Attacks
2018 (English)In: 57th IEEE Conference on Decision and Control, IEEE , 2018, p. 4553-4558Conference paper, Published paper (Refereed)
Abstract [en]

We consider the control design problem of optimizing the H-2 performance of a closed-loop system despite the presence of a malicious covert attacker. It is assumed that the attacker has incomplete knowledge on the true process we are controlling. To account for this uncertainty, we employ different measures of risk from the so called family of coherent measures of risk. In particular, we compare the closed-loop performance when a nominal value is used, with three different measures of risk: average risk, worst-case scenario and conditional valueat- risk (CVaR). Additionally, applying the approach from a previous work, we derive a convex formulation for the control design problem when CVaR is employed to quantify the risk. A numerical example illustrates the advantages of our approach.

Place, publisher, year, edition, pages
IEEE, 2018
Series
IEEE Conference on Decision and Control, ISSN 0743-1546
National Category
Computer and Information Sciences
Identifiers
urn:nbn:se:kth:diva-245006 (URN)10.1109/CDC.2018.8618886 (DOI)000458114804034 ()2-s2.0-85062181179 (Scopus ID)978-1-5386-1395-5 (ISBN)
Conference
57th IEEE Conference on Decision and Control
Projects
CERCES
Note

QC 20190305

Available from: 2019-03-05 Created: 2019-03-05 Last updated: 2019-08-27Bibliographically approved
Milosevic, J. (2018). Model Based Impact Analysis and Security Measure Allocation for Control Systems. (Licentiate dissertation). Stockholm, Sweden: KTH Royal Institute of Technology
Open this publication in new window or tab >>Model Based Impact Analysis and Security Measure Allocation for Control Systems
2018 (English)Licentiate thesis, monograph (Other academic)
Abstract [en]

Improvement of cyber-security of industrial control systems is of utmost importance for our society. It has been recognized that many security vulnerabilities can be found in these systems, which if exploited may lead to dire consequences. For instance, successful cyber-attacks against industrial control systems may cause loss of electricity, lead to shortage of drinkable water,or disrupt oil and gas production. Deploying security measures to protect industrial control systems may be costly.  Thus, it is expected that we would not be able to prevent all the security vulnerabilities that we find within the systems. In this thesis, we consider two problems related to this issue. The first one is how to determine which combinations of vulnerabilities are the most critical to be prevented. An important part of this classification is estimating the impact of cyber-attacks conducted using these vulnerabilities, which is the first major problem considered in the thesis. The budget for deploying security measures can then be focused on preventing the most critical combinations of vulnerabilities that are found. How to do this in an optimal way once the number of vulnerabilities and measures is large is the second major problem considered. As our first contribution, we outline a framework for estimating the attack impact in industrial control systems. Here, we consider industrial control systems that have both control and monitoring tasks. For industrial control systems with control tasks, we propose a framework to estimate the impact of several attack strategies. We prove that the estimation of the impact of all possible strategies is reducible to solving a set of convex minimization problems. The solvers for convex minimization problems are well known, so the exact value of the attack impact can be obtained easily. For industrial control systems with monitoring tasks, we analyze the impact of a bias injection attack strategy.  We prove that the attack impact can be obtained as the solution of a quadratically constrained quadratic program, for which the exact solution can be found efficiently. We also introduce a lower bound of the attack impact in terms of the number of compromised sensors. The theoretical findings are illustrated in numerical examples. As our second contribution, we propose a flexible modeling framework for allocating security measures. Our framework is suitable for dynamical models of industrial control systems, and can be used in cases when the number of vulnerabilities and measures is large. The advantages of our framework are the following. Firstly, the framework includes an algorithm for efficiently finding the most dangerous vulnerabilities in the system. Secondly, the problem of eliminating these vulnerabilities can provably be casted as a minimization of a linear function subject to a submodular constraint. This implies that the suboptimal solution of the problem, with guaranteed performance, can be found using a fast greedy algorithm. The applicability of the framework is demonstrated through simulations on an industrial control system used for regulating temperature within a building

