Leen Al Homoud, Namrata Barpanda, Vinicius Bobato, Ana Goulart, Kate Davis, Mark Rice
{"title":"Analysing a multi-stage cyber threat and its impact on the power system","authors":"Leen Al Homoud, Namrata Barpanda, Vinicius Bobato, Ana Goulart, Kate Davis, Mark Rice","doi":"10.1049/cps2.12107","DOIUrl":"https://doi.org/10.1049/cps2.12107","url":null,"abstract":"<p>Electric power systems are composed of physical and cyber sub-systems. The sub-systems depend on each other. If the cyber sub-system is compromised by a cyber threat, what is the impact on the physical system? This paper presents a case study that shows the steps of a multi-stage cyber threat involving a database injection attack, and what happens to the power system if this threat is not detected in its early stages. The threat first affects one utility but it can spread to the balancing authority, which is responsible for keeping the voltage and frequency stable in the power grid. During the cyber threat, the authors also show defence tools, such as a cyber-physical data fusion tool that displays and analyses power and cyber telemetry.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"10 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-01-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12107","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143118620","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Hamed M. Binqadhi, Mohammed M. AlMuhaini, H. Vincent Poor, David Flynn, Hao Huang
{"title":"Motif-based resiliency assessment for cyber-physical power systems under various hazards","authors":"Hamed M. Binqadhi, Mohammed M. AlMuhaini, H. Vincent Poor, David Flynn, Hao Huang","doi":"10.1049/cps2.12103","DOIUrl":"https://doi.org/10.1049/cps2.12103","url":null,"abstract":"<p>Cyber-physical power systems (CPPS) are integral to meeting society's demand for secure, sustainable, affordable and resilient critical networks and services. Given the convergence of decarbonising, heating, cooling, and transportation networks onto cyber-physical power systems (CPPS), this takes on increased significance. This paper introduces an innovative approach to the open challenge of how we evaluate CPPS resilience, presenting the use of network motifs and Monte Carlo simulations. We demonstrate how our methodology enables a comprehensive analysis of CPPS by capturing the interdependence between cyber and physical networks and by accounting for inherent uncertainties in cyber and physical components. Specifically, this method incorporates the dynamic interplay between the physical and cyber networks, presenting a time-dependent motif-based resilience metric. This metric evaluates CPPS performance in maintaining critical loads during and after diverse extreme events in cyber and/or physical layers. The resilience status of the system is determined using the prevalence of 4-node motifs within the system's network, offering valuable redundant paths for critical load supply. The study models a variety of natural events, including earthquakes, windstorms, and tornadoes, along with cyber-attacks while accounting for their inherent uncertainties using Monte Carlo simulation. The proposed approach is demonstrated through two test CPPS, specifically the IEEE 14-bus and IEEE 30-bus test systems, affirming its effectiveness in quantifying CPPS resilience. By comprehensively addressing system dynamics, interdependencies, and uncertainties, the proposed technique advances our understanding of CPPS and supports resilient system design.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"10 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12103","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143362384","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Towards autonomous device protection using behavioural profiling and generative artificial intelligence","authors":"Sandeep Gupta, Bruno Crispo","doi":"10.1049/cps2.12102","DOIUrl":"https://doi.org/10.1049/cps2.12102","url":null,"abstract":"<p>Demand for autonomous protection in computing devices cannot go unnoticed, considering the rapid proliferation of deployed devices and escalating cyberattacks. Consequently, cybersecurity measures with an improved generalisation that can proactively determine the indicators of compromises to predict 0-day threats or previously unseen malware together with known malware are highly desirable. In this article, the authors present a novel concept of autonomous device protection based on behavioural profiling by continuously monitoring internal resource usage and leveraging generative artificial intelligence (genAI) to distinguish between benign and malicious behaviour. The authors design a proof-of-concept for Windows-based computing devices relying on a built-in event tracing mechanism for log collection that is converted into structured data using a graph data structure. The authors extract graph-level features, that is, <i>graph depth, nodes count, number of leaf nodes, node degree statistics, and events count</i> and node-level features (NLF), that is, <i>process start, file create and registry events details</i> for each graph. Further, the authors investigate the use of genAI exploiting a pre-trained large language network—<i>a simple contrastive sentence embedding framework</i> to extract strong features, that is, dense vectors from event graphs. Finally, the authors train a random forest classifier using both the graph-level features and NLF to obtain classification models that are evaluated on a collected dataset containing one thousand benign and malicious samples achieving accuracy up to 99.25%.