Tutorial 1: IoT-Based Load-Altering Attacks in Smart Cities
Abstract: The cybersecurity of power grids has received significant attention over the past decades. This is mostly attributed to the increase in cybersecurity and cyber-espionage incidents revolving around critical grid infrastructure, enabled by smart city technologies and innovation. In terms of ongoing research activities, a large body of work is dedicated to investigating the security of bulk power systems (e.g., false data injection attacks, etc.). At the same time, the increasing number of Internet of Things (IoT) high-wattage consumer appliances including electric vehicles and heating, ventilation, and air conditioning (HVAC) systems in smart city deployments can pose a severe vulnerability to the electric grid’s operations. The focus of this tutorial is on the less-explored cyber-attacks that target end-user electrical appliances, which have recently gained prominence in research literature. An abrupt manipulation of smart cities power demand by large-scale botnet-type attacks against IoT-smart-home appliances can severely affect the balance between the power supply and demand, and lead to unsafe operation of the grid. The tutorial will present a comprehensive overview of the threat of load-altering attacks (LAAs) in smart cities and grid systems. It will specifically focus on (1) the theoretical foundations for analyzing a high-impact least-effort LAA targeted at high-wattage Internet of Things (IoT)-based devices, (2) the demonstration of how LAAs can lead to realistic cyber-attacks capable of identifying the most vulnerable locations and amount of load needed to be compromised in order to cause unsafe frequency fluctuations in a (low-inertia) power system, (3) application of machine learning (ML) techniques to detect and localize LAAs, (4) the presentation of simulation-based experiments to demonstrate the effects of the formulated LAA in future smart cities with a high penetration of renewable energy resources. Finally, future development of LAAs in the power grid and other cyber-physical systems will be identified.
Prof. Charalambos Konstantinou is an assistant professor at King Abdullah University of Science and Technology (KAUST), Thuwal, KSA. He is the Chair of the IEEE Task Force on Resilient and Secure Large-Scale Energy Internet Systems and the co-Chair of the IEEE Task Force on Cyber-Physical Interdependence for Power System Operation and Control. He serves as the Associate Editor for IET Generation, Transmission & Distribution. He is a Senior Member of IEEE, a member of ACM, and an ACM Distinguished Speaker (2021-2024). Prof. Konstantinou has investigated the field of load-altering attacks (LAAs) with feasibility studies based on realistic grid conditions and using real-world data.
Prof. Subhash Lakshminarayana is an associate professor at the University of Warwick, Coventry, UK. He currently serves as an Associate Editor at the IET smart grid journal and Frontiers in Communications and Networks Journal. He is a Senior Member of IEEE and a Member of IET. Prof. Lakshminarayana has contributed to the field by introducing theoretical foundations to analyze LAAs and developing machine learning techniques to detect and localize LAAs.
Tutorial 2: Technology Interventions empowering Pune City eco-system to achieve Carbon Neutral targets
Abstract: Pune city of India aims towards achieving net zero carbon target as well as other sustainable development goals, beginning with Strategic plan, Citizen Engagement, Technology-led cost effective Implementation-framework. The vision put forth by Pune includes leveraging its rich cultural and natural heritage, strong human capital and strong business environment as key strengths, and aspires in becoming one of most livable cities in India addressing its core issues pertaining to 17 SDGs in a “Future Proof” way, by making its neighborhoods beautiful, clean, green, and livable.
The transformation aims to sustain quadrupling of population in the next 15 years through investments in the following areas, ensuring achieving key SDGs , controlling of GHG emission and carbon footprint: The city has established “Smart City Operation Center”, to monitor city 24/7, fetch real time data from sensors, cameras across city, provide data driven insights in terms of alarms, alerts and mobilize the required field force based on the requirement.
The tutorial aims to cover the open data policy, all data driven projects and use of technological interventions and demonstrate the implementation of smart and intelligent solutions. The role of Internet of things (IOT), cloud computing, smart metering infrastructure, smart sensors, smart communication, image analytics, digital security sensors, environment sensors, etc, will be covered with reference to projects of Pune city, addressing the green-mobility transformation in the City , Smart Water and Sewage management, for enhancing Safety , Security and Surveillance, implementing Green Energy program to reduce carbon footprint of the city, with active citizen participation and Building Sustainable Environmental ecosystem.
Dr. Surekha Deshmukh has over 22 plus years of experience in the education and industry sector. Her current professional role is Domain Consultant, Analytics & Insights Practice, TCS, Pune, India. Dr. Surekha currently is Chapter Representative-IEEE PES R 10 West and Chair- IEEE PES India Chapters Council. She was Chair of the IEEE PES-IAS Chapter of Pune Section for 2019 and 2020. Dr Surekha is awarded with “Outstanding Volunteer Award” of IEEE India Council in 2020. As a chair- PES-IAS chapter, won the “BEST Chapter Award” at PES Global level and Pune Section. Her areas of interest include Artificial Intelligence and Data Analytics, Power Market, Power System Operation and Control, Reliability Analysis and Smart Grid, Electrical Safety, Electric Vehicles etc. With wide technical experience in Power Systems, she contributes as a reviewer of IEEE PES publications, Elsevier and Springer journals and contributes as a resource person at IEEE conferences, workshops, trainings etc.
Mr. Aniruddha Shahapure is an Electrical and Electronics engineer and MBA (Finance), is Senior Member of IEEE, Chartered Engineer (IEI) and Certified Industry 4.0 professional (IIEC). For more than 25 years, he has been affiliated to MNCs handling operations across the globe. An excellent administrator, technologist and implementer, he has governed and executed multimillion dollar projects in the Industrial automation and IT sectors, across Europe, Asia and African continents. He was Section Chair of IEEE (KE – Region8), organizing Chair and Advisor at various IEEE International Conferences. He is an active member of IEEE Standard Association, PES and computer society, along with his affiliation to the IEEE Pune section. Currently he is Chief Knowledge Officer at Pune Smart City Development Corporation Limited.
Tutorial 3: Internet of Secure Elements, Past, Present, Future
Abstract: This tutorial presents a new and emerging open technology named “Internet of Secure Elements (IOSE)”, whose goal is to enforce trust and security for digital platforms such as Internet of Things (IoT), cloud computing, payments, blockchain, or edge computing. A Secure Element is a tamper-resistant microcontroller equipped with host interfaces such as ISO7816, I2C, or SPI. Most secure elements include a Java Virtual Machine (JVM) and therefore execute embedded programs written in the JAVACARD language. Secure elements are widely deployed, for example in EMV bank card, SIM module or ePassport. More than 6 billion javacard are deployed today.
The first IOSE generation was based on EAP-TLS javacard applications. We demonstrated use cases for Wi-Fi security, mobile OPENID, Internet of Things, and mobile payments.
The second generation is based on TLS1.3 server (i.e. TLS for secure elements, TLS-SE) and TLS1.3 Identity Module (TLS-IM). We use TLS with symmetric pre-shared key secret, all source code is open. We demonstrate use cases for Internet of things (IoT), Cloud security, Blockchain, or 5G/6G.
The next generation will use secure elements, which comprise up to 64KB RAM, 2MB FLASH. The last version of Javacard API, which is not available in the market today, already supports I2C communications for IoT applications.
Part One (45mn): Understanding secure elements technologies. Tamper resistance, ISO7816 standards, NFC standards, Global platform standards, javacards, SIM ecosystem.
Part Two (30 mn): First IOSE generation. EAP-TLS smartcards, RADIUS servers, Mobile OPENID, Internet of Things applications, Mobile payments, RACS servers
Part Three (45 mn): Today IOSE. TLS-IM and TLS-SE, Attestation Procedure, Internet of things applications, Personal HSM, blockchain keystore
Part Four: (30 mn) next generation, conclusion, questions & responses
Prof. Pascal Urien is professor at Télécom Paris. He graduated from Ecole Centrale de Lyon, and holds a PHD in computer science. His research area is computer security, more particularly based on secure elements. Applications target networks, cloud computing infrastructures, mobile applications, internet of things, blockchain systems, edge computing. He wrote more than one hundred scientific articles, and fifteen patents. In 2009 Pascal was one of the winners of the national competition for the creation of innovative technology companies organized by the French Ministry of University, Research and Innovation. He is co-founders of the Ethertrust startup.
Tutorial 4: Detection of Activities of Daily Living (ADL): Modelling and data fusion
Abstract: Activities of Daily Living (ADLs) are self-care (e.g., bathing, dressing, going to the toilet) and instrumental (e.g., preparing meals, taking medications) activities that are typically used by healthcare professionals to assess if a person can live on their own independently. ADLs play an important role in the design and implementation of reliable sensor systems that can effectively: (i) monitor the activities of human population, and (ii) detect unusual activities that may affect a person’s well-being. These activities play a prominent role in the interaction of smart systems with humans and vice versa. Therefore, modelling and analysis of ADLs can contribute to the extensive investigation of structural, behavioural, and functional properties of the Smart Environment that they lie in. Moreover, safety and security features of the Smart Environment can be examined focusing on the interaction of the users with the Internet of Things (IoT) devices that operate within it. Conducting formal modelling and analysis could also prove the correctness of a smart system with respect to its specification, which leads to the improvement of its behavioural functioning and security or safety requirements.
The objectives of this tutorial are: (i) to present an introduction of ADLs and their importance in the context of Smart Cities, more specifically in healthcare, (ii) to present an introduction of how to model ADLs, and (iii) to present how to perform data fusion to analyse ADLs data collected from sensors.
The tutorial is structured as follows:
- Introduction to Activities of Daily Living (ADLs)
- ADLs sensor data fusion for analysis
- (i) Introduction to Modelling of ADLs and Smart Systems and (ii) Demonstration of a modular and compositional approach to model ADLs in Smart Systems
Overload of health systems around the world during the COVID-19 pandemic and even before it occurred evidenced the need of cost-effective technology-based solutions that could support the work of health professionals. This is of particular importance in the case of care of elderly people and People with Dementia (PwD). It is expected that this tutorial will provide an introduction of how sensor systems that monitor ADLs can be modelled and how collected sensor data can be analysed.
Dr. Alexandros Konios is a Senior Lecturer in Cyber Security at Nottingham Trent University. He obtained his PhD in Computer Science and MSc in Computer Security and Resilience from the University of Newcastle upon Tyne (UK). He also holds a BSc in Computer Science from the University of Piraeus (Greece). His research interests centres on formal analysis of interactive and concurrent systems, Model checking and temporal logic, Data analysis and Time series analysis, Analysis of network protocols, Internet of Thing (IoT) and Cryptography.
Dr. Matias Garcia-Constantino received the bachelor’s degree in Computer Engineering from the National Autonomous University of Mexico (UNAM), in 2007, and the Ph.D. degree in Computer Science from the University of Liverpool, in 2013. He has experience working in industry and in academia. He is currently a Lecturer in Computer Science within the School of Computing, Ulster University. His research interests include Data Analysis, Connected Health, Pervasive Computing, and Legal Technology.