Abstract [sv]

Att säkerställa och förbättra cybersäkerheten hos industriella styrsystem är av stor vikt för samhällssäkerheten. Det är känt att det förekommer sårbar-heter hos den här typen av system, som om de utnyttjas kan leda till allvarliga konsekvenser. Till exempel kan cyberattacker mot industriella styrsystem leda till storskaliga strömavbrott, dricksvattenbrist och störningar i olje- och gasproduktion. Av dessa skäl har de här problemen fått stor uppmärksamhet inom såväl forskningen som hos myndigheter och industrin. Den här avhandlingen motiveras främst av att de åtgärder som kan vidtas för att skydda industriella styrsystem ofta är kostsamma. I många fall är det därför inte möjligt att åtgärda alla sårbarheter som kan hittas hos systemen. Man behöver därför ta hänsyn till två problem. Till att börja med, hur man kan identifiera vilka sårbarheter, eller kombinationer av dessa, som det är mest kritiskt att förhindra angrepp mot. En viktig del av denna analys är att beräkna effekten av sådana angrepp. Detta problem behandlas i avhandlingens första del. Nästa problem är att fördela en budget för säkerhetsåtgärder för att förebygga de mest kritiska sårbarheterna, vilket behandlas i avhandlingens andra del. Avhandlingens första bidrag är ett ramverk för att bedöma effekten av angrepp mot industriella styrsystem. Här betraktar vi industriella styrsystem som både har till uppgift att reglera och att övervaka. För system med regler-uppgifter föreslår vi ett ramverk för att uppskatta effekterna av flera olika angreppsstrategier. Vi visar att beräkningen av effekten av samtliga strategier kan reduceras till att lösa en uppsättning konvexa minimeringsproblem. Eftersom lösningsalgoritmer för sådana problem är välkända så kan exakta värden enkelt beräknas. För industriella styrsystem med övervakningsuppgifter analyserar vi effekten av angrepp i form av injektion av bias. Vi bevisar attdenna effekt kan fås som lösningen till ett så kallat kvadratiskt programmeringsproblem med kvadratiska bivillkor, som går att lösa exakt på ett effektivt sätt. Vi demonstrerar resultaten i numeriska exempel. Avhandlingens andra bidrag är en flexibel modelleringsmetod för resurs-fördelning av säkerhetsåtgärder. Metoden vi föreslår är lämpad för dynamiska modeller av industriella styrsystem och löser resursfördelningsproblemet när antalet sårbarbeter och åtgärder är stort. Den föreslagna metoden kan effektivt identifiera de farligaste sårbarheterna i systemet. Sedan visar vi hur problemet med att eliminera dessa sårbarheter kan formuleras som en minimering av en linjär funktion med submodulära bivillkor. Detta innebär att man med garanterad prestanda kan hitta en sub otimal lösning med hjälp aven snabb så kallad girig algorithm. Vi demonstrerar att våra metoder går att tillämpa genom simuleringar av ett industriellt temperatur regleringssystem.

Place, publisher, year, edition, pages
Stockholm, Sweden: KTH Royal Institute of Technology, 2018. p. 100
Series
TRITA-EECS-AVL ; 2018:15
National Category
Control Engineering
Research subject
Electrical Engineering
Identifiers
urn:nbn:se:kth:diva-223684 (URN)978-91-7729-698-0 (ISBN)
Presentation
2018-03-23, Hörsal L1, Drottning Kristinas väg 30, Stockholm, 10:00 (English)
Opponent
Supervisors
Note

