Search for: All records

Point-of-care diagnostics are a key technology for various safety-critical applications from providing diagnostics in developing countries lacking adequate medical infrastructure to fight infectious diseases to screening procedures for border protection. Digital microfluidics biochips are an emerging technology that are increasingly being evaluated as a viable platform for rapid diagnosis and point-of-care field deployment. In such a technology, processing errors are inherent. Cyber-physical digital biochips offer higher reliability through the inclusion of automated error recovery mechanisms that can reconfigure operations performed on the electrode array. Recent research has begun to explore security vulnerabilities of digital microfluidic systems. This paper expands previous work that exploits vulnerabilities due to implicit trust in the error recovery mechanism. In this work, a discriminative data mining approach is introduced to identify frequent bioassay operations that can be cyber-physically attested for runtime security protection. 

The dynamic non-linear state-space model of a power-system consisting of synchronous generators, buses, and static loads has been linearized and a linear measurement function has been considered. A distributed dynamic framework for estimating the state vector of the power system has been designed here. This framework employs a type of distributed Kalman filter (DKF) known as a Kalman consensus filter (KCF) which is located at distributed control centers (DCCs) that fuse locally available noise ridden measurements, state vector estimates of neighboring control centers, and a prediction obtained by the linearized model to obtain a filtered state vector estimate. Further, the local residual at each control center is checked by a median chi-squared detector designed here for bad data/Gaussian attack detection. Simulation results show the working of the KCF for an 8 bus 5 generator system, and the efficacy of the median chi-squared detector in detecting the DCC affected by Gaussian attacks. 

As the use of autonomous vehicles increase, the transportation infrastructure as a whole becomes more susceptible to cyber-attacks due to the increase of components that can communicate with one another and the Internet. It has been shown that autonomous vehicles benefit greatly from cooperating to perform many cost and life-saving applications such as tailgating, advanced collision warning, and even traffic routing. To secure the transportation infrastructure against this increasing risk, this paper presents an efficient blockchain scheme for vehicular ad-hoc networks of autonomous vehicles. In the proposed scheme, every vehicle maintains blocks generated by its platoon which contain transactions that evaluate the actions of every vehicle. Thus, vehicles will possess different blocks and thus different blockchains as they join and leave platoons. No central blockchain is maintained. These blocks are used as a token by the vehicle to gain access to future platoons. The proposed scheme uses the Schnorr digital signature scheme to create a secure signature and reach consensus within the platoon. It is proven to be secure under the given assumptions. 

Cyber-physical system security is a significant concern in the critical infrastructure. Strong interdependencies between cyber and physical components render cyber-physical systems highly susceptible to integrity attacks such as injecting malicious data and projecting fake sensor measurements. Traditional security models partition cyber-physical systems into just two domains – high and low. This absolute partitioning is not well suited to cyber-physical systems because they comprise multiple overlapping partitions. Information flow properties, which model how inputs to a system affect its outputs across security partitions, are important considerations in cyber-physical systems. Information flows support traceability analysis that helps detect vulnerabilities and anomalous sources, contributing to the implementation of mitigation measures. This chapter describes an automated model with graph-based information flow traversal for identifying information flow paths in the Automatic Dependent Surveillance-Broadcast (ADS-B) system used in civilian aviation, and subsequently partitioning the flows into security domains. The results help identify ADS-B system vulnerabilities to failures and attacks, and determine potential mitigation measures. 

Cyber-physical systems are vulnerable to a variety of cyber, physical and cyber-physical attacks. The security of cyber-physical systems can be enhanced beyond what can be achieved through firewalls and trusted components by building trust from observed and/or expected behaviors. These behaviors can be encoded as invariants. Information flows that do not satisfy the invariants are used to identify and isolate malfunctioning devices and cyber intrusions. However, the distributed architectures of cyber-physical systems often contain multiple access points that are physically and/or digitally linked. Thus, invariants may be difficult to determine and/or computationally prohibitive to check in real time. Researchers have employed various methods for determining the invariants by analyzing the designs of and/or data generated by cyber-physical systems such as water treatment plants and electric power grids. This chapter compares the effectiveness of detecting attacks on a water treatment plant using design-centric invariants versus data-centric rules, the latter generated using a variety of data mining methods. The methods are compared based on the maximization of true positives and minimization of false positives. 

An attacker can effectively publish false measurements in distributed cyber-physical systems with noisy measurements. These biased false measurements can be impossible to distinguish from noise and enable the attacker to gain a small but persistent economic advantage. The residual sum, a fundamental measurement of bias in cyber-physical systems, is employed to develop a detection scheme for bias attacks. The scheme is highly efficient, privacy preserving and effectively detects bias attacks.