SENEC: Secure Networked Estimation and Control ACCESS Seed Project Proposal for 2010-2011 Networked Services and Systems Project leaders: György Dán, Henrik Sandberg Participating ACCESS founding faculty: Xiaoming Hu, Peter Händel, Karl-Henrik Johansson Other participants: Alessio De Angelis, Isaac Skog, André Teixeira, Douglas Wikström The operation of complex, networked systems relies on the information exchange between the constitutent nodes. In general, the information is used by the nodes to update their estimates of the system’s state, which they can use as a basis for decision making (e.g., control and estimation). The nodes’ decisions might affect the system’s state, and inaccurate information received by the nodes might lead to the improper operation of the system. The information received by a node from another node might be inaccurate for two reasons. First, the sending node might be in a faulty state, or under attack (Fig 1.(a)). The fault or the attack might involve one node at a time or several nodes, depending on the attack model. Second, the communications channel between the two nodes might be under attack (Fig 1 (b)). The attack might be directed to one or more communication channels in the system. The goal of the SENEC project is to make complex, networked systems robust to attacks and faults. We do not aim to develop cryptographic algorithms or protocols for improved data integrity, and authentication. Instead, we aim to address the problem of security algorithmically at the application layer: by detecting and identifying faulty and inaccurate data, and by mitigating the impact of such data on the system’s behavior through careful system design (including the use of cryptographic algorithms). Methodologically, our goal is to find answers to the following three questions. 1. Fault and attack detection: How can a node detect that it is receiving inaccurate data from one or more nodes? 2. Fault and attack localization: How can a node identify which other node or nodes are sending the faulty information? 3. Fault and attack mitigation: How can the effects of an attack or fault be minimized algorithmically and through system design? The SENEC project will investigate these questions in three areas: steady state estimation in Supervisory Control and Data Acquisition (SCADA) systems, attack detection in multi-agent networks, and indoor positioning. In the following we briefly describe these three areas. 1. Secure Power System State Estimation Participants: György Dán (LCN), Karl-Henrik Johansson (ACL), Henrik Sandberg (ACL) Topic: State observers are common components in SCADA systems and are used for control, for contingency analysis, and for detecting faulty equipment in power networks. Most common is to use a centralized steady-state observer that collects data from the power system and computes an estimate of the system state at a low rate. The focus of the work is on how to detect, identify, and isolate faults and attacks against state observers in SCADA systems. Proposed deliverable (1): Dán, Johansson, Sandberg, ”Robust power system steady state estimation against data manipulation attacks” 2. Attack Detection in Multi-Agent Networks Participants: Xiaoming Hu (OPT), Karl-Henrik Johansson (ACL), Henrik Sandberg (ACL), György Dán (LCN), Douglas Wikström (CSC) Topic: In multi-agent networks nodes observe each others’ behavior via measurements or via information exchange between neighboring agents. The agents update their strategies based on the information about the neighboring agents. An example multi-agent network is a flock of autonomous robots, in which case the information is speed and direction. Assuming that the agents satisfy some physical dynamics, the goal of the work is to understand how one can distinguish node faults/attacks from communication failures, what dynamics should the detectors have and how one should place the detectors in the system. Another example is distributed supply systems. The agents can be power generators operated by different companies. The agents supply electrical power to a deregulated power grid where prices change quickly depending on the current state of supply and demand. In such environments there are incentives for the suppliers to manipulate prices by providing false information. We want to investigate if it is possible to design a distributed supervisory system that is responsible for detecting price and information manipulations. Proposed deliverables (2): Hu, Johansson, Sandberg, “Attack and Fault Detection in Multi-Robot Formation Control” Dán, Johansson, Sandberg, “Distributed power generation and unbundled markets“ 3. Secure Indoor Positioning by Range Sensor Aided Inertial Navigation Participants: Alessio De Angelis (SP), Xiaoming Hu (OPT), Peter Händel (SP), Isaac Skog (SP) Topic: The problem of indoor positioning is to determine the position of a master node by fusing the information received from slave nodes positioned in the area with the information from an inertial navigation system located on the master node. The goal of the work is to make indoor positioning more robust by (i) using the inertial navigation system to detect misbehaving slave nodes, and (ii) optimizing the placement of the slave nodes to facilitate the detection of misbehaving nodes. Proposed deliverable (1): De Angelis, Hu, Händel, Skog, ”Fault detection in collaborative UWB aided inertial navigation for indoor positioning”