QC 20180301

Available from: 2018-03-01 Created: 2018-02-28 Last updated: 2018-03-01Bibliographically approved
Milosevic, J., Umsonst, D., Sandberg, H. & Johansson, K. H. (2018). Quantifying the Impact of Cyber-Attack Strategies for Control Systems Equipped with an Anomaly Detector. In: 2018 European Control Conference, ECC 2018: . Paper presented at 16th European Control Conference, ECC 2018, Limassol, Cyprus, 12 June 2018 through 15 June 2018 (pp. 331-337). Institute of Electrical and Electronics Engineers (IEEE), Article ID 8550188.
Open this publication in new window or tab >>Quantifying the Impact of Cyber-Attack Strategies for Control Systems Equipped with an Anomaly Detector
2018 (English)In: 2018 European Control Conference, ECC 2018, Institute of Electrical and Electronics Engineers (IEEE), 2018, p. 331-337, article id 8550188Conference paper, Published paper (Refereed)
Abstract [en]

Risk assessment is an inevitable step in the implementation of cost-effective security strategies for control systems. One of the difficulties of risk assessment is to estimate the impact cyber-attacks may have. This paper proposes a framework to estimate the impact of several cyber-attack strategies against a dynamical control system equipped with an anomaly detector. In particular, we consider denial of service, sign alternation, rerouting, replay, false data injection, and bias injection attack strategies. The anomaly detectors we consider are stateless, cumulative sum, and multivariate exponentially weighted moving average detectors. As a measure of the attack impact, we adopt the infinity norm of critical states after a fixed number of time steps. For this measure and the aforementioned anomaly detectors, we prove that the attack impact for all of the attack strategies can be reduced to the problem of solving a set of convex minimization problems. Therefore, the exact value of the attack impact can be obtained easily. We demonstrate how our modeling framework can be used for risk assessment on a numerical example.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2018
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-241514 (URN)10.23919/ECC.2018.8550188 (DOI)2-s2.0-85059816350 (Scopus ID)9783952426982 (ISBN)
Conference
16th European Control Conference, ECC 2018, Limassol, Cyprus, 12 June 2018 through 15 June 2018
Projects
CERCES
Funder
Knut and Alice Wallenberg FoundationSwedish Foundation for Strategic Research Swedish Civil Contingencies AgencySwedish Research Council
Note

QC 20190124

Available from: 2019-01-24 Created: 2019-01-24 Last updated: 2019-11-14Bibliographically approved
Milosevic, J., Tanaka, T., Sandberg, H. & Johansson, K. H. (2017). Analysis and Mitigation of Bias Injection Attacks Against a Kalman Filter. IFAC-PapersOnLine, 50(1), 8393-8398
Open this publication in new window or tab >>Analysis and Mitigation of Bias Injection Attacks Against a Kalman Filter
2017 (English)In: IFAC-PapersOnLine, ISSN 2405-8963, Vol. 50, no 1, p. 8393-8398Article in journal (Refereed) Published
Abstract [en]

In this paper, we consider a state estimation problem for stochastic linear dynamical systems in the presence of bias injection attacks. A Kalman filter is used as an estimator, and a chi-squared test is used to detect anomalies. We first show that the impact of the worst-case bias injection attack in a stochastic setting can be analyzed by a deterministic quadratically constrained quadratic program, which has an analytical solution. Based on this result, we propose a criterion for selecting sensors to secure in order to mitigate the attack impact. Furthermore, we derive a condition on the necessary number of sensors to secure in order for the impact to be less than a desired threshold.

Place, publisher, year, edition, pages
Elsevier, 2017
Keywords
Cyber-Attacks, Cyber-Physical Systems, Cyber-Security
National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-223059 (URN)10.1016/j.ifacol.2017.08.1564 (DOI)000423964900388 ()2-s2.0-85031794404 (Scopus ID)
Projects
CERCES
Funder
Knut and Alice Wallenberg FoundationSwedish Foundation for Strategic Research Swedish Research Council
Note

QC 20180213

Available from: 2018-02-13 Created: 2018-02-13 Last updated: 2019-11-14Bibliographically approved
Organisations

Search in DiVA

Show all publications