Fighting against cyberattacks is at the forefront of many research expeditions, especially regarding critical infrastructures such as power grids and water treatment plants. However, a common issue is not having a way to experiment with attacks in a hands-on way.

“In order to conduct cyberattack/defense experiments for quantitative evaluation, the ideal way would be to utilize the real system infrastructure,” said ADSC Principal Research Scientist Daisuke Mashima. “However, with critical infrastructure, because of the potential negative impact on stability and availability of essential lifeline services, it is almost impossible.”

A second option would be using an isolated testbed using real devices and hardware, but there are limits such as cost and accessibility. “To overcome such challenges virtual, software-based testbed[s] (I.e., cyber range) [have] been attracting interest. However, many [implementations have been] one-off and proprietary, and thus are not available to [the] public,” Mashima said.

Illinois at Singapore (ADSC) is creating a way for researchers to conduct their experiments through a smart grid cyber range. “The project aims at developing a user-friendly, cloud-based framework to help users to instantiate smart grid cyber range and conduct cyber attack experiments with minimal effort,” said Mashima. This testbed would allow training without expensive development and maintenance or in-depth domain knowledge.

“The Cyber Range as a Service (CRaaS) framework to be developed is expected to enhance flexibility, usability, and accessibility of cyber range for broader user base,” said Mashima. As initial deployment, CRaaS is planned to be deployed in cloud-based testbed infrastructure, NCL [National Cybersecurity R&D Laboratory] (https://ncl.sg), and to be shared with multiple users of NCL. Because NCL already has the capability to provision multiple environments for cybersecurity experimentation very quickly and provide simultaneous access to it for a large number of users.

ADSC created the smart grid cyber range modelling language, SG-ML, in addition to a toolchain for processing it. “These are the building blocks for this project, and we will extend the SG-ML framework to establish a novel, additional service for NCL so that users can upload the model to be instantiated on the NCL nodes as well as interact with the cyber range for various experiments,” said Mashima.

They are also developing a way for users to know how hackers operate outside of the lab using a “honeypot.” “…its purpose is to attract real-world attackers into it to collect information about them,” said Mashima. “We plan to use the data collected from our honeypot to develop a cyber-attack emulator tool so that the user of cyber range can easily reproduce real-world cyber-attacks for their experiments.” CRaaS) framework to be developed is expected to enhance flexibility, usability, and accessibility of cyber range for broader user base,” said Mashima.

This research is supported by the National Research Foundation, Singapore (through the National Cybersecurity R&D Lab grant office at the National University of Singapore) via a grant (NCL-2022-01) awarded under the “National Cybersecurity R&D Lab Grant 2021”. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not reflect the views of National Research Foundation, Singapore and the National Cybersecurity R&D Lab grant office at the National University of Singapore.

Recent advances in artificial intelligence (AI) technology has enabled autonomous systems to accomplish sophisticated tasks in a real-world environment. Systems like self-driving cars perform amazing tasks but are vulnerable to increasing threats from adversaries. ADSC research scientist Xin Lou is studying both internal and external attacks on sensor data in autonomous cyber-physical systems.

“We will study data corruption by attackers who have obtained access to the system’s sensors and adversarial examples that can be implemented by introducing tiny changes to the system’s environment,” says Lou. “We will design attack detection and thwarting approaches and develop their efficient implementations suitable for embedded hardware accelerators.”

Lou says his team will also construct a testbed to capture representative cyber components of autonomous cyber-physical systems. Doing so will facilitate the design, evaluation, and demonstration of the threats and countermeasures. Demonstrating these vulnerabilities will reinforce industry awareness of the criticality of these studied threats.

“We view safety as a basic requirement, rather than a profitable feature,” says Lou. “The technological advances in this project will also promote the development of the smart nation concept and strengthen Singapore’s leadership in having the most advanced and trustworthy computing technologies in the world.”

Lou hopes that the advances made in this research will benefit both academia and industry. The breakthroughs made on both internal or external attacks will be documented in technical disclosures and top-tier publications. When the project is finished, the team will deliver a testbed capable of demonstrating the algorithms designed by the team.

“Many high-tech companies like Google, Apple, and Tesla are developing their own autonomous vehicles and expecting them to be on the road in near future,” says Lou. “UAVs have also been used for other critical missions like space exploration and military defense. With the increasing applications of autonomous cyber-physical systems, the requirement of security and safety assurance becomes prominent.”

Addressing climate change requires a group effort from a multitude of fields. ADSC is doing its part by using artificial intelligence (AI) to assess how natural disasters caused by climate change could impact urban infrastructure. 

“Climate change has caused an increase in the intensity and frequency of extreme weather events with severe consequences on the urban infrastructure,” says Partha Biswas, Senior Research Engineer at ADSC. “We need to be prepared for and respond to hazardous events and disturbances related to climate.”

Disaster Resilience Assessment, Modeling, and Innovation – Singapore (DREAMIN’ SG) models various infrastructure systems, assessing their resilience, identifying features, and developing solutions to improve resilience. Using AI, the project aims to predict the recovery capabilities of the urban infrastructure in case of a disaster such as flood, cyclone, etc.

“The role of ADSC is to adopt AI, machine learning algorithms to be specific, to predict resilience and interpret the machine learning models to identify features that affect resiliency the most,” says Biswas. “The involvement of the current technology like machine learning paves the path forward for assessment and prediction of system resilience and helps extract information related to system failures.”

Though the project is based in Singapore with specific focus on the climatic conditions and disasters in south-east Asia (SEA), climate change is a global phenomenon and modern urban infrastructure is somewhat similar.

“The guidelines developed by this research can be transformed into design requirements to innovate new technologies and also can be readily adapted to the local requirements for improving resilience,” says Biswas. “Moreover, an improved, resilient and robust urban infrastructure system would benefit the masses both socially and economically.”

Current models consider power, water and transport systems; however, the model can be extended by incorporating other sectors like telecommunications, manufacturing, and more.

“This model can be used as a baseline to create country-wide power grid and other infrastructure model for resilience assessment under severe climatic conditions and natural disasters,” says Biswas.

The project is hosted by the Singapore-ETH Centre in collaboration with Advanced Digital Sciences Centre (ADSC), Singapore University of Technology and Design (SUTD), National University of Singapore (NUS), University of Cambridge and Delft University of Technology.

As one of the world’s smallest and most technologically advanced nations, Singapore is an excellent location for the world’s first smart nation. With an increasingly online population comes challenges in both implementation and security that must be solved before the technology can become a reality. A new research project being conducted by the Illinois Advanced Digital Sciences Center (ADSC) is tackling this issue.

In “Threat modeling and security control management as a service for smart nation application development,” ADSC Principal Research Scientist Binbin Chen, who is also an Associate Professor at Singapore University of Technology and Design (SUTD), looks to design and develop a tool that can support comprehensive threat modeling. The project team is a partnership between DBS Bank (the project host), Swarmnetics, SUTD, and ADSC. The team plans to use the results from the model’s analysis to enable effective security control management of critical smart nation applications such as mobile wallets and health monitors.

“As applications are tasked to manage an increasing amount of sensitive data and to play critical roles in many aspects of our daily life, the impact of any application security incident can be devastating,” said Chen. “To ensure application security in a hostile environment, threat modeling and threat-centric security control management can play a foundational role in constructing and optimizing our cyber defense for these applications.”

Existing solutions for this type of defense are unable to capture multi-stage attacks or are unable to connect the attack to the vulnerability in time to stop it. There are also currently issues with implementing the continually advancing software necessary for cybersecurity. Unlike these models, Chen’s will be scalable to allow it to advance with software. It will also use intuitive analytics gathered by different stakeholders to promote proper cross-organization cyber-management.

“Today’s applications are facing a fast-growing list of threats from various threat actors, including insiders, criminals, hacktivists, terrorists, and even nation states,” said Chen. “By supporting the development of applications with a solid foundation of threat modeling and security control management, we believe the expected outcomes from this proposal can fill an important gap.”

This research is supported by the National Research Foundation (NRF), Prime Minister’s Office, Singapore, under its National Cybersecurity R&D Programme (Award No. GC2018-NCR-0009) and administered by the National Cybersecurity R&D Directorate.

It is fairly common knowledge that technology people use daily such as cell phones, laptops, and tablets, could be susceptible to a cyberattack. A lesser known threat is that the power grid, water treatment plants, and other daily-use systems, are also susceptible. This is why the University of Illinois at Urbana-Champaign Coordinated Science Lab’s (CSL) Zbigniew Kalbarczyk and Binbin Chen of the Advanced Digital Sciences Center (ADSC) are working on a project to bolster the defense of such critical systems as part of their new project “Towards Practical Attestation Solutions for Countering Advanced Attacks to Industrial Control Systems.”

“These systems (Industrial Control Systems, or ICS) use a lot of software to implement controls, so they have increasingly been the target of malware-based attacks,” said Chen, ADSC principal research scientist, who is also an associate professor at the Singapore University of Technology and Design (SUTD). “This project is focused on software integrity of large systems. They are important to protect because the attackers can cause a lot of damages, inconvenience or even safety risks to our people.”

As systems, like those used in power grids or water treatment plants, are upgraded, many are integrated into a network to improve the use and efficiency of the process, they are now hooked up to a cyber physical system. If malicious users attack software, they can manipulate it, or inject malicious logic into it. This could result in the software doing something it’s not supposed to, or not doing something it is supposed to. This creates large security issues for all users within the system.

One of the first elements of the project, which is a collaboration between SUTD, Singapore Management University (SMU), ADSC, and CSL, is to develop a way to make sure the system hasn’t been attacked. This verification would involve checking to detect changes in the software’s image or behavior. There are some solutions currently available that can perform this verification process with a single device, but rarely are they able to scale up to the size of a power grid.

“Even when smartphones boot up there is a mechanism to check whether the software you’re trying to run is the right one,” said Kalbarczyk, a research professor in electrical and computer engineering at Illinois. “The key software on your phone can identify it is original to make sure nobody touched it since the manufacturer loaded the software. We want to do this for ICS software throughout the lifetime of the devices.”

While this work can be used in a number of ICS applications, Kalbarczyk and Chen focused on the power grid system, so they would be able to test their research at the Singapore University of Technology and Design’s power grid testbed, before implementing it at an operational cyber physical system, such as a subway line, or gas and oil delivery. While there is no general solution that will fit all the domains this research could cover, Kalbarczyk believes their work is a step in the right direction.

“What I like about this project is whatever we do will be improvement, and will be something new,” said Kalbarczyk. “It will require thinking about what is and is not practical and require demonstrating our project. It will be small scale but I think we can do something.”

This research is funded by the National Research Foundation (NRF) – Singapore, under its National Satellite of Excellence Design Science and Technology for Secure Critical Infrastructure (NSoE DeST-SCI) grant.

Cybersecurity is improving and advancing at a rapid pace, but so are cyber-attackers. When a cyber attack happens, there are often many steps taken to combat its actions and regain control of the attacked center. This only works, however, if people are aware of the attack has happened. In some power system control centers, volatile attacks can remain hidden for years. In an effort to detect this type of malware, ADSC research scientist Xin Lou is working on a new kind of anomaly detection software.

The project, “Anomaly detection in power system control centers (PSCC) and state estimation” hopes to create software that will detect this type of attack at a high level of precision, without increasing the number of false positives reported. Lou plans to use a machine-learning based approach to improve on current detection software.

“Currently, most of the anomaly detection techniques are a model-based approach, where we have to build accurate mathematical model of the system, which is impossible in highly complexed cyber-physical systems,” said Lou. “In our project, we will propose novel machine learning based techniques to deal with the time sequence signals and an approach can detect anomalies in the real-time manner. This will allow the system operator to find out about the anomaly as early as possible and thus the mitigation strategies can be applied.”

Even if not malicious, an anomaly within the software of a power system can cause the system to degrade more rapidly and eventually lead to damages in the system. This is why timely detection of any type of difference is important in preventing the system from breaking down, whether from attacks or component failures.

This research is part of an academic-industry partnership between Illinois ADSC in Singapore and Microsec and is funded by NCR Programme.