Our Funding

We are grateful to the following organizations that generously fund our activities:

Their funding supports our work in research, education, and outreach, not the least through our scientific projects.

Ongoing projects

Prob4Sec - Probabilistic Methods for Secure Learning and Control (2023-2027)

Call: VR Project Grant in Information and Cyber Security, funded by the Swedish Research Council (Vetenskapsrådet)

Awarded to: André Teixeira (PI) and Per Mattsson

USLC Members: 1 PhD student

Prob4Sec aims to develop theory and probabilistic methods for securing cyber-physical systems (CPSs) possessing learning and control capabilities: digital devices that learn from data they collect, and automatically decide how to best interact with the physical world over time. Intelligent CPSs are pervasive in our society. Users rely and trust that these devices will operate in a safe and secure manner. The consequences of incorrect behaviors in CPSs can be dire, threatening the users well being. Securing these systems is of utmost importance. Probabilistic methods are a natural way to deal with the uncertainty of physical systems and unintentional failures. Mathematical and statistical tools enable us to take a small number of samples and still be able to draw general conclusions. However, attacks are not only probabilistic but can have strategic behaviors, tailored to causing harm while avoiding detection. Hence, it is critical to develop systematic approaches that integrate the probabilistic and the strategic aspects of attacks in security analysis. Prob4Sec combines knowledge from security, statistical methods, and AI and control engineering to develop new methods for designing secure CPSs with learning and control functionalities. These methods will be instrumental in preventing future threats to all who benefit from this technology. Prob4Sec will provide further tools based on which trust in new technologies can be built and communicated, from developers to end users.

Learning for decision and control in a population of dynamical systems (2024-2027)

Call: VR Starting grant within natural and engineering sciences, funded by the Swedish Research Council (Vetenskapsrådet)

Awarded to: Per Mattsson (PI)

USLC Members: 1 PhD student

In real-world applications there are often many individual systems with similar dynamics - a population of systems. For example batteries in different cars, different batches in the process industry or different patients in medicine. By taking a population view we can study how the dynamical systems in the population can learn from each other, both when it comes to estimating models and designing controllers, and how to detect systems with anomalous behavior that may need maintenance or replacement. The aim of this project is to develop methods and analysis to tackle these problems in a coherent way. To realize this we have identified three subprojects. In the first we will develop and analyze estimation methods for populations of systems that can also handle anomalous systems. In the second we will study how these models can be used for population-wide monitoring and anomaly detection. In the third we will develop methods for robust data-driven control, where individual systems learn from each other. We already have established collaborations with experts in industry that can provide us with relevant applications and data for evaluation of the developed methods. By considering populations, instead of single systems as traditionally done in control theory, and taking on these three problems in a coherent way we believe that this project will open up new research directions in, and make significant contributions to, data-driven modeling, fault detection and control.

ADVOLCANO - Adverse Voltage Controllers’ Interactions in Active Distribution Networks (2023-2026)

Call: Program ‘The Electrical System of the Future’, funded by the Swedish Energy Agency

Awarded to: Stefan Stanković (PI, RISE), Xiaofeng Xong (KTH), Henrik Sandberg (KTH), André Teixeira

USLC Members: 1 PhD student

To meet the climate and safety challenges of today and the future, new technology is used that changes the dynamics of the electric power system, but which often also leads to unpredictable system behavior. To support voltage regulation in local distribution systems, but also to assist with voltage regulation in the overhead power transmission system, inverter-based generation is often used. However, these can lead to harmful interactions between voltage regulators that can compromise system security. This project analyzes these interactions. The project focus is on modeling and characterizing the interactions between voltage contorllers, as well as developing methods for analyzing them. Based on the analysis, in the project we will propose solutions on how to implement new voltage regulation strategies in active distribution networks while avoiding risks of harmful interactions. The project thus contributes to improved resilience and future secure electricity supply.

Validating a System Development Kit for edge federated learning (2023-2025)

Call: ‘Advanced and innovative digitalisation’, funded by the Sweden’s Innovation Agency (Vinnova)

Awarded to: Andreas Hellander (PI, Scaleout), Salman Toor (Scaleout), André Teixeira

USLC Members: Usama Zafar, 1 Postdoc

The project´s primary aim is to increase our understanding of scalability and cyber security in federated machine learning specifically for cloud edge applications. We will also further develop and validate a system development kit for federated machine learning, FEDn, for large-scale applications in fleet intelligence.

Secure Federated Machine Learