André M. H. Teixeira

Research Areas

My research considers control and monitoring of dynamical systems with main focus on:

  • Cyber-Secure and Resilient Control Systems

  • Cybersecurity of Power Systems

  • Distributed Fault Diagnosis in Multi-Agent Systems

  • Distributed Optimization

Ongoing Research Projects

Secure and Resilient Control Systems, Swedish Foundation for Strategic Research (SSF), SSF Future Research Leaders 7 Grant, 2020-2024 (team leader).

Project Webpage

Short Summary

Reports of cyber-attacks on digitally controlled systems supporting modern societies, such as Stuxnet, have shown their devastating consequences to safety and human lives, and shed light on the attackers’ modus operandi: first learn the system, then tamper the visible information so the attack is undetected, and meanwhile have significant impact on the physical system.
It is of the utmost importance to be able to detect and mitigate such malicious cyber-attacks. Unfortunately, existing methods in control engineering consider impact on the physical system and detectability separately, and thus fail to accurately tackle cyber-attacks that strategically mix high impact with low detectability. On the other hand, approaches from secure control assume adversaries with perfect knowledge, resulting in overly pessimistic, unrealistic conclusions.
The project will produce approaches to analyze and mitigate cyber-attacks on control systems, through the following actions: 1) to construct novel sensitivity metrics that jointly consider the impact and detectability of attacks under uncertainty; 2) to design optimal anomaly detectors, controllers, and security measure deployment that minimize the novel sensitivity metrics, and thus increase security; 3) to experimentally validate the developed scientific approaches in testbeds and numerical benchmarks. The developed science and tools will induce a paradigm change in robust control and fault detection, and allow for more effective handling of anomalies.

(ADSec) Analysis and Design of Secure and Resilient Control Systems, Swedish Research Council (Vetenskapsr├ądet), VR Starting Grant, 2019-2022 (team leader)

Reports on cyber-attacks, such as Stuxnet, have shown their devastating consequences on digitally controlled systems supporting modern societies. It is therefore of the utmost importance for control systems to be able to early detect and mitigate malicious cyber-attacks, which aim at having a significant impact on the system while remaining undetected. Unfortunately, existing techniques in control theory consider impact and detectability separately, and thus fail to accurately tackle malicious cyber-attacks.
The aim of this project is to develop novel security metrics that jointly consider the impact and detectability of attacks, and that support the analysis and design of anomaly detectors and controllers for improved security and resilience.

LifeSec: Don't Hack my Body, Swedish Foundation for Strategic Research, 2018-2021 (team member)

Implanted devices must be effectively secured to avoid life-threatening scenarios where attackers control implanted devices such as pacemakers or insuline pumps, or install malware inside a human's body. This project devises a security architecture for networked implanted medical devices that also enables a secure connection of the in-body network to the Internet. Our architecture ensures confidentiality, integrity and availability of the implanted devices considering also patients’ privacy.

Past Research Projects

(SOS4Floods) Secure our Flood Management Systems, The Netherlands Organisation for Scientific Research, 2015-2019 (team member)

Cyber attacks on critical infrastructures can have devastating consequences for environment, health and even human lives. To improve the protection and resilience, various approaches for security risk assessment, attack detection and safety monitoring have been developed. However, the links between cyber security and safety management are poorly understood, and relevant information is not shared, creating space for malicious activities to pass undetected. The project has two objectives. Firstly, the project will enrich network security monitoring with safety context information. Secondly, the project will improve safety incident response by procedures that include information from security monitoring in assessing the expected effectiveness of responses. The integration of the two innovations will enable adequate responses to flood defense security threats.

(SPARKS) Smart Grid Protection Against Cyber Attacks, European Commission, FP7, 2014-2017 (team member)

The aim of the project was to reduce the attack surface of smart grid systems, detect cyber-attacks in real-time, and improve the resilience of smart grid infrastructure during an attack. Furthermore, SPARKS aims at providing a deeper understanding of the threats, vulnerabilities and economic consequences of cyber-attacks on smart grid infrastructure, raise awareness amongst industry leaders, present convincing information to stakeholders, lead the debate and draw through action to improve the cyber readiness of European network operators.

(VIKING) Vital Infrastructure, Networks, Information and Control Systems Management, European Commission, FP7, 2009-2011 (team member)

The aim of the project was to develop, test and evaluate methodologies for the analysis, design and operation of resilient and secure industrial control systems for critical infrastructures, focusing on power transmission and distribution networks. VIKING was executed by a consortium of industrial and academic partners.