Metrics for Secrecy and Resilience in Cyber-Physical-Systems

dc.contributor.advisor Ratnesh Kumar
dc.contributor.author Ibrahim, Mariam
dc.contributor.department Electrical and Computer Engineering
dc.date 2018-08-11T19:08:11.000
dc.date.accessioned 2020-06-30T03:05:59Z
dc.date.available 2020-06-30T03:05:59Z
dc.date.copyright Fri Jan 01 00:00:00 UTC 2016
dc.date.embargo 2001-01-01
dc.date.issued 2016-01-01
dc.description.abstract <p>In this dissertation, we study the problem of Secrecy and Resiliency quantification for cyber physical systems. Secrecy (also known as confidentiality) refers to the ability to withstand attempts to uncover information/behaviors, whereas resilience (also known as integrity) refers to the ability to withstand attempts to modify information/behaviors. Thus, former is an observability related attribute while the latter is an attribute related to controllability. In this dissertation we are primarily concerned with protecting systems behaviors from being revealed or altered.</p> <p>Unlike information, behaviors cannot be encrypted and may instead be protected by providing covers that generate indistinguishable observations from behaviors needed to be kept secret. Such a scheme may still leak information about secrets due to statistical difference between the occurrence probabilities of the secrets and their covers. Jensen-Shannon Divergence (JSD) is a possible means of quantifying statistical difference between two distributions and can be used to measure such information leak as presented in this dissertation. Using JSD, we quantify loss of secrecy in stochastic partially-observed discrete event systems in two settings: (i) the centralized setting, corresponding to a single attacker/observer, and (ii) the distributed collusive setting, corresponding to multiple attackers/observers, exchanging their observed information. In the centralized case, an observer structure is formed and used to aide the computation of JSD, in the limit, as the length of observations approach infinity to quantify the worst case loss of secrecy. In the distributed collusive case, channel models are introduced</p> <p>to extend the system model to capture the effect of exchange of observations, that allows the JSD computation of the centralized case to be applied over the extended model to measure the distributed secrecy loss.</p> <p>We also formulate a measure for resiliency for dynamical hybrid systems with focus on power systems. The resiliency measure, called Level-of-Resilience (LoR), determined by examining: (i) the Region-of-Stability-Reduction (RoSR), as the RoS evolves under attack and recovery actions as captured by a “modal-RoS”, (ii) the eventual Level-of-Performance-Reduction (LoPR), as measured by percentage of reduction of load served, and (iii) Recovery-Time (RT), which is the time system takes to detect and recover from an attack or a fault. We illustrate our measure by comparing resiliency level of two power systems under two different attack scenarios.</p> <p>The level of resilience of a given system is assessed under various attack scenarios. We</p> <p>present a model-based approach for generating such attack scenarios. This requires a comprehensive description of the system model (describing architecture and connectivity, components and behaviors, assets, defenses, vulnerabilities, atomic attacks), as well as of security/resiliency properties being investigated. A state exploration based approach has been proposed to find all behaviors/paths of the model leading to those reachable states where the specified security/resiliency properties are violated. An attack graph is a collection of all paths from initial states to such reachable violating states. We present a model-based attack graph generation approach and its implementation.</p>
dc.format.mimetype application/pdf
dc.identifier archive/lib.dr.iastate.edu/etd/15724/
dc.identifier.articleid 6731
dc.identifier.contextkey 11165128
dc.identifier.doi https://doi.org/10.31274/etd-180810-5352
dc.identifier.s3bucket isulib-bepress-aws-west
dc.identifier.submissionpath etd/15724
dc.identifier.uri https://dr.lib.iastate.edu/handle/20.500.12876/29907
dc.language.iso en
dc.source.bitstream archive/lib.dr.iastate.edu/etd/15724/Ibrahim_iastate_0097E_15831.pdf|||Fri Jan 14 20:45:40 UTC 2022
dc.subject.disciplines Electrical and Electronics
dc.subject.keywords attack graph
dc.subject.keywords Jensen-Shannon Divergence
dc.subject.keywords mutual information
dc.subject.keywords partially-observed stochastic discrete event systems
dc.subject.keywords resiliency
dc.subject.keywords Secrecy
dc.title Metrics for Secrecy and Resilience in Cyber-Physical-Systems
dc.type article
dc.type.genre dissertation
dspace.entity.type Publication
relation.isOrgUnitOfPublication a75a044c-d11e-44cd-af4f-dab1d83339ff
thesis.degree.discipline Electrical Engineering
thesis.degree.level dissertation
thesis.degree.name Doctor of Philosophy
File
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
Ibrahim_iastate_0097E_15831.pdf
Size:
2.78 MB
Format:
Adobe Portable Document Format
Description: