communication capacity requirement for reliable and secure ...dkundur/course_info... · class...
TRANSCRIPT
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 1/ 21
Communication Capacity Requirement forReliable and Secure State Estimation in Smart
Grid
Authors: Husheng Li, Lifeng Lai, and Robert Qiu
Presenter: Mustafa El-Halabi
Submitted in Partial Fulfillment of the Course Requirements forECEN 689: Cyber Security of the Smart Grid
Instructor: Dr. Deepa Kundur
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 2/ 21
Main Objective
Establishing fundamentals limits (information-theoretic limits)for secure transmission of State Estimation in the Smart Grid
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 3/ 21
Outline
1. Confidentiality Techniques
2. Mathematical Background
3. Information-theoretic Security
4. Smart Grid Dynamic Model
5. Security Metric for Smart Grid Dynamic Model
6. Fundamental Limits for Secure Communications
7. Concluding Remarks
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 4/ 21
Smart Grid :
• Wireless links prone to eavesdropping attacks
1. active eavesdropping
2. passive eavesdropping
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 4/ 21
Smart Grid :
• Wireless links prone to eavesdropping attacks
1. active eavesdropping
2. passive eavesdropping
• Security issues:
− Confidentiality
− Integrity
− Authentication
− Nonrepudiation
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 5/ 21
Confidentiality techniques
• Cryptography: Private-key / Public-key cryptosystems
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 5/ 21
Confidentiality techniques
• Cryptography: Private-key / Public-key cryptosystems
• Information-theoretic security
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 6/ 21
Mathematical Background
• Entropy
− A measure of uncertainty associated with a random variable− Entropy of a discrete r.v. X with values {x1, ..., xn} :
H(X ) = −n∑
i=1
p(xi ) log p(xi )
− Entropy of a fair coin = 1 bit, entropy of a biased-(1/3, 2/3)coin = 0.81 bits
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 6/ 21
Mathematical Background
• Entropy
− A measure of uncertainty associated with a random variable− Entropy of a discrete r.v. X with values {x1, ..., xn} :
H(X ) = −n∑
i=1
p(xi ) log p(xi )
− Entropy of a fair coin = 1 bit, entropy of a biased-(1/3, 2/3)coin = 0.81 bits
• Conditional entropy (Equivocation)
− A measure of the remaining uncertainty of a r.v. Y given thatthe value of X is known
− Conditional entropy of Y given X :
H(Y |X ) = −∑x∈X
∑y∈Y
p(x , y) log p(y |x)
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 7/ 21
Mathematical Background
• Mutual Information
− A measure of how much knowing one r.v. reduces ouruncertainty about another r.v.
− I (X ;Y ) = H(Y )− H(Y |X )
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 7/ 21
Mathematical Background
• Mutual Information
− A measure of how much knowing one r.v. reduces ouruncertainty about another r.v.
− I (X ;Y ) = H(Y )− H(Y |X )
• Channel Capacity
X YChannel
− Rate (bits/s) of reliable transmission = I (X ;Y )− Channel Capacity
C = maxp(x)
I (X ;Y )
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 8/ 21
Information-Theoretic Security for the Smart Grid
Goal:
Establish fundamental limits on the rate (bit/s) at which secureand reliable system state estimation in a smart grid could be
communicated (Secrecy Capacity)
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 9/ 21
A Smart Grid System Model
Encoder DecoderSystemState
Control Center
XN Y N
ZN
N1
N2 (Eavesdropper)
Sk
Y = X + N1
Z = X + N1 + N2
E [|X |2] ≤ P, N1 ∼ N (0, σ21), N2 ∼ N (0, σ2
2)
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 10/ 21
Security Metric: Normalized Equivocation
Encoder DecoderSystemState
Control Center
XN Y N
ZN
N1
N2 (Eavesdropper)
Sk
∆ =H(Sk |ZN)
H(Sk)
= residual uncertainty about the message at the eavesdropper
=
{0 no secrecy1 perfect secrecy
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 11/ 21
Secrecy Capacity of the Gaussian Wiretap Channel
Encoder DecoderSystemState
Control Center
XN Y N
ZN
N1
N2 (Eavesdropper)
Sk
• Information source S is ergodic and belongs to finite-lengthalphabet:Secrecy Capacity
Cs =1
2log
(1 +
P
σ21
)− 1
2log
(1 +
P
σ22 + σ2
1
)
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 12/ 21
Smart Grid Security Meter
Normalized equivocation ∆ needs to be modified:
1. SG is a dynamic system, information might not be ergodic
2. Source alphabet in SG is continuous
Fundamental limits need to be revisited in the context of SG !
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 13/ 21
Dynamics of a SG
x(t + 1) = F (x(t),w(t))
x(t) = state vector at time slot tw(t) = random factor
F = map previous state to next state
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 14/ 21
Redefining ”Equivocation” for the SG
∆ = H(Sk |ZN)H(Sk )
= ??
Tools:
1. Topological Entropy
2. Spanning Set
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 15/ 21
Topological Entropy
x(t + 1) = F (x(t),w(t))
Definition: Topological Entropy
H(F ,X ) = limε→0
limk→∞
1
klog q(k , ε)
H(F ,X ) is the uncertainty of the dynamic systemlog q(k, ε) is the number of bits to describe an approximation (ε)of system’s dynamic behavior during time slot k .
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 16/ 21
Spanning Set
x(t + 1) = F (x(t),w(t))
Let Xk = set of all possible {x1, ..., xk}
Definition: (k , ε)-Spanning Set
For k > 0, ε > 0, a finite set Q ⊂ Xk is (k , ε)-spanning set if, forany x ∈ Xk , we can always find an x̂ ∈ Q, s.t.‖ x(t)− x̂(t) ‖∞< ε, t = 1, ..., k.
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 17/ 21
Revisiting Equivocation ∆
• For ergodic finite-length alphabet source: ∆ = H(Sk |ZN)H(Sk )
• Using topological entropy: H(Sk)→ H(F ,X )
• Using (k , ε)-Spanning Set: H(Sk |ZN)→ H(F ,X|Z )
For a SG dynamic system: ∆ = H(F ,X|Z)H(F ,X )
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 18/ 21
Reliable & Secure Communication: Definitions
Secure System
If communication between sensor and controller satisfies ∆ = 1,the communication is secure.
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 19/ 21
Secure Communication Requirement for the Smart Grid
Main results:
• If H(F ,X ) ≤ C1 − C2, reliable and secure communication isguaranteed.
• If C1 − C2 < H(F ,X ) ≤ C1, only reliable communication isguaranteed.
• If H(F ,X ) > C1, neither reliable communication nor securityis guaranteed.
where, C1 = 12 log
(1 + P
σ21
), C2 = 1
2 log(
1 + Pσ2
2+σ21
)
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 20/ 21
Assessment
• First Information-theoretic approach to smart grid security
• The Fundamental limits for secure communication in a smartgrid environment build foundation for more precise problems,with answers that could provide important insights into thenature of secret communication
• The insights may be used to shape development of practicalsystems for encryption in complex settings
• The model considered is far simpler than the practical case
• A multiuser setting needs to be investigated
Class Presentation, Mustafa El-Halabi ECEN 689: Cyber Security of the Smart Grid, Spring 2011 21/ 21
References
Y. Liang, S. K. Yan-Cheong, and M. Hellman, “The GaussianWiretap Channel,” IEEE Trans. Inform. Theory, vol. 24,pp. 451–456, July 1978.
Y. Liang, A. S. Matveev, and A. V. Savkin, “Estimation andControl Over Communication Networks,” Birkhauser, 2009.
C. E. Shannon, “Communication theory of secrecy systems,”Bell Systems Technical Journal, vol. 28, pp. 656–715,Oct. 1949.
Y. Liang, H. V. Poor, and S. Shamai (Shitz), “InformationTheoretic Security,” Foundations and Trends inCommunications and Information Theory, vol. 5, nos. 4-5,pp. 355–580, Now Publishers, Hanover, MA, USA, 2008.