Showing 1–3 of 3 results for author: Dayaratne, T

Exploiting and Securing ML Solutions in Near-RT RIC: A Perspective of an xApp

Authors: Thusitha Dayaratne, Viet Vo, Shangqi Lai, Sharif Abuadbba, Blake Haydon, Hajime Suzuki, Xingliang Yuan, Carsten Rudolph

Abstract: Open Radio Access Networks (O-RAN) are emerging as a disruptive technology, revolutionising traditional mobile network architecture and deployments in the current 5G and the upcoming 6G era. Disaggregation of network architecture, inherent support for AI/ML workflows, cloud-native principles, scalability, and interoperability make O-RAN attractive to network providers for beyond-5G and 6G deployme… ▽ More Open Radio Access Networks (O-RAN) are emerging as a disruptive technology, revolutionising traditional mobile network architecture and deployments in the current 5G and the upcoming 6G era. Disaggregation of network architecture, inherent support for AI/ML workflows, cloud-native principles, scalability, and interoperability make O-RAN attractive to network providers for beyond-5G and 6G deployments. Notably, the ability to deploy custom applications, including Machine Learning (ML) solutions as xApps or rApps on the RAN Intelligent Controllers (RICs), has immense potential for network function and resource optimisation. However, the openness, nascent standards, and distributed architecture of O-RAN and RICs introduce numerous vulnerabilities exploitable through multiple attack vectors, which have not yet been fully explored. To address this gap and ensure robust systems before large-scale deployments, this work analyses the security of ML-based applications deployed on the RIC platform. We focus on potential attacks, defence mechanisms, and pave the way for future research towards a more robust RIC platform. △ Less

Submitted 18 June, 2024; originally announced June 2024.

Fostering Trust in Smart Inverters: A Framework for Firmware Update Management and Tracking in VPP Context

Authors: Thusitha Dayaratne, Carsten Rudolph, Tom Shirley, Sol Levi, David Shirley

Abstract: Ensuring the reliability and security of smart inverters that provide the interface between distributed energy resources (DERs) and the power grid becomes paramount with the surge in integrating DERs into the (smart) power grid. Despite the importance of having updated firmware / software versions within a reasonable time frame, existing methods for establishing trust through firmware updates lack… ▽ More Ensuring the reliability and security of smart inverters that provide the interface between distributed energy resources (DERs) and the power grid becomes paramount with the surge in integrating DERs into the (smart) power grid. Despite the importance of having updated firmware / software versions within a reasonable time frame, existing methods for establishing trust through firmware updates lack effective historical tracking and verification. This paper introduces a novel framework to manage and track firmware update history, leveraging verifiable credentials. By tracking the update history and implementing a trust cycle based on these verifiable updates, we aim to improve grid resilience, enhance cybersecurity, and increase transparency for stakeholders. △ Less

Submitted 29 April, 2024; originally announced April 2024.

Guarding the Grid: Enhancing Resilience in Automated Residential Demand Response Against False Data Injection Attacks

Authors: Thusitha Dayaratne, Carsten Rudolph, Ariel Liebman, Mahsa Salehi

Abstract: Utility companies are increasingly leveraging residential demand flexibility and the proliferation of smart/IoT devices to enhance the effectiveness of residential demand response (DR) programs through automated device scheduling. However, the adoption of distributed architectures in these systems exposes them to the risk of false data injection attacks (FDIAs), where adversaries can manipulate de… ▽ More Utility companies are increasingly leveraging residential demand flexibility and the proliferation of smart/IoT devices to enhance the effectiveness of residential demand response (DR) programs through automated device scheduling. However, the adoption of distributed architectures in these systems exposes them to the risk of false data injection attacks (FDIAs), where adversaries can manipulate decision-making processes by injecting false data. Given the limited control utility companies have over these distributed systems and data, the need for reliable implementations to enhance the resilience of residential DR schemes against FDIAs is paramount. In this work, we present a comprehensive framework that combines DR optimisation, anomaly detection, and strategies for mitigating the impacts of attacks to create a resilient and automated device scheduling system. To validate the robustness of our framework against FDIAs, we performed an evaluation using real-world data sets, highlighting its effectiveness in securing residential DR systems. △ Less

Submitted 13 December, 2023; originally announced December 2023.