André M. H. Teixeira

Research Areas

My research considers control and monitoring of dynamical systems with main focus on:

  • Cyber-Secure and Resilient Control Systems

  • Cybersecurity of Power Systems

  • Distributed Fault Diagnosis in Multi-Agent Systems

  • Distributed Optimization

Ongoing Research Projects

Prob4Sec - Probabilistic Methods for Secure Learning and Control, Swedish Research Council (Vetenskapsrådet), VR Project Grant in Information and Cyber Security, 2023-2027 (PI)

Short Summary

Prob4Sec aims to develop theory and probabilistic methods for securing cyber-physical systems (CPSs) possessing learning and control capabilities: digital devices that learn from data they collect, and automatically decide how to best interact with the physical world over time.

Intelligent CPSs are pervasive in our society. Users rely and trust that these devices will operate in a safe and secure manner. The consequences of incorrect behaviors in CPSs can be dire, threatening the users’ well-being. Securing these systems is of utmost importance.

Probabilistic methods are a natural way to deal with the uncertainty of physical systems and unintentional failures. Mathematical and statistical tools enable us to take a small number of samples and still be able to draw general conclusions. However, attacks are not only probabilistic but can have strategic behaviors, tailored to causing harm while avoiding detection. Hence, it is critical to develop systematic approaches that integrate the probabilistic and the strategic aspects of attacks in security analysis.

Prob4Sec combines knowledge from security, statistical methods, and AI and control engineering to develop new methods for designing secure CPSs with learning and control functionalities. These methods will be instrumental in preventing future threats to all who benefit from this technology. Prob4Sec will provide further tools based on which trust in new technologies can be built and communicated, from developers to end-users.

ADVOLCANO - Adverse Voltage Controllers’ Interactions in Active Distribution Networks, The Swedish Energy Agency, 2023-2026 (co-PI)

Short Summary

To meet the climate and safety challenges of today and the future, new technology is used that changes the dynamics of the electric power system, but which often also leads to unpredictable system behavior. To support voltage regulation in local distribution systems, but also to assist with voltage regulation in the overhead power transmission system, inverter-based generation is often used. However, these can lead to harmful interactions between voltage regulators that can compromise system security. This project analyzes these interactions. The project's focus is on modeling and characterizing the interactions between voltage contorllers, as well as developing methods for analyzing them. Based on the analysis, in the project we will propose solutions on how to implement new voltage regulation strategies in active distribution networks while avoiding risks of harmful interactions. The project thus contributes to improved resilience and future secure electricity supply.

Validating a System Development Kit for edge federated learning, Swedish Innovation Agency (Vinnova), 2023-2025 (co-PI).

Short Summary

The project´s primary aim is to increase our understanding of scalability and cyber security in federated machine learning specifically for cloud edge applications. We will also further develop and validate a system development kit for federated machine learning, FEDn, for large-scale applications in fleet intelligence.

Data-driven Vulnerability Analysis for Critical Infrastructures, eSSENCE-SciLifeLab Graduate School in Data-Intensive Science, 2022-2026 (co-PI).

Short Summary

In the last two decades, solutions to address software vulnerabilities have evolved significantly. With predictive schemes, vulnerability analysis has shifted from being reactive to being proactive in terms of early identification of possible risks. A comprehensive vulnerability analysis requires data from application execution patterns, network logs, infrastructure logs, and traces from the source code. Efficient collection, availability and analysis of the log files is a non-trivial task as this data grows rapidly with the execution pattern of the applications. The other sources include infrastructure settings and, most importantly, the information available in public vulnerability databases. All these massive data sources form the basis to call vulnerability analysis a big data challenge. A comprehensive data-driven vulnerability analysis framework will be required to ensure reliable, efficient and uninterrupted mission critical services based on software applications.

This project takes a data-intensive approach to analyse and diagnose the presence of cybersecurity vulnerabilities in software applications supporting services within critical computing infrastructures. Our approach consists of combining above-mentioned different data sources with attack modeling frameworks and use explainable machine learning techniques to analyze and diagnose security vulnerabilities in software and network configurations.

ReSiSt: Resilience, Safety, and Security in Tree-structured Civil Networks, Swedish Research Council (Vetenskapsrådet), VR Project Grant in Societal Security, 2021-2024 (team leader).

Short Summary

Civil infrastructure networks (CIN) critically support modern society by distributing resources and protecting communities from hazards. Distributed control and monitoring of CIN to meet network demand under the network efficiency and cost constraints also poses physical security and cyber-security challenges.

The resilience of civil infrastructure to disruptive events is the overarching topic of the present project. The project goal is to devise a coherent system-theoretical platform for resilience analysis of CIN as well as resilience-informed control of those.

More specifically, a CIN is modeled as a cyber-physical system (CPS) whose physical layer is a transportation network equipped with actuator and sensor nodes interlaced with a computer network that implements control and monitoring of the physical layer. The scope is limited to the consideration of CPS with a tree-structured physical layer and covers a broad class of pipeline systems, i.e. networked systems transporting single- or multi-phase fluids. Failures, breakdowns, natural hazards, and cyberattacks are considered potential disruptive events.

The project will be conducted along three main threads: Mathematical modeling of CIM as CPS; Model-based assessment of resilience via operational indices; Resilience-informed control of CIM. The feasibility and efficacy of the developed mathematical models and algorithms will be evaluated with respect to urban water and wastewater networks.

Secure and Resilient Control Systems, Swedish Foundation for Strategic Research (SSF), SSF Future Research Leaders 7 Grant, 2020-2025 (team leader).

Project Webpage

Short Summary

Reports of cyber-attacks on digitally controlled systems supporting modern societies, such as Stuxnet, have shown their devastating consequences to safety and human lives, and shed light on the attackers’ modus operandi: first learn the system, then tamper the visible information so the attack is undetected, and meanwhile have significant impact on the physical system.
It is of the utmost importance to be able to detect and mitigate such malicious cyber-attacks. Unfortunately, existing methods in control engineering consider impact on the physical system and detectability separately, and thus fail to accurately tackle cyber-attacks that strategically mix high impact with low detectability. On the other hand, approaches from secure control assume adversaries with perfect knowledge, resulting in overly pessimistic, unrealistic conclusions.

The project will produce approaches to analyze and mitigate cyber-attacks on control systems, through the following actions: 1) to construct novel sensitivity metrics that jointly consider the impact and detectability of attacks under uncertainty; 2) to design optimal anomaly detectors, controllers, and security measure deployment that minimize the novel sensitivity metrics, and thus increase security; 3) to experimentally validate the developed scientific approaches in testbeds and numerical benchmarks. The developed science and tools will induce a paradigm change in robust control and fault detection, and allow for more effective handling of anomalies.

(ADSec) Analysis and Design of Secure and Resilient Control Systems, Swedish Research Council (Vetenskapsrådet), VR Starting Grant, 2019-2023 (team leader)

Reports on cyber-attacks, such as Stuxnet, have shown their devastating consequences on digitally controlled systems supporting modern societies. It is therefore of the utmost importance for control systems to be able to early detect and mitigate malicious cyber-attacks, which aim at having a significant impact on the system while remaining undetected. Unfortunately, existing techniques in control theory consider impact and detectability separately, and thus fail to accurately tackle malicious cyber-attacks.

The aim of this project is to develop novel security metrics that jointly consider the impact and detectability of attacks, and that support the analysis and design of anomaly detectors and controllers for improved security and resilience.

LifeSec: Don't Hack my Body, Swedish Foundation for Strategic Research, 2018-2023 (team member)

Implanted devices must be effectively secured to avoid life-threatening scenarios where attackers control implanted devices such as pacemakers or insuline pumps, or install malware inside a human's body.

This project devises a security architecture for networked implanted medical devices that also enables a secure connection of the in-body network to the Internet. Our architecture ensures confidentiality, integrity and availability of the implanted devices considering also patients’ privacy.

Past Research Projects

(SOS4Floods) Secure our Flood Management Systems, The Netherlands Organisation for Scientific Research, 2015-2019 (team member)

Cyber attacks on critical infrastructures can have devastating consequences for environment, health and even human lives. To improve the protection and resilience, various approaches for security risk assessment, attack detection and safety monitoring have been developed. However, the links between cyber security and safety management are poorly understood, and relevant information is not shared, creating space for malicious activities to pass undetected.

The project has two objectives. Firstly, the project will enrich network security monitoring with safety context information. Secondly, the project will improve safety incident response by procedures that include information from security monitoring in assessing the expected effectiveness of responses. The integration of the two innovations will enable adequate responses to flood defense security threats.

(SPARKS) Smart Grid Protection Against Cyber Attacks, European Commission, FP7, 2014-2017 (team member)

The aim of the project was to reduce the attack surface of smart grid systems, detect cyber-attacks in real-time, and improve the resilience of smart grid infrastructure during an attack. Furthermore, SPARKS aims at providing a deeper understanding of the threats, vulnerabilities and economic consequences of cyber-attacks on smart grid infrastructure, raise awareness amongst industry leaders, present convincing information to stakeholders, lead the debate and draw through action to improve the cyber readiness of European network operators.

(VIKING) Vital Infrastructure, Networks, Information and Control Systems Management, European Commission, FP7, 2009-2011 (team member)

The aim of the project was to develop, test and evaluate methodologies for the analysis, design and operation of resilient and secure industrial control systems for critical infrastructures, focusing on power transmission and distribution networks. VIKING was executed by a consortium of industrial and academic partners.