André M. H. TeixeiraResearch AreasMy research considers control and monitoring of dynamical systems with main focus on:
Ongoing Research ProjectsProb4Sec - Probabilistic Methods for Secure Learning and Control, Swedish Research Council (Vetenskapsrådet), VR Project Grant in Information and Cyber Security, 2023-2027 (PI)Short SummaryProb4Sec aims to develop theory and probabilistic methods for securing cyber-physical systems (CPSs) possessing learning and control capabilities: digital devices that learn from data they collect, and automatically decide how to best interact with the physical world over time. Intelligent CPSs are pervasive in our society. Users rely and trust that these devices will operate in a safe and secure manner. The consequences of incorrect behaviors in CPSs can be dire, threatening the users’ well-being. Securing these systems is of utmost importance. Probabilistic methods are a natural way to deal with the uncertainty of physical systems and unintentional failures. Mathematical and statistical tools enable us to take a small number of samples and still be able to draw general conclusions. However, attacks are not only probabilistic but can have strategic behaviors, tailored to causing harm while avoiding detection. Hence, it is critical to develop systematic approaches that integrate the probabilistic and the strategic aspects of attacks in security analysis. Prob4Sec combines knowledge from security, statistical methods, and AI and control engineering to develop new methods for designing secure CPSs with learning and control functionalities. These methods will be instrumental in preventing future threats to all who benefit from this technology. Prob4Sec will provide further tools based on which trust in new technologies can be built and communicated, from developers to end-users. ADVOLCANO - Adverse Voltage Controllers’ Interactions in Active Distribution Networks, The Swedish Energy Agency, 2023-2026 (co-PI)Short SummaryTo meet the climate and safety challenges of today and the future, new technology is used that changes the dynamics of the electric power system, but which often also leads to unpredictable system behavior. To support voltage regulation in local distribution systems, but also to assist with voltage regulation in the overhead power transmission system, inverter-based generation is often used. However, these can lead to harmful interactions between voltage regulators that can compromise system security. This project analyzes these interactions. The project's focus is on modeling and characterizing the interactions between voltage contorllers, as well as developing methods for analyzing them. Based on the analysis, in the project we will propose solutions on how to implement new voltage regulation strategies in active distribution networks while avoiding risks of harmful interactions. The project thus contributes to improved resilience and future secure electricity supply. Validating a System Development Kit for edge federated learning, Swedish Innovation Agency (Vinnova), 2023-2025 (co-PI).Short SummaryThe project´s primary aim is to increase our understanding of scalability and cyber security in federated machine learning specifically for cloud edge applications. We will also further develop and validate a system development kit for federated machine learning, FEDn, for large-scale applications in fleet intelligence. Data-driven Vulnerability Analysis for Critical Infrastructures, eSSENCE-SciLifeLab Graduate School in Data-Intensive Science, 2022-2026 (co-PI).Short SummaryIn the last two decades, solutions to address software vulnerabilities have evolved significantly. With predictive schemes, vulnerability analysis has shifted from being reactive to being proactive in terms of early identification of possible risks. A comprehensive vulnerability analysis requires data from application execution patterns, network logs, infrastructure logs, and traces from the source code. Efficient collection, availability and analysis of the log files is a non-trivial task as this data grows rapidly with the execution pattern of the applications. The other sources include infrastructure settings and, most importantly, the information available in public vulnerability databases. All these massive data sources form the basis to call vulnerability analysis a big data challenge. A comprehensive data-driven vulnerability analysis framework will be required to ensure reliable, efficient and uninterrupted mission critical services based on software applications. This project takes a data-intensive approach to analyse and diagnose the presence of cybersecurity vulnerabilities in software applications supporting services within critical computing infrastructures. Our approach consists of combining above-mentioned different data sources with attack modeling frameworks and use explainable machine learning techniques to analyze and diagnose security