Cyberattack | EPFL Graph Search

A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, personal computer devices, or smartphones. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, societies or organizations and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon. Cyberattacks have increased over the last few years. A well-known example of a cyberattack is a distributed denial of service attack (DDoS). A cyberattack may steal, alter, or destroy a specified target by hacking into a private network or otherwise susceptible system. Cyberattacks can range from installing spyware on a personal computer to attemptin

Cyber-attack on Packet-Based Time Synchronization Protocols: the Undetectable Delay Box

Sergio Barreto Andrade, Jean-Yves Le Boudec, Aswin Suresh

We present a cyber-attack on packet-based time synchronization protocols (PBTSP) with high-accuracy requirements. The cyber-attack is undetectable from the PBTSP's perspective and exploits a vulnerability that is in the nature of all PBTSPs. It can be successfully performed regardless of the cryptographic protocol that the PBTSP is protected with and it is undetectable by the clock-servo algorithm inside the target slave clock. To perform this cyber-attack, we built a "Delay Box" capable of advancing or delaying a slave clock by introducing a malicious offset of a few microseconds. We run experimental tests to the delay box to prove the magnitude of the attack and to confirm undetectability. We discuss possible countermeasures for this type of attack.

Ieee2016

Time-Synchronization Attacks against Critical Infrastructures and their Mitigation

Marguerite Marie Nathalie Delcourt

This work focuses on the security of critical infrastructures against time-synchronization attacks (TSA). A TSA can impact any network that relies on the dynamic analysis of data, by altering the time synchronization between its nodes. Such attacked networks can start failing. Some TSAs are thwarted by cyber-security tools such as authentication and confidentiality algorithms. However, such tools cannot counter TSAs that are implemented physically. Such TSAs are undetectable but they may be detected if they lead to non-plausible observations. The identification of TSAs requires in-depth knowledge of the system's operation.We focus on TSAs in two settings. First, we consider smart grids. Their control and operation require the timely knowledge of the system state, which is inferred from an estimate computed from measurements. We consider phasor measurements taken from phasor measurement units (PMUs). However, they require a precise time synchronization, which is a weakness as existing synchronization methods are vulnerable to attacks. We aim to assess the vulnerability of the synchrophasor-based state estimation of a system, by exploring the feasibility and detectability of TSAs on PMUs. A widespread technique to make the state estimation more robust is to couple it with a bad-data detection (BDD) scheme. However, it is known that false data injection attacks and TSAs can impact the state estimation without being detected by the BDD algorithms. We present practical attack strategies for undetectable TSAs and novel vulnerability conditions. One of them is a static condition that does not depend on the measurement values. We propose a security requirement that prevents it and a greedy offline algorithm that enforces it. If this requirement is satisfied, the grid may still be attacked, although we reason that it is unlikely. We identify two sufficient and necessary vulnerability conditions which depend on the measurement values. For each, we provide a metric that shows the distance between the observed and vulnerability conditions. Enforcing our requirement requires increasing the amount of measurement points of the grid. We investigate the benefits of utilizing the three-phase model instead of the direct-sequence model for security. We show that if the power system is unbalanced, then the use of the three-phase model enables to detect attacks that are undetectable if the direct-sequence model is used. Numerical results from simulations with real load profiles from the Lausanne grid, confirm our findings. Second, we consider sensor networks for passive-source localization. We focus on the localization of a passive source from time difference of arrival (TDOA) measurements. Such measurements are highly sensitive to time-synchronization offsets. We first illustrate that TSAs can affect the localization and we show that residual analysis does not enable the detection and identification of TSAs. Second, we propose a two-step TDOA-localization technique that is robust against TSAs. It uses a known source to define a weight for each pair of sensors, reflecting the confidence in their synchronization. We then use the weighted least-squares estimator with the new weights and the TDOA measurements received from the unknown source. Our method either identifies the network as being too corrupt, or gives a corrected estimate of the unknown position along with a confidence metric. Numerical results illustrate the performance of our technique.

EPFL2021

Data-driven and Safe Networked Control with Applications to Microgrids

Mustafa Sahin Turan

Today, automatic control is integrated into a wide spectrum of real-world systems such as electrical grids and transportation networks. Many of these systems comprise numerous interconnected agents, perform safety-critical operations, or generate large amounts of data. Their automation, therefore, must address the challenges pertinent to these three characteristics. Specifically, in multi-agent systems (MASs), one common objective is that agents reach consensus on state or output variables for achieving a desired collective behavior. For consensus in large MASs, distributed controllers employing a communication network are required. When distributed architectures are used, the security of the closed-loop system can be compromised due to the vulnerability of the communication network to adversarial interferences called cyber attacks. Timely detection of attacks is vital for ensuring security of safety-critical systems. Finally, it is relevant in data-rich systems to develop control and state-estimation methods that provide guarantees by using a finite amount of data and bypassing the need of knowing system models.Composed of three parts, this thesis contributes to address the abovementioned challenges of modern control systems. As an example, DC microgrids (DCmGs) are considered throughout the thesis for the development and validation of the proposed methods. The first part focuses on distributed consensus protocols. We first investigate the problem of state consensus in general linear interconnected MASs (LIMASs), for which we provide conditions based on the physical and communication graph properties as well as system matrices. Our results show that weak physical coupling and well-connected graphs are favorable features for consensus. We then focus on nonlinear DCmGs and propose a novel distributed controller to achieve voltage balancing and current sharing, which is a specific case of output consensus. By exploiting the structure of DCmG dynamics, we provide conditions on the attainment of these objectives and the stability of the closed-loop system. In the second part, a distributed cyber-attack detection scheme is developed for LIMASs controlled in a distributed fashion. The detection architecture comprises local monitoring units collocated with each agent and checking the presence of cyber attacks in variables communicated by neighboring agents. Each unit estimates the states of local and nearby agents, and detects an attack if a suitably defined error is sufficiently large. A thorough detectability analysis considering different types of attacks is also performed. The final part of the thesis provides direct data-driven methods for control and state estimation based on finite data. First, we look at the worst-case optimal tracking problem in presence of measurement noises satisfying a quadratic bound. Control design is formulated as a semidefinite program (SDP), whose computational complexity is independent of the amount of data. Then, we turn our attention to state estimation in presence of unknown inputs, for which we present data-driven necessary and sufficient conditions. Under these conditions, a novel data-driven state estimation method with stability guarantees is provided.

EPFL2022