Objective
We propose a solution using machine learning and test generation, leveraging machine learning expertise from UIUC and testing and verification from KTH. Unlike previous approaches, we focus on explainable AI in our safety cage so that the cage itself and its effects on network traffic can be inspected and validated. Lightweight approaches guarantee that our safety cage can be embedded in programmable networks or operating system kernels. Machine learning will learn behavioural models that have their roots in formal modelling (access policies, protocol states, Petri Nets) and thus are inherently readable by humans. The test-case generation will validate diverse traces against the model and showcase potential malicious behaviour, validating both positive and negative outcomes.
Background
Industrial robots usually operate within a “safety cage” to ensure that a robot does not harm workers. We need the same type of security, simple and explainable, for IT systems. Novel mechanisms that can be embedded in the network, such as through hardware-accelerated programmable networks or kernel extensions, enable this type of security at the network level.
Crossdisciplinary collaboration
The project is a collaboration between the University of Illinois at Urbana-Champaign and the KTH Royal Institute of Technology. KTH will combine its experience in testing and verification with UIUC’s expertise in machine learning.
Watch the recorded presentation at Digitalize in Stockholm 2022 event:
About the project
Objective
The team will address five objectives regarding cyberattacks on power systems based on state-of-the-art AI methods: (1) designing graph neural networks that can process power data to learn the state of the system and detect cyberattacks; (2) developing AI algorithms that utilize image recognition techniques using convolutional neural networks to detect denial of view and image replays resulting from cyberattacks; and (3) developing optimization techniques to robustify previously designed neural networks against adversarial data. Selecting power system operating points and policies through attack-aware methods creates a resilient system. If an attack is not immediately sensed, operating from such a position of strength buys time for detection algorithms. Objectives 4 and 5 aim to develop attack-aware AI methods via distributionally robust optimization and cascading failure analysis.
Background
The operation of power systems is becoming data-centric to improve the efficiency, resiliency, and sustainability of power systems and address climate change. Major operational problems, such as security-constrained optimal power flow, contingency analysis, and transient stability analysis, rely on the knowledge extracted from sensory data. Data manipulation by a malicious actor tampers with grid operation, with catastrophic consequences, including physical equipment damage and cascading failures. Developing frameworks and methodologies that help power operators protect the power grid against such malicious attacks is paramount to national security.
Crossdisciplinary collaboration
The project is a collaboration between the University of California Berkeley, California Institute of Technology, KTH Royal Institute of Technology and Electric Power Research Institute. Assistant Professor Jan Kronqvist leads the research in the Department of Mathematics at KTH. At KTH, the research is focused on developing optimization techniques to robustify previously designed neural networks against adversarial data and the fundamental mathematical theory needed to develop such optimization techniques.
Contacts at other participating institutes:
Javad Lavaei, Associate Professor, Industrial Engineering and Operations Research, University of California, Berkeley
Somayeh Sojoudi, Assistant Professor of Electrical Engineering & Computer Science, University of California, Berkeley
Steven Low, Professor of Computing and Mathematical Sciences and Electrical Engineering, California Institute of Technology
Jeremy Lawrence, Principal Technical Leader at Electric Power Research Institute, Electric Power Research Institute
Watch the recorded presentation at the Digitalize in Stockholm 2023 event:
About the project
Objective
We propose to develop computationally efficient machine learning algorithms and tools for attack detection and identification based on a novel, scalable representation of the physical system state, the communication protocol state and the IT infrastructure’s security state maintained based on noisy observations and measurements from the physical and the IT infrastructure. The key contribution is to learn a succinct representation of the security state of the IT infrastructure that allows computationally efficient belief updates in real-time and enables jointly accounting for the evolution of the state of the physical system, communication protocols, and infrastructure for accurate detection of attacks and identification through causal reasoning based on learnt dependency models.
The research will help address questions such as achieving real-time situational awareness in complex IT infrastructures, developing anomaly detectors with low false positive and false negative rates, and using information about IT infrastructure to improve attack identification. The project leverages the expertise of three research teams from KTH, UIUC, and MIT, with extensive expertise in cyber-physical systems security, smart grids, and anomaly detection.
Background
Modern SCADA systems rely on IP-based communication protocols that are primarily event-driven and follow a publish-subscribe model. The timing and content of protocol messages emerge from interactions between the physical system state and the protocol’s internal state – as an effect, traditional approaches to anomaly detection result in excessive false positives and, ultimately, alarm fatigue.
Crossdisciplinary collaboration
The project is a collaboration between the KTH Royal Institute of Technology, the University of Illinois at Urbana-Champaign and MIT.
Watch the recorded presentation at the Digitalize in Stockholm 2023 event: