Integrity and Privacy Protection for Cyber-physical Systems (CPS)
Authors
Bhattacharjee, Arpan
Issue Date
2021
Type
Thesis
Language
Keywords
Advanced Manufacturing System , Blockchain , Cyber-physical Systems (CPS) , Differential Privacy (DP) , Personalized Data Privacy , Smart Grid
Alternative Title
Abstract
The present-day interoperable and interconnected cyber-physical systems (CPS) provides significant value in our daily lives with the incorporation of advanced technologies. Still, it also increases the exposure to many security privacy risks like (1) maliciously manipulating the CPS data and sensors to compromise the integrity of the system (2) launching internal/external cyber-physical attacks on the central controller dependent CPS systems to cause a single point of failure issues (3) running malicious data and query analytics on the CPS data to identify internal insights and use it for achieving financial incentive. Moreover, (CPS) data privacy protection during sharing, aggregating, and publishing has also become challenging nowadays because most of the existing CPS security and privacy solutions have drawbacks, like (a) lack of a proper vulnerability characterization model to accurately identify where privacy is needed, (b) ignoring data providers privacy preference, (c) using uniform privacy protection which may create inadequate privacy for some provider while overprotecting others.Therefore, to address these issues, the primary purpose of this thesis is to orchestrate the development of a decentralized, p2p connected data privacy preservation model to improve the CPS system's integrity against malicious attacks. In that regard, we adopt blockchain to facilitate a decentralized and highly secured system model for CPS with self-defensive capabilities. This proposed model will mitigate data manipulation attacks from malicious entities by introducing bloom filter-based fast CPS device identity validation and Merkle tree-based fast data verification. Finally, the blockchain consensus will help to keep consistency and eliminate malicious entities from the protection framework. Furthermore, to address the data privacy issues in CPS, we propose a personalized data privacy model by introducing a standard vulnerability profiling library (SVPL) to characterize and quantify the CPS vulnerabilities and identify the necessary privacy requirements. Based on this model, we present our personalized privacy framework (PDP) in which Laplace noise is added based on the individual node's selected privacy preferences. Finally, combining these two proposed methods, we demonstrate that the blockchain-based system model is scalable and fast enough for CPS data's integrity verification. Also, the proposed PDP model can attain better data privacy by eliminating the trade-off between privacy, utility, and risk of losing information.