CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Security metrics and allocation of security resources for control systems
KTH, School of Electrical Engineering and Computer Science (EECS), Intelligent systems, Decision and Control Systems (Automatic Control).ORCID iD: 0000-0002-2045-5665
2020 (English)Doctoral thesis, monograph (Other academic)
Abstract [en]

Achieving a sufficient level of security of control systems is very important, yet challenging. Firstly, control systems operate critical infrastructures vital for our society. Hence, attacks against them can result in dire consequences. Secondly, large numbers of security vulnerabilities typically exist in these systems, which makes them attractive targets of attacks. In fact, several attacks have already occurred. Thirdly, due to their specific nature, securing control systems can be costly. For example, their real time availability requirements complicate the deployment of security measures, and control system equipment with limited computational power is unsuited for many security solutions. Motivated by the necessity of control systems security, we study two security-related applications. The first application considers classifying and preventing security vulnerabilities. We aim to first characterize the most critical vulnerability combinations in a control system, and then prevent these combinations in a cost-effective manner. To characterize the critical vulnerability combinations, we develop an impact estimation framework. Particularly, we use a physical model of the control system to simulate the impact that attack strategies may have on the physical process. Our framework is compatible with a number of attack strategies proposed throughout the literature, and can be used to estimate the impact efficiently. To prevent critical vulnerability combinations in a cost-effective manner, we develop a security measure allocation framework. The framework includes an algorithm for systematically finding critical vulnerability combinations, and two approaches for allocating security measures that prevent these combinations cost-effectively. The second application considers actuator security. Actuators are vital components of control systems to protect, since they directly interact with the physical process. To evaluate the vulnerability of every actuator in a control system, we develop actuator security indices. These indices characterize resources that the attacker needs to compromise to conduct a perfectly undetectable attack against each actuator. We propose methods to compute the actuator security indices, show that the defender can improve the indices by allocating additional sensors, and discuss the robustness of the indices. We also study a sensor allocation game based on actuator security indices. The goal of studying this game is to develop a monitoring strategy that improves the indices. We derive an approximate Nash Equilibrium of the game, and present the cases when this approximate Nash Equilibrium becomes exact. We also outline the intuition behind this equilibrium, and discuss the ways to further improve the monitoring strategy from the equilibrium.

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2020. , p. 168
Series
TRITA-EECS-AVL ; 2020:17
Keywords [en]
Cyber-Security, Cyber-Attacks, Cyber-Physical Systems, Networked Control Systems, Model Based Impact Analysis, Security Metrics, Risk Management
National Category
Control Engineering
Research subject
Electrical Engineering
Identifiers
URN: urn:nbn:se:kth:diva-269097ISBN: 978-91-7873-459-7 (print)OAI: oai:DiVA.org:kth-269097DiVA, id: diva2:1411558
Public defence
2020-03-27, Kollegiesalen, Brinellvägen 8, Stockholm, 09:00 (English)
Opponent
Supervisors
Note

QC 20200206

Videolänk till disputationen:

Video link: https://vconf.kth.se/webapp/conference/vroom_9302?callType=video

​PIN: 2039

Available from: 2020-03-06 Created: 2020-03-03 Last updated: 2020-03-24Bibliographically approved

Open Access in DiVA

fulltext(5339 kB)50 downloads
File information
File name FULLTEXT01.pdfFile size 5339 kBChecksum SHA-512
7dcfaebd4271bcd9422875d1ee8d77834210e192d1d4f186710cce7c10a5effa78cd1772617c5171eaeea1d4933283668215f35d6f1130fa735a99676bee0107
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Milošević, Jezdimir
By organisation
Decision and Control Systems (Automatic Control)
Control Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 50 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 299 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf