TROCI: Towards Resilient Operation of Critical Infrastructures - application to water and energy systems
Lead Research Organisation:
University of Sheffield
Department Name: Nuclear AMRC
Abstract
Critical infrastructures are necessary for a country to function and upon which daily life depends. Recent geopolitical events have highlighted the importance of protecting these infrastructures from various threats to ensure national security and citizens' wellbeing.
Instrumentation and control (I&C) systems are widely used to collect data through sensors from various nodes, make decisions and ensure smooth operation through remote and/or autonomous control of these infrastructures. The recent adoption of digital I&C makes these infrastructures vulnerable to cyber-physical attacks due to the increased number of attack surfaces.
Cyber security infringements targeting I&C systems are a growing concern worldwide. If unmitigated, the attacks can have dangerous consequences. Traditional I&C systems were designed for a time with centralised data-processing for analytics and control purposes. This approach is no longer fit for purpose owing to the system complexity and the emergence of new threat actors and vectors.
To fill this void, we envision to develop a comprehensive hybrid hardware-software security and privacy solution for the critical infrastructure resilience enhancement. Realisation of this vision will require system-level thinking, multidisciplinary expertise, and effective industrial end user engagement. By adopting a fundamentally new approach in designing the I&C systems, the proposed solution will be co-designed with emphasis on:
-optimising the hardware-software interaction
-minimising the information flow
-reducing the risk of hardware fault through redundancy and smartification
-lowering the number of intrusion attack surfaces through minimum sensor placement
-safeguarding the data from poisoning through local processing
-enhancing energy-efficiency through innovative software platform design.
The results will be developed with our industrial end users and will be deployed in advanced use cases involving water distribution systems and nuclear power plants.
The scientific and technical breakthroughs sought through this project will open new research opportunities in critical infrastructure resilience enhancement, promote objective benchmarking, develop skilled manpower and accelerate industry adoption.
Instrumentation and control (I&C) systems are widely used to collect data through sensors from various nodes, make decisions and ensure smooth operation through remote and/or autonomous control of these infrastructures. The recent adoption of digital I&C makes these infrastructures vulnerable to cyber-physical attacks due to the increased number of attack surfaces.
Cyber security infringements targeting I&C systems are a growing concern worldwide. If unmitigated, the attacks can have dangerous consequences. Traditional I&C systems were designed for a time with centralised data-processing for analytics and control purposes. This approach is no longer fit for purpose owing to the system complexity and the emergence of new threat actors and vectors.
To fill this void, we envision to develop a comprehensive hybrid hardware-software security and privacy solution for the critical infrastructure resilience enhancement. Realisation of this vision will require system-level thinking, multidisciplinary expertise, and effective industrial end user engagement. By adopting a fundamentally new approach in designing the I&C systems, the proposed solution will be co-designed with emphasis on:
-optimising the hardware-software interaction
-minimising the information flow
-reducing the risk of hardware fault through redundancy and smartification
-lowering the number of intrusion attack surfaces through minimum sensor placement
-safeguarding the data from poisoning through local processing
-enhancing energy-efficiency through innovative software platform design.
The results will be developed with our industrial end users and will be deployed in advanced use cases involving water distribution systems and nuclear power plants.
The scientific and technical breakthroughs sought through this project will open new research opportunities in critical infrastructure resilience enhancement, promote objective benchmarking, develop skilled manpower and accelerate industry adoption.
Organisations
Publications
Ahmed H
(2024)
Measurement Offset Fault Detection Logic for PMSM Position Sensor
in IEEE Sensors Letters
Ayodeji A
(2024)
Wavy-attention network for real-time cyber-attack detection in a small modular pressurized water reactor digital control system
in Nuclear Engineering and Design
Ayodeji A
(2024)
Corrigendum to "Wavy-attention network for real-time cyber-attack detection in a small modular pressurized water reactor digital control system" [Nucl. Eng. Design 424 (2024) 113277]
in Nuclear Engineering and Design
| Title | False Data Injection Dataset Using the ANS Simulator |
| Description | Utilising the Asherah Nuclear Simulator (ANS) in MATLAB/SIMULINK, we simulated conditions for the nuclear reactor in its steady state and under attack. Three cyberattacks were simulated on critical sensors. The resulting datasets are uploaded for public use. This dataset can be used by anyone freely to test their own intrusion detection system. |
| Type Of Material | Database/Collection of data |
| Year Produced | 2024 |
| Provided To Others? | Yes |
| Impact | Traditionally, most research papers on nuclear reactor cybersecurity rely on closed-source datasets. In our work, we used a freely available, realistic simulator of a nuclear reactor developed by the International Atomic Energy Agency. The dataset generated from our research provides an opportunity for verifiable research in nuclear reactor intrusion detection systems. In our opinion, this is the most significant impact of our work. |
| URL | https://github.com/abiodun-ayodeji/Wavy-attention-network-for-cybersecurity |
| Description | TROCI Stakeholder Engagement Workshop |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Industry/Business |
| Results and Impact | Fourteen people (eight attending in person and six online) participated in a hybrid workshop in Derby (UK) to discuss the project's progress and engage with various stakeholders. This engagement sparked questions and discussions about advancing research on the cybersecurity of safety-critical systems. As a result, the 1st International Workshop on the Internet of Things for Safety-Critical Cyber-Physical Systems was successfully organised and held in Finland in November 2024. |
| Year(s) Of Engagement Activity | 2024 |
| URL | https://research.holisun.com/news/troci-f2f-meeting-in-derby |