Stephen Coshatt - Academia.edu (original) (raw)
Uploads
Papers by Stephen Coshatt
GLOBECOM 2022 - 2022 IEEE Global Communications Conference, Dec 4, 2022
2022 IEEE Aerospace Conference (AERO), Mar 5, 2022
In recent years, increasing numbers of electronic control units (ECUs), programmable logic contro... more In recent years, increasing numbers of electronic control units (ECUs), programmable logic controllers (PLCs), and other types of programmable electronics have been deployed into cyber-physical systems. While such progress increased productivity and product quality, it also introduces vulnerabilities to both hardware and software. This study proposes a datadriven approach to monitoring the electric waveforms of the power network of cyber-physical systems for attack and fault detection and diagnosis. In terms of methodology, most studies focus on classification, which only allows for classification of known attacks or faults. While new attacks could be detected, they cannot be properly diagnosed as a new attack would be forced into one of the existing classifiers, thus leading to an incorrect diagnosis. This study proposes using clustering to detect and diagnosis anomalies. Specifically, it proposes using two dimensional unsupervised shapelets (2D u-shapelets) for clustering. U-shapelets are short time series with discriminatory capabilities that can be automatically extracted from a data set. This study is the first of a two phase study to incorporate dynamic clustering with u-shapelets. The advantage of this long term approach allows a system to notify systems users of a new type of attack or fault, which can later be labelled. Thus, the system can learn to identify new anomalies. Extensive evaluations are conducted to study the algorithm performance,such as the performance metrics vs the number of clusters and anomaly types, and the effectiveness for novel adversarial attacks on such systems.
IEEE Transactions on Smart Grid, Mar 1, 2022
The internetworking of grid-connected power electronics converters (PECs) in photovoltaic (PV) fa... more The internetworking of grid-connected power electronics converters (PECs) in photovoltaic (PV) farms has inevitably expanded the cyber-attack surfaces. This paper presents a comprehensive study on cyber-attack detection and diagnosis for PEC-enabled PV farms via single waveform sensor to distinguish between normal conditions, open-circuit faults, short-circuit faults, and cyber-attacks. To our knowledge, this has not been attempted before. Firstly, we propose frequency-domain magnitude-based residuals to identify short-circuit faults and a time-domain mean current vector-based feature to distinguish open-circuit faults from other threats. These features can fully reflect the specific physical characteristics of PV farms during threat duration. Secondly, unlike micro phasor measurement units ( mu\mu mu PMU) and raw electric waveform-based methods, the proposed innovative features can address novel cyber-attacks that are excluded from the training process. Thirdly, an online hardware-in-the-loop (HIL) testbed using the OPAL-RT real-time digital simulator has verified the effectiveness. The monitoring system runs in real-time while using HIL as an operational solar farm and a National Instruments (NI) data acquisition card as the electric waveform sensor at the point of coupling.
IEEE Transactions on Smart Grid
GLOBECOM 2022 - 2022 IEEE Global Communications Conference
2022 IEEE Energy Conversion Congress and Exposition (ECCE)
IEEE Transactions on Smart Grid
The internetworking of grid-connected power electronics converters (PECs) in photovoltaic (PV) fa... more The internetworking of grid-connected power electronics converters (PECs) in photovoltaic (PV) farms has inevitably expanded the cyber-attack surfaces. This paper presents a comprehensive study on cyber-attack detection and diagnosis for PEC-enabled PV farms via single waveform sensor to distinguish between normal conditions, open-circuit faults, short-circuit faults, and cyber-attacks. To our knowledge, this has not been attempted before. Firstly, we propose frequency-domain magnitude-based residuals to identify short-circuit faults and a time-domain mean current vector-based feature to distinguish open-circuit faults from other threats. These features can fully reflect the specific physical characteristics of PV farms during threat duration. Secondly, unlike micro phasor measurement units ( mu\mu mu PMU) and raw electric waveform-based methods, the proposed innovative features can address novel cyber-attacks that are excluded from the training process. Thirdly, an online hardware-in-the-loop (HIL) testbed using the OPAL-RT real-time digital simulator has verified the effectiveness. The monitoring system runs in real-time while using HIL as an operational solar farm and a National Instruments (NI) data acquisition card as the electric waveform sensor at the point of coupling.
In recent years, increasing numbers of electronic control units (ECUs), programmable logic contro... more In recent years, increasing numbers of electronic control units (ECUs), programmable logic controllers (PLCs), and other types of programmable electronics have been deployed into cyber-physical systems. While such progress increased productivity and product quality, it also introduces vulnerabilities to both hardware and software. This study proposes a datadriven approach to monitoring the electric waveforms of the power network of cyber-physical systems for attack and fault detection and diagnosis. In terms of methodology, most studies focus on classification, which only allows for classification of known attacks or faults. While new attacks could be detected, they cannot be properly diagnosed as a new attack would be forced into one of the existing classifiers, thus leading to an incorrect diagnosis. This study proposes using clustering to detect and diagnosis anomalies. Specifically, it proposes using two dimensional unsupervised shapelets (2D u-shapelets) for clustering. U-shape...
GLOBECOM 2022 - 2022 IEEE Global Communications Conference, Dec 4, 2022
2022 IEEE Aerospace Conference (AERO), Mar 5, 2022
In recent years, increasing numbers of electronic control units (ECUs), programmable logic contro... more In recent years, increasing numbers of electronic control units (ECUs), programmable logic controllers (PLCs), and other types of programmable electronics have been deployed into cyber-physical systems. While such progress increased productivity and product quality, it also introduces vulnerabilities to both hardware and software. This study proposes a datadriven approach to monitoring the electric waveforms of the power network of cyber-physical systems for attack and fault detection and diagnosis. In terms of methodology, most studies focus on classification, which only allows for classification of known attacks or faults. While new attacks could be detected, they cannot be properly diagnosed as a new attack would be forced into one of the existing classifiers, thus leading to an incorrect diagnosis. This study proposes using clustering to detect and diagnosis anomalies. Specifically, it proposes using two dimensional unsupervised shapelets (2D u-shapelets) for clustering. U-shapelets are short time series with discriminatory capabilities that can be automatically extracted from a data set. This study is the first of a two phase study to incorporate dynamic clustering with u-shapelets. The advantage of this long term approach allows a system to notify systems users of a new type of attack or fault, which can later be labelled. Thus, the system can learn to identify new anomalies. Extensive evaluations are conducted to study the algorithm performance,such as the performance metrics vs the number of clusters and anomaly types, and the effectiveness for novel adversarial attacks on such systems.
IEEE Transactions on Smart Grid, Mar 1, 2022
The internetworking of grid-connected power electronics converters (PECs) in photovoltaic (PV) fa... more The internetworking of grid-connected power electronics converters (PECs) in photovoltaic (PV) farms has inevitably expanded the cyber-attack surfaces. This paper presents a comprehensive study on cyber-attack detection and diagnosis for PEC-enabled PV farms via single waveform sensor to distinguish between normal conditions, open-circuit faults, short-circuit faults, and cyber-attacks. To our knowledge, this has not been attempted before. Firstly, we propose frequency-domain magnitude-based residuals to identify short-circuit faults and a time-domain mean current vector-based feature to distinguish open-circuit faults from other threats. These features can fully reflect the specific physical characteristics of PV farms during threat duration. Secondly, unlike micro phasor measurement units ( mu\mu mu PMU) and raw electric waveform-based methods, the proposed innovative features can address novel cyber-attacks that are excluded from the training process. Thirdly, an online hardware-in-the-loop (HIL) testbed using the OPAL-RT real-time digital simulator has verified the effectiveness. The monitoring system runs in real-time while using HIL as an operational solar farm and a National Instruments (NI) data acquisition card as the electric waveform sensor at the point of coupling.
IEEE Transactions on Smart Grid
GLOBECOM 2022 - 2022 IEEE Global Communications Conference
2022 IEEE Energy Conversion Congress and Exposition (ECCE)
IEEE Transactions on Smart Grid
The internetworking of grid-connected power electronics converters (PECs) in photovoltaic (PV) fa... more The internetworking of grid-connected power electronics converters (PECs) in photovoltaic (PV) farms has inevitably expanded the cyber-attack surfaces. This paper presents a comprehensive study on cyber-attack detection and diagnosis for PEC-enabled PV farms via single waveform sensor to distinguish between normal conditions, open-circuit faults, short-circuit faults, and cyber-attacks. To our knowledge, this has not been attempted before. Firstly, we propose frequency-domain magnitude-based residuals to identify short-circuit faults and a time-domain mean current vector-based feature to distinguish open-circuit faults from other threats. These features can fully reflect the specific physical characteristics of PV farms during threat duration. Secondly, unlike micro phasor measurement units ( mu\mu mu PMU) and raw electric waveform-based methods, the proposed innovative features can address novel cyber-attacks that are excluded from the training process. Thirdly, an online hardware-in-the-loop (HIL) testbed using the OPAL-RT real-time digital simulator has verified the effectiveness. The monitoring system runs in real-time while using HIL as an operational solar farm and a National Instruments (NI) data acquisition card as the electric waveform sensor at the point of coupling.
In recent years, increasing numbers of electronic control units (ECUs), programmable logic contro... more In recent years, increasing numbers of electronic control units (ECUs), programmable logic controllers (PLCs), and other types of programmable electronics have been deployed into cyber-physical systems. While such progress increased productivity and product quality, it also introduces vulnerabilities to both hardware and software. This study proposes a datadriven approach to monitoring the electric waveforms of the power network of cyber-physical systems for attack and fault detection and diagnosis. In terms of methodology, most studies focus on classification, which only allows for classification of known attacks or faults. While new attacks could be detected, they cannot be properly diagnosed as a new attack would be forced into one of the existing classifiers, thus leading to an incorrect diagnosis. This study proposes using clustering to detect and diagnosis anomalies. Specifically, it proposes using two dimensional unsupervised shapelets (2D u-shapelets) for clustering. U-shape...