Showing 1–5 of 5 results for author: Asplund, M

Towards Privacy-Preserving Anomaly-Based Intrusion Detection in Energy Communities

Authors: Zeeshan Afzal, Giovanni Gaggero, Mikael Asplund

Abstract: Energy communities consist of decentralized energy production, storage, consumption, and distribution and are gaining traction in modern power systems. However, these communities may increase the vulnerability of the grid to cyber threats. We propose an anomaly-based intrusion detection system to enhance the security of energy communities. The system leverages deep autoencoders to detect deviation… ▽ More Energy communities consist of decentralized energy production, storage, consumption, and distribution and are gaining traction in modern power systems. However, these communities may increase the vulnerability of the grid to cyber threats. We propose an anomaly-based intrusion detection system to enhance the security of energy communities. The system leverages deep autoencoders to detect deviations from normal operational patterns in order to identify anomalies induced by malicious activities and attacks. Operational data for training and evaluation are derived from a Simulink model of an energy community. The results show that the autoencoder-based intrusion detection system achieves good detection performance across multiple attack scenarios. We also demonstrate potential for real-world application of the system by training a federated model that enables distributed intrusion detection while preserving data privacy. △ Less

Submitted 26 February, 2025; originally announced February 2025.

Comments: Under Submission

From Balance to Breach: Cyber Threats to Battery Energy Storage Systems

Authors: Frans Öhrström, Joakim Oscarsson, Zeeshan Afzal, János Dani, Mikael Asplund

Abstract: Battery energy storage systems are an important part of modern power systems as a solution to maintain grid balance. However, such systems are often remotely managed using cloud-based control systems. This exposes them to cyberattacks that could result in catastrophic consequences for the electrical grid and the connected infrastructure. This paper takes a step towards advancing understanding of t… ▽ More Battery energy storage systems are an important part of modern power systems as a solution to maintain grid balance. However, such systems are often remotely managed using cloud-based control systems. This exposes them to cyberattacks that could result in catastrophic consequences for the electrical grid and the connected infrastructure. This paper takes a step towards advancing understanding of these systems and investigates the effects of cyberattacks targeting them. We propose a reference model for an electrical grid cloud-controlled load-balancing system connected to remote battery energy storage systems. The reference model is evaluated from a cybersecurity perspective by implementing and simulating various cyberattacks. The results reveal the system's attack surface and demonstrate the impact of cyberattacks that can criticaly threaten the security and stability of the electrical grid. △ Less

Submitted 10 January, 2025; originally announced January 2025.

Comments: Submitted to Energy Informatics on January 9th 2025

Automated Penetration Testing: Formalization and Realization

Authors: Charilaos Skandylas, Mikael Asplund

Abstract: Recent changes in standards and regulations, driven by the increasing importance of software systems in meeting societal needs, mandate increased security testing of software systems. Penetration testing has been shown to be a reliable method to asses software system security. However, manual penetration testing is labor-intensive and requires highly skilled practitioners. Given the shortage of cy… ▽ More Recent changes in standards and regulations, driven by the increasing importance of software systems in meeting societal needs, mandate increased security testing of software systems. Penetration testing has been shown to be a reliable method to asses software system security. However, manual penetration testing is labor-intensive and requires highly skilled practitioners. Given the shortage of cybersecurity experts and current societal needs, increasing the degree of automation involved in penetration testing can aid in fulfilling the demands for increased security testing. In this work, we formally express the penetration testing problem at the architectural level and suggest a general self-organizing architecture that can be instantiated to automate penetration testing of real systems. We further describe and implement a specialization of the architecture in the ADAPT tool, targeting systems composed of hosts and services. We evaluate and demonstrate the feasibility of ADAPT by automatically performing penetration tests with success against: Metasploitable2, Metasploitable3, and a realistic virtual network used as a lab environment for penetration tester training. △ Less

Submitted 17 December, 2024; originally announced December 2024.

Comments: Submitted to Computers and Security December 17th 2024

Exploiting Partial Order of Keys to Verify Security of a Vehicular Group Protocol

Authors: Felipe Boeira, Mikael Asplund

Abstract: Vehicular networks will enable a range of novel applications to enhance road traffic efficiency, safety, and reduce fuel consumption. As for other cyber-physical systems, security is essential to the deployment of these applications and standardisation efforts are ongoing. In this paper, we perform a systematic security evaluation of a vehicular platooning protocol through a thorough analysis of t… ▽ More Vehicular networks will enable a range of novel applications to enhance road traffic efficiency, safety, and reduce fuel consumption. As for other cyber-physical systems, security is essential to the deployment of these applications and standardisation efforts are ongoing. In this paper, we perform a systematic security evaluation of a vehicular platooning protocol through a thorough analysis of the protocol and security standards. We tackle the complexity of the resulting model with a proof strategy based on a relation on keys. The key relation forms a partial order, which encapsulates both secrecy and authenticity dependencies. We show that our order-aware approach makes the verification feasible and proves strong authenticity properties along with secrecy of all keys used throughout the protocol. △ Less

Submitted 25 November, 2021; v1 submitted 6 May, 2021; originally announced May 2021.

Modelling Correlated Mobility

Authors: Mikael Asplund, Simin Nadjm-Tehrani

Abstract: When nodes in a mobile network cluster together or move according to common external factors (e.g., cars that follow the road network), the resulting contact patterns become correlated. In this work we address the question of modelling such correlated mobility movements for the analysis of intermittently connected networks. We propose to use the concept of node colouring time to characterise dynam… ▽ More When nodes in a mobile network cluster together or move according to common external factors (e.g., cars that follow the road network), the resulting contact patterns become correlated. In this work we address the question of modelling such correlated mobility movements for the analysis of intermittently connected networks. We propose to use the concept of node colouring time to characterise dynamic node contact patterns. We analyse how this model compares to existing work, and demonstrate how to extract the relevant data from actual trace files. Moreover, we show how this information can be used to derive the latency distribution of DTN routing protocols. Our model achieves a very good fit to simulated results based on real vehicular mobility traces, whereas models which assumes independent contacts do not. △ Less

Submitted 23 September, 2014; originally announced September 2014.