Doctoral thesis: « Cyber-resilience and attack tolerance of cyber-physical systems »

Doctoral School: Sciences et Technologies de l'Information et de la Communication and the Research Unit SAMOVAR (UMR 5157) - Services répartis, Architectures, Modélisation, Validation, Administration des Réseaux are presenting the "examination of a thesis" by Mrs Mariana SEGOVIA-FERREIRA, who is expected to defend his research to obtain his PhD at l'Institut Polytechnique de Paris, prepared at Telecom SudParis in: Computer science

« Cyber-resilience and attack tolerance of cyber-physical systems »

THURSDAY, MAY 20, 2021 at 2 pm (in visio - Covid-19),

9 rue Charles Fourier 91011 Evry-Courcouronnes Cedex.

Jury members:

  • M. Joaquin GARCIA-ALFARO, Professor, Télécom SudParis, FRANCE - Supervisor
  • M. Yvon KERMARREC, Professor, Institut Mines-Telecom Atlantique Bretagne Pays de Loire, FRANCE - Rapporteur
  • M. Pascal LAFOURCADE, Associate Professor, Université Clermont Auvergne, FRANCE - Rapporteur
  • M. Luca DE CICCO, Associate Professor, Politecnico di Bari, ITALIE - Examiner
  • M. Urko  ZURUTUZA, Associate Professor, Universidad de Mondragon, ESPAGNE - Examiner
  • Mme Nora CUPPENS, Professor, Politécnico Montreal, CANADA - Examiner
  • Mme Ana Rosa  CAVALLI, Professor emeritus, Télécom SudParis, FRANCE - Co-supervisor of cyber-physics thesis

Abstract:

This thesis investigates the resilience of Cyber-Physical Systems (CPS). CPS integrate computation and networking resources to control a physical process often related to critical infrastructures, such as energy distribution, health care, industrial process control, among others.

The adoption of new communication capabilities comes at the cost of introducing new security threats that need to be properly handled. An attack may have dangerous consequences in the physical world putting in danger the safety of the people, the environment and the controlled physical processes.

For this reason, cyber-resilience is a fundamental property to ensure attack tolerance, i.e., the system must maintain the correct operation of a set of crucial functionalities despite ongoing adversarial misbehavior. For that, threats must be addressed at cyber and physical domains at the same time. We aboard the system reaction creating a synergy between control-theoretic information and cybersecurity methods to absorb and recover from the threat. We propose two approaches using different paradigms.

The first one is based on a detection and reaction strategy to attenuate cyber-physical attacks driven by reflective programmable networking to take control of adversarial actions. The mechanism builds upon the concept of software reflection and programmable networking.

The second approach proposes a resilient-by-design strategy. The approach is based on a Moving Target Defense paradigm, driven by a linear switching of state-space matrices, and applied at both the physical and network layers of a CPS. We provide a step-by-step procedure that takes a transfer function, representing the dynamics of the physical process and we show that the final system maintains stability. As a result, we obtain a resilient CPS design structured using a topology of decentralized controllers.

Also, we present metrics to quantify the cyber-resilience level of a system based on the design, structure, stability, and performance under the attack. The metrics provide reference points to evaluate whether the system is better prepared to face adversaries. This way, it is possible to quantify the ability to recover from an adversary using its mathematical model.

We evaluated the proposed approaches using numerical simulations and obtained promising results. Finally, we identified several possibilities for future research perspectives to improve existing knowledge in the field.