vulnerabilities in software and network configurations. ReSiSt: Resilience, Safety, and Security in Tree-structured Civil Networks, Swedish Research Council (Vetenskapsrådet), VR Project Grant in Societal Security, 2021-2024 (team leader).Short SummaryCivil infrastructure networks (CIN) critically support modern society by distributing resources and protecting communities from hazards. Distributed control and monitoring of CIN to meet network demand under the network efficiency and cost constraints also poses physical security and cyber-security challenges. The resilience of civil infrastructure to disruptive events is the overarching topic of the present project. The project goal is to devise a coherent system-theoretical platform for resilience analysis of CIN as well as resilience-informed control of those. More specifically, a CIN is modeled as a cyber-physical system (CPS) whose physical layer is a transportation network equipped with actuator and sensor nodes interlaced with a computer network that implements control and monitoring of the physical layer. The scope is limited to the consideration of CPS with a tree-structured physical layer and covers a broad class of pipeline systems, i.e. networked systems transporting single- or multi-phase fluids. Failures, breakdowns, natural hazards, and cyberattacks are considered potential disruptive events. The project will be conducted along three main threads: Mathematical modeling of CIM as CPS; Model-based assessment of resilience via operational indices; Resilience-informed control of CIM. The feasibility and efficacy of the developed mathematical models and algorithms will be evaluated with respect to urban water and wastewater networks. Secure and Resilient Control Systems, Swedish Foundation for Strategic Research (SSF), SSF Future Research Leaders 7 Grant, 2020-2025 (team leader).Project WebpageShort SummaryReports of cyber-attacks on digitally controlled systems supporting modern societies, such as Stuxnet, have shown their devastating consequences to safety and human lives, and shed light on the attackers’ modus operandi: first learn the system, then tamper the visible information so the attack is undetected, and meanwhile have significant impact on the physical system. (ADSec) Analysis and Design of Secure and Resilient Control Systems, Swedish Research Council (Vetenskapsrådet), VR Starting Grant, 2019-2023 (team leader)Reports on cyber-attacks, such as Stuxnet, have shown their devastating consequences on digitally controlled systems supporting modern societies. It is therefore of the utmost importance for control systems to be able to early detect and mitigate malicious cyber-attacks, which aim at having a significant impact on the system while remaining undetected. Unfortunately, existing techniques in control theory consider impact and detectability separately, and thus fail to accurately tackle malicious cyber-attacks. LifeSec: Don't Hack my Body, Swedish Foundation for Strategic Research, 2018-2023 (team member)Implanted devices must be effectively secured to avoid life-threatening scenarios where attackers control implanted devices such as pacemakers or insuline pumps, or install malware inside a human's body. Past Research Projects(SOS4Floods) Secure our Flood Management Systems, The Netherlands Organisation for Scientific Research, 2015-2019 (team member)Cyber attacks on critical infrastructures can have devastating consequences for environment, health and even human lives.
To improve the protection and resilience, various approaches for security risk assessment, attack detection and safety monitoring have been developed.
However, the links between cyber security and safety management are poorly understood, and relevant information is not shared, creating space for malicious activities to pass undetected. (SPARKS) Smart Grid Protection Against Cyber Attacks, European Commission, FP7, 2014-2017 (team member)The aim of the project was to reduce the attack surface of smart grid systems, detect cyber-attacks in real-time, and improve the resilience of smart grid infrastructure during an attack. Furthermore, SPARKS aims at providing a deeper understanding of the threats, vulnerabilities and economic consequences of cyber-attacks on smart grid infrastructure, raise awareness amongst industry leaders, present convincing information to stakeholders, lead the debate and draw through action to improve the cyber readiness of European network operators. (VIKING) Vital Infrastructure, Networks, Information and Control Systems Management, European Commission, FP7, 2009-2011 (team member)The aim of the project was to develop, test and evaluate methodologies for the analysis, design and operation of resilient and secure industrial control systems for critical infrastructures, focusing on power transmission and distribution networks. VIKING was executed by a consortium of industrial and academic partners. |