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"10 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12102","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143362801","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Winning the battle with cyber risk identification tools in industrial control systems: A review","authors":"Ayo Rotibi, Neetesh Saxena, Pete Burnap","doi":"10.1049/cps2.12105","DOIUrl":"https://doi.org/10.1049/cps2.12105","url":null,"abstract":"<p>The modern Industrial Control System (ICS) environment now combines information technology (IT), operational technology, and physical processes. This digital transformation enhances operational efficiency, service quality, and physical system capabilities enabling systems to measure and control the physical world. However, it also exposes ICS to new and evolving cybersecurity threats that were once confined to the IT domain. As a result, identifying cyber risks in ICS has become more critical, leading to the development of new methods and tools to tackle these emerging threats. This study reviews some of the latest tools for cyber-risk identification in ICS. It empirically analyses each tool based on specific attributes: focus, application domain, core risk management concepts, and how they address current cybersecurity concerns in ICS.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"9 4","pages":"350-365"},"PeriodicalIF":1.7,"publicationDate":"2024-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12105","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143252763","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A three-vector model predicting torque control of permanent magnet synchronous motor with a fixed weight coefficient","authors":"Xingyu Qu, Chengkun Peng, Peng Lu, Bing Ge, Shuang Zhang, Qinghe Wang, Zhenyang Li","doi":"10.1049/cps2.12104","DOIUrl":"https://doi.org/10.1049/cps2.12104","url":null,"abstract":"<p>The difficulty of adjusting the weighting coefficients of the cost function in traditional model predictive torque control is addressed by proposing a fixed weighting coefficient three-vector model predictive torque control (FWC-MPTC) strategy. The strategy applies three voltage vectors in a control period. The first voltage vector is selected by a fixed coefficient cost function, the second and third voltage vectors are determined by a cost function that includes only torque and flux, and the third voltage vector is no longer just a traditional zero vector. In addition, to solve the problem of poor disturbance immunity of the speed loop PI controller, an active disturbance rejection controller (ADRC) is introduced in the speed loop, and the error non-linear function in the controller is rewritten into a smoother new function. The proposed control strategy reduces the torque and speed fluctuation of the traditional three-vector model predictive control (TTV-MPTC), improves the robustness of the system, avoids the difficulty of adjusting the weight coefficient in the traditional cost function, and reduces the computational complexity of the cost function.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"9 4","pages":"509-520"},"PeriodicalIF":1.7,"publicationDate":"2024-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12104","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143252689","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Cloud-mediated self-triggered synchronisation of a general linear multi-agent system over a directed graph","authors":"Takumi Namba, Kiyotsugu Takaba","doi":"10.1049/cps2.12101","DOIUrl":"https://doi.org/10.1049/cps2.12101","url":null,"abstract":"<p>The authors propose a self-triggered synchronisation control method of a general high-order linear time-invariant multi-agent system through a cloud repository. In the cloud-mediated self-triggered control, each agent asynchronously accesses the cloud repository to obtain past information about its neighbouring agents. Then, the agent predicts future behaviours of its neighbours as well as of its own and locally determines its next access time to the cloud repository. In the case of a general high-order linear agent dynamics, each agent has to estimate exponential evolution of its trajectory characterised by eigenvalues of a system matrix, which is different from single/double integrator or first-order linear agents. The authors’ proposed method deals with exponential behaviours of the agents by tightly evaluating the bounds on matrix exponentials. Based on these bounds, the authors design the self-triggered controller through a cloud that achieves the bounded state synchronization of the closed-loop system without exhibiting any Zeno behaviours. The effectiveness of the proposed method is demonstrated through the numerical simulation.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"9 4","pages":"497-508"},"PeriodicalIF":1.7,"publicationDate":"2024-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12101","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143253698","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Amir Norouzi Mobarakeh, Mohammad Ataei, Rahmat-Allah Hooshmand
{"title":"The threat of zero-dynamics attack on non-linear cyber-physical systems","authors":"Amir Norouzi Mobarakeh, Mohammad Ataei, Rahmat-Allah Hooshmand","doi":"10.1049/cps2.12099","DOIUrl":"https://doi.org/10.1049/cps2.12099","url":null,"abstract":"<p>Zero-dynamics attack (ZDA) is a destructive stealthy cyberattack that threatens cyber-physical systems (CPS). The authors have warned about the risk of a cyberattack by introducing a new general ZDA that can be effective and robust in non-linear multiple-input multiple-output CPS. In this proposed attack policy, the adversary extracts the sensor and actuator online data on the network platform. Then, by utilising a state observer and considering specific delay times, the attacker injects a ZDA signal into the actuator channels of the cyber-physical system. As a result, the internal dynamics will diverge from the nominal working region of the controlled cyber-physical system, while the outputs remain close to the actual outputs of the attack-free system. Therefore, this cyberattack can remain stealthy, and it can also be robust against revealing signals. The efficiency of this new attack policy is demonstrated in the simulation results for a continuous stirred tank reactor regarded as a cyber-physical system.