PhD Oral Exam - Hamed Kazemi, Electrical and Computer Engineering

When studying for a doctoral degree (PhD), candidates submit a thesis that provides a critical review of the current state of knowledge of the thesis subject as well as the student’s own contributions to the subject. The distinguishing criterion of doctoral graduate research is a significant and original contribution to knowledge.

Once accepted, the candidate presents the thesis orally. This oral exam is open to the public.

Abstract

Cyber-Physical Systems (CPS), characterized by the tight integration of computational algorithms and physical processes through networks of sensors and actuators, are foundational to modern technological ecosystems. However, the increasing interconnectivity and complexity of CPS introduce critical vulnerabilities, particularly to cyber-attacks and system faults. This thesis focuses on the cybersecurity of nonlinear CPS and distributed sensor networks, proposing robust, reliable, and resilient frameworks for real-time detection, isolation, and recovery from cyber threats and system anomalies.

The first major contribution of this thesis is a unified detection and isolation framework for nonlinear CPS affected by system faults and adversarial False Data Injection (FDI) attacks targeting both actuator and sensor networks, all in the presence of process and measurement noise. The proposed framework employs an Augmented Unscented Kalman Filter (AUKF) to jointly estimate system states and faults, enabling reliable discrimination between malicious attacks and unintentional failures. By incorporating model-based residual analysis alongside auxiliary filtering techniques, the framework facilitates multi-layered anomaly detection at both the command-and-control (C\&C) level and within actuator channels.

The thesis then explores reinforcement learning (RL)-based methodologies for advanced cyber-attack and fault detection. A State–action–reward–state–action (SARSA) approach is introduced for online detection and isolation, in which an agent refines its policy through interaction with the system dynamics, aiming to ensure early detection while minimizing false alarms. This is further extended to a Deep Reinforcement Learning (DRL) framework using Deep $Q$-Networks (DQN), which addresses the scalability limitations of tabular methods in high-dimensional, nonlinear systems. The DRL-based approach leverages analytical insights from AUKF estimators and auxiliary filters, enhancing the agent’s capability to detect subtle and stealthy attacks, including covert intrusions.

In the final part of the thesis, a resilient distributed state estimation framework is developed for sensor networks under cyber-attacks and sensor faults. Each node runs a local nonlinear estimator with an embedded detection mechanism. The architecture employs the Distributed Hybrid Information Fusion (DHIF) algorithm to ensure robust estimation through inter-node collaboration, even when FDI attacks compromise communication links. A DRL-based detector at each node evaluates the trustworthiness of received data and dynamically reconfigures the fusion process upon detection of anomalies. The framework also accommodates switching communication topologies, commonly seen in practical CPS, and includes a rigorous stability analysis demonstrating the ultimate boundedness of the distributed estimation process under such conditions.

The proposed methodologies are validated through extensive simulation studies. A fixed-base inverted pendulum and a high-fidelity unmanned aerial vehicle (UAV) model are used to demonstrate the effectiveness of the frameworks in isolating cyber-attacks, detecting stealthy intrusions, and maintaining operational integrity in nonlinear environments. Simulation results on the UAV platform show that the proposed RL-based methods consistently outperform classical statistical techniques in terms of detection accuracy, isolation speed, and resilience—particularly in scenarios complicated by noise, system faults, and sophisticated attack strategies. Additionally, the distributed estimation and resilience framework is empirically validated through a UAV case study operating within a CPS sensor network characterized by limited sensing coverage and vulnerability to cyber-attacks and sensor faults, demonstrating reliable state recovery and robust path following across a range of challenging simulation scenarios.

Overall, this thesis presents a comprehensive cybersecurity framework for nonlinear CPS, combining model-based estimation, statistical detection, and learning-based strategies for robust fault and attack mitigation. By integrating estimation, detection, and isolation across both centralized and distributed settings, the proposed methodologies offer practical and scalable solutions for securing next-generation CPS against evolving cyber threats.