Duration: 1 Jan 2015 to 31 Dec 2019
PI and Co-PIs: Prof Aditya Mathur (PI), Assoc Prof Roland Bouffanais, Asst Prof Lingjie Duan, Prof Costas Courcoubetis, Asst Prof Stefano Galelli, Prof David Yau
Project manager: Mark G0h
Researchers: Dr Riccardo Taormina, Dr Chris Poskit, Dr Cyrille Jegourel, Dr Niladri Tripathy, Dr Lai Pan, Dr Nandha Kandasamy, Dr Muhammad Roomi, Dr Mohammadreza Chamanbaz, Dr Robert Kooij, Beebi Salimah, Siddhant Shrivastava, Sridhar Adepu, Francisco Furtado, Lauren Goh, Rizwan Qadeer, Dr Marcus Rochetto, Dr Hua Fu, Dr Ahmed Zoha, Harivina Gunnaasankaraan, Dr Jonathan Goh
Funding agency: National Research Foundation

Our objective is to conduct fundamental scientific research to improve the security of Cyber-Physical Systems (CPS) that offer key services such as power. Our contributions will be: (a) principles, techniques, and software tools, and (b) validation of principles and design techniques through experiments using SUTD’s realistic testbeds. Together with our public and private partners, we ensure that the outcomes of the proposed research will have real-world impact. Consequently, our work will benefit Singapore along three dimensions: government interests, commercial interests and manpower development.

A summary of key existing work on design of secure CPS follows. While security and reliability of public infrastructures are well established research areas, these commonly refer to a non-malicious setting in which the system is threatened by faults or measurement errors. In recent years, the importance of infrastructure cybersecurity and its potential for innovation was recognised by organisations such as the American National Institute of Standards and Technology (NIST). Techniques for attack prevention have been borrowed primarily from cyber-security in the context of enterprise networks and other communications networks. Such techniques were then proposed and evaluated in the context of a CPS. Traditional techniques for attack detection and mitigation use communication network traffic-based intrusion detection.

Any CPS security solution must also consider the physical layer and control aspects of the analysed system. Few authors have begun to consider physical-layer aspects of attacks, e.g., in the context of electrical power grid state estimation and control of gravity-flow irrigation channels. To mitigate such threats, statistical techniques for the detection of compromised sensor data have been proposed and evaluated. In addition, authors have started to look at ways to manipulate or compromise control algorithms used in CPS and found that such attacks are feasible, but depend on precise system knowledge by the attacker. Only few authors actually extended their work to practical testbeds , resulting in limited industrial impact.


Task 1
Attack Detection
Roland Boufanais
Stefano Galelli
David Yau
Justin Ruths
The development of physical-layer security techniques by exploiting intrinsic properties of channels. The main technical challenges will be to exploit the channel properties for reliable secret key generation in physical layer and to manage network interference for enhancing both communication confidentiality and reliability.
Task 2
Secure Dynamic Control
Justin Ruths
Roland Boufanais
Stefano Galelli
David Yau
Sun Jun
Develop dynamic control solutions to defend against attacks at the architectural and algorithmic level.
Task 3
Layered Defence
Aditya P Mathur
Nils Ole Tippenhauer
Design and implement dedicated devices which can be used to detect and defend against successful attacks on CPS.
Task 4
Attacker Models
Nils Ole Tippenhauer Develop a comprehensive set of realistic attacker models for cyber-physical attacks. Demonstrate attacks to validate countermeasures.
Task 5
Economic Models and Incentives
Duan Ling Jie
Costa Courcoubetis
Design an economic framework to identify cost-efficient defences for CPS. Provide incentives for collaborative system defence.