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"9 4","pages":"463-476"},"PeriodicalIF":1.7,"publicationDate":"2024-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12099","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143253350","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Design of an efficient dynamic context-based privacy policy deployment model via dual bioinspired Q learning optimisations","authors":"Namrata Jiten Patel, Ashish Jadhav","doi":"10.1049/cps2.12100","DOIUrl":"https://doi.org/10.1049/cps2.12100","url":null,"abstract":"<p>A novel context-based privacy policy deployment model enhanced with bioinspired Q-learning optimisations is presented. The model addresses the challenge of maintaining privacy while ensuring data integrity and usability in various settings. Leveraging datasets including Adult (Census Income), Yelp, UC Irvine Machine Learning, and Movie Lens, the authors evaluate the model's performance against state-of-the-art techniques, such as GEF AL, Deep Forest, and Robust Continual Learning. The approach employs Firefly Optimiser (FFO) and Ant Lion Optimiser (ALO) algorithms to dynamically adjust privacy parameters and handle large datasets efficiently. Additionally, Q-learning enables intelligent decision-making and rapid adaptation to changing data and network conditions and scenarios. Evaluation results demonstrate that the model consistently outperforms reference techniques across multiple metrics, including privacy levels, scalability, fidelity, and sensitivity management. By reducing reputational harm, minimising delays, and enhancing network quality, the model offers robust privacy protection without sacrificing data utility. Overall, a dynamic context-based privacy policy deployment approach, enhanced with bioinspired Q-learning optimisations, presents a significant advancement in privacy preservation methods. The combination of ALO, FFO, and Q-learning techniques offers a practical solution to evolving data privacy challenges and enhances flexibility in various use case scenarios.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"9 4","pages":"477-496"},"PeriodicalIF":1.7,"publicationDate":"2024-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12100","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143253351","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Shining Sun, Hao Huang, Emily Payne, Shamina Hossain-McKenzie, Nicholas Jacobs, H. Vincent Poor, Astrid Layton, Katherine Davis
{"title":"A graph embedding-based approach for automatic cyber-physical power system risk assessment to prevent and mitigate threats at scale","authors":"Shining Sun, Hao Huang, Emily Payne, Shamina Hossain-McKenzie, Nicholas Jacobs, H. Vincent Poor, Astrid Layton, Katherine Davis","doi":"10.1049/cps2.12097","DOIUrl":"https://doi.org/10.1049/cps2.12097","url":null,"abstract":"<p>Power systems are facing an increasing number of cyber incidents, potentially leading to damaging consequences to both physical and cyber aspects. However, the development of analytical methods for the study of large-scale power infrastructures as cyber-physical systems is still in its early stages. Drawing inspiration from machine-learning techniques, the authors introduce a method inspired by the principles of graph embedding that is tailored for quantitative risk assessment and the exploration of possible mitigation strategies of large-scale cyber-physical power systems. The primary advantage of the graph embedding approach lies in its ability to generate numerous random walks on a graph, simulating potential access paths. Meanwhile, it enables capturing high-dimensional structures in low-dimensional spaces, facilitating advanced machine-learning applications, and ensuring scalability and adaptability for comprehensive network analysis. By employing this graph embedding-based approach, the authors present a structured and methodical framework for risk assessment in cyber-physical systems. The proposed graph embedding-based risk analysis framework aims to provide a more insightful perspective on cyber-physical risk assessment and situation awareness for power systems. To validate and demonstrate its applicability, the method has been tested on two cyber-physical power system models: the <i>Western System Coordinating Council (WSCC) 9-Bus System</i> and the <i>Illinois 200-Bus System</i>, thereby showing its advantages in enhancing the accuracy of risk analysis and comprehensiveness of situational awareness.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"9 4","pages":"435-453"},"PeriodicalIF":1.7,"publicationDate":"2024-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12097","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143253023","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Zhicong Sun, Guang Chen, Yulong Ding, Shuang-Hua Yang
{"title":"Joint safety and security risk analysis in industrial cyber-physical systems: A survey","authors":"Zhicong Sun, Guang Chen, Yulong Ding, Shuang-Hua Yang","doi":"10.1049/cps2.12095","DOIUrl":"10.1049/cps2.12095","url":null,"abstract":"<p>Industrial Cyber-Physical Systems (iCPSs) represent a new generation of industrial systems that enable a profound integration of industrial processes and informational spaces, thereby empowering the fourth industrial revolution. iCPSs confront more severe safety and security (S&S) challenges compared to traditional industrial systems. One of the most critical challenges is the joint risk analysis of S&S. Many scholars have devoted their research to this area. However, there is a dearth of literature reviews encapsulating recent advancements, which provides the motivation for this study. The authors review the methodologies in this field, delve into the S&S relationships involved, and propose 12 criteria for evaluating these methods. Furthermore, the current research limitations were analysed and potential directions were suggested for future research.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"9 4","pages":"334-349"},"PeriodicalIF":1.7,"publicationDate":"2024-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12095","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141343900","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}