Scholars' Mine Doctoral Dissertations Student Theses and Dissertations Fall 2015 Quantification of information flow in cyber physical systems Li Feng Follow this and additional works at: https://scholarsmine.mst.edu/doctoral_dissertations Part of the Computer Sciences Commons, and the Electrical and Computer Engineering Commons Department: Computer Science Recommended Citation Feng, Li, "Quantification of information flow in cyber physical systems" (2015). Doctoral Dissertations. 2444. https://scholarsmine.mst.edu/doctoral_dissertations/2444 This thesis is brought to you by Scholars' Mine, a service of the Missouri S&T Library and Learning Resources. This work is protected by U. S. Copyright Law. Unauthorized use including reproduction for redistribution requires the permission of the copyright holder. For more information, please contact [email protected]. QUANTIFICATION OF INFORMATION FLOW IN CYBER PHYSICAL SYSTEMS by LI FENG A DISSERTATION Presented to the Faculty of the Graduate School of the MISSOURI UNIVERSITY OF SCIENCE AND TECHNOLOGY in Partial Fulfillment of the Requirements for the Degree DOCTOR OF PHILOSOPHY in COMPUTER SCIENCE 2015 Dr. Bruce McMillin, Advisor Dr. Ali Hurson Dr. Wei Jiang Dr. Dan Lin Dr. Jonathan Kimball Copyright 2015 Li Feng All Rights Reserved iii ABSTRACT In Cyber Physical Systems (CPSs), traditional security mechanisms such as cryptography and access control are not enough to ensure the security of the system since complex interactions between the cyber portion and physical portion happen fre- quently. In particular, the physical infrastructure is inherently observable; aggregated physical observations can lead to unintended cyber information leakage. Information flow analysis, which aims to control the way information flows among different enti- ties, is better suited for CPSs than the access control security mechanism. However, quantifying information leakage in CPSs can be challenging due to the flow of implicit information between the cyber portion, the physical portion, and the outside world. Within algorithmic theory, the online problem considers inputs that arrive one by one and deals with extracting the algorithmic solution through an advice tape without knowing some parts of the input. This dissertation focuses on statistical methods to quantify information leakage in CPSs due to algorithmic leakages, especially CPSs that allocate constrained resources. The proposed framework is based on the advice tape concept of algorithmically quantifying information leakage and statistical anal- ysis. With aggregated physical observations, the amount of information leakage of the constrained resource due to the cyber algorithm can be quantified through the proposed algorithms. An electric smart grid has been used as an example to develop confidence intervals of information leakage within a real CPS. The characteristic of the physical system, which is represented as an invariant, is also considered and influences the information quantification results. The impact of this work is that it allows the user to express an observer's uncertainty about a secret as a function of the revealed part. Thus, it can be used as an algorithmic design in a CPS to allocate resources while maximizing the uncertainty of the information flow to an observer. iv ACKNOWLEDGMENT I am always feeling so lucky to be able to reach here when I am looking back on my footprints. My sincere and foremost gratitude goes out to my advisor, Dr. Bruce McMillin, for accepting me as his student, for giving me the opportunity to work with him, for supporting me financially, for guiding me with extreme patience and continuous encouraging me. I am also grateful to Dr. Ali Hurson, Dr. Wei Jiang, Dr. Dan Lin and Dr. Jonathan Kimball for serving as my committee members. Their feedback, comments, and suggestions were always helpful. I am fortunate to work with so many smart and wonderfully labmates: Thomas Roth, Stephen Jackson, Michael Catanzaro, graduated labmates Ravi Akella and Thoshitha Gamage. They provide me with the best working environment. Espe- cially, Thomas and Stephen, they both inspire me with their creative ideas, insightful thoughts and make excellent contributions to our projects. I greatly acknowledge that my work was supported by the National Science Foun- dation under award EEC-0812121, the Future Renewable Electric Energy Delivery and Management Center (FREEDM). Also acknowledged is computer science department and all the staffs for their helps during my stay at Missouri S&T. Last but not the least, I am extremely thankful to my dear family: my parents, Dezhong Feng and Xiufang Zhang, for their unconditional love and raising me to be the person I want to be; my parents-in-law, Erlie Wang and Congli Li, for their countless sacrifices and support; my husband, Lei for his limitless love and always believing in me; my sister, Juan for supporting me going through the hardships in my lives, and my loving son, Ryan for bring me happiness everyday. Without all of you, this would be meaningless. I love you all! v TABLE OF CONTENTS Page ABSTRACT ............................................................................ iii ACKNOWLEDGMENT ............................................................... iv LIST OF ILLUSTRATIONS .......................................................... viii LIST OF TABLES ..................................................................... x SECTION 1. INTRODUCTION ................................................................ 1 1.1. CHALLENGES .............................................................. 1 1.2. CONTRIBUTIONS ......................................................... 2 1.3. ORGANIZATION ........................................................... 3 2. RELATED WORK ............................................................... 4 2.1. INFORMATION FLOW SECURITY PROPERTIES .................... 5 2.1.1. Noninterference Property ............................................ 5 2.1.2. Noninference Property ............................................... 6 2.1.3. Nondeducibility Property............................................ 6 2.2. QUANTITATIVE INFORMATION FLOW ............................... 6 2.2.1. Shannon Entropy Based Information Theory ...................... 7 2.2.2. Min-entropy Based Information Theory ............................ 8 2.2.3. Generalization of Min-entropy Leakage............................. 9 3. THE UNCERTAINTY OF THE OBSERVABILITY PROBLEM............. 12 3.1. MODEL PROBLEM ........................................................ 12 3.2. INFORMATION FLOW ANALYSIS THROUGH OBSERVABILITY .. 16 3.2.1. External Observer Obtaining One Reading ........................ 16 3.2.2. Multiple External Observers without DGI ......................... 17 3.3. ADVICE COMPLEXITY FOR ONLINE KNAPSACK .................. 22 3.3.1. Online Problem ...................................................... 22 3.3.2. Competitive Analysis ................................................ 22 3.3.3. Advice Complexity ................................................... 23 3.3.4. Online Knapsack with Advice Complexity ......................... 24 4. PRELIMINARY EXPERIMENT RESULTS ................................... 28 4.1. INFORMATION LEAKAGE MODEL .................................... 28 4.2. EXPERIMENT RESULTS ................................................. 32 vi 4.2.1. Case 1: Six Items as Solution to a Knapsack Problem ............ 33 4.2.2. Case 2: Split the Light Items in Case 1 ........................... 34 4.2.3. Case 3: Split the Heavy Items in Case 1 ........................... 35 5. THE INFORMATION FLOW QUANTIFICATION FRAMEWORK ........ 39 5.1. CONFIDENCE INTERVAL ................................................ 39 5.2. FRAMEWORK.............................................................. 40 5.3. CASE STUDY AND EVALUATION RESULTS IN FREEDM .......... 46 5.3.1. Case 1: The Heavy Items are Seen Before the Light Items ....... 47 5.3.2. Case 2: The Light Items are Seen Before the Heavy Items ....... 48 5.3.3. FREEDM Example and Evaluation Result ........................ 49 5.4. ALGORITHM ............................................................... 51 5.5. EXAMPLES BY APPLYING THE ALGORITHMS ..................... 53 Light 5.5.1. Case 1:Heavy Items and Light Items Satisfy Heavy > δ ..... 53 Light 5.5.2. Case 2:Heavy Items and Light Items Satisfy Heavy < δ ...... 54 6. INTEGRATING WITH PHYSICAL SYSTEM ................................ 59 6.1. INVARIANT FOR THREE NODES SWITCHED SYSTEM ............ 59 6.2. INVARIANT FOR TWO-GENERATORS SEVEN NODES SYSTEM . 61 6.3. CONFIDENCE INTERVAL ANALYSIS WITH INTEGRATION OF PHYSICAL SYSTEM INVARIANT ....................................... 63 7. CONCLUSIONS AND FUTURE WORK ...................................... 70 7.1. CONCLUSIONS AND CONTRIBUTIONS ............................... 70 7.2. FUTURE WORK ........................................................... 71 8. ZERO KNOWLEDGE PROOFS ................................................ 72 8.1. BACKGROUND AND MOTIVATION .................................... 72 8.2. INTRODUCTION........................................................... 73 8.2.1. Interactive Proof and Its Properties ................................ 73 8.2.2. A Simple Example ................................................... 74 8.2.3. Computational Indistinguishability ................................. 75 8.2.4. One-way Function.................................................... 76 8.2.5. Simulation Paradigm ...............................................