School of Computer Science and Informatics
Permanent URI for this collection
Browse
Browsing School of Computer Science and Informatics by Author "Abdelwahed, Sherif"
Now showing 1 - 4 of 4
Results Per Page
Sort Options
Item Embargo Adaptive control for smart water distribution systems(IEEE, 2021-07-10) Zaman, Mostafa; Al Islam, Maher; Tantawy, Ashraf; Fung, Carol; Abdelwahed, SherifThe rationalization of energy and water consumption is becoming increasingly important. Water distribution systems require energy to operate, and a consumption trade-off became a necessity. Existing water distribution systems still rely on traditional feedback control that is reactive and sub-optimal. The proliferation of the Internet of Things (loT) provides a myriad of opportunities to achieve new levels of optimization for water distribution systems. This paper presents the design and simulation of a water distribution testbed currently under construction at Virginia Commonwealth University (VCU). The simulation results show the superiority of loT-based adaptive control schemes over existing control approaches, with no additional cost. The paper provides a roadmap for loT-based system design and advanced control to minimize the consumption under user convenience constraints.Item Embargo Cyber LOPA: An Integrated Approach for the Design of Dependable and Secure Cyber Physical Systems(IEEE, 2022-04-22) Tantawy, Ashraf; Abdelwahed, Sherif; Erradi, AbdelkarimItem Embargo A Game-Theoretic Model for DDoS Mitigation Strategies with Cloud Services(IEEE, 2022-06-09) Al Islam, Maher; Fung, Carol; Tantawy, Ashraf; Abdelwahed, SherifAs DDoS (Distributed Denial of Service) attacks constantly evolve and bombard businesses and organizations from time to time, DDoS mitigation cloud service is a popular solution to defend against DDoS attacks. Decision makers can select which services to deploy given the associated risk and the deployment cost. In this work, we establish a game-theoretic model to simulate the decision making of attackers and defenders under the context of DDoS attacks. We simulate the attacker/defender game under different scenarios and demonstrate that the efficacy of using external services is impacted by several factors including the resources of the organization, the potential damage and the attacker cost/reward. We find that under different scenarios, the Nash Equilibrium may vary drastically from no attack at all to definite attack. Our study can provide useful insights to decision makers and stakeholders on their DDoS defense strategy planning. To the best of our knowledge, this is the first game model to investigate the DDoS attack/defense strategy involving third-party servicesItem Embargo Model-based risk assessment for cyber physical systems security(Elsevier, 2020-05-27) Tantawy, Ashraf; Abdelwahed, Sherif; Erradi, Abdelkarim; Shaban, KhaledTraditional techniques for Cyber-Physical Systems (CPS) security design either treat the cyber and physical systems independently, or do not address the specific vulnerabilities of real time embedded controllers and networks used to monitor and control physical processes. In this work, we develop and test an integrated model-based approach for CPS security risk assessment utilizing a CPS testbed with real-world industrial controllers and communication protocols. The testbed monitors and controls an exothermic Continuous Stirred Tank Reactor (CSTR) simulated in real-time. CSTR is a fundamental process unit in many industries, including Oil & Gas, Petrochemicals, Water treatment, and nuclear industry. In addition, the process is rich in terms of hazardous scenarios that could be triggered by cyber attacks due to the lack of possible mechanical protection. The paper presents an integrated approach to analyze and design the cyber security system for a given CPS where the physical threats are identified first to guide the risk assessment process. A mathematical model is derived for the physical system using a hybrid automaton to enumerate potential hazardous states of the system. The cyber system is then analyzed using network and data flow models to develop the attack scenarios that may lead to the identified hazards. Finally, the attack scenarios are performed on the testbed and observations are obtained on the possible ways to prevent and mitigate the attacks. The insights gained from the experiments result in several key findings, including the expressive power of hybrid automaton in security risk assessment, the hazard development time and its impact on cyber security design, and the tight coupling between the physical and the cyber systems for CPS that requires an integrated design approach to achieve cost-effective and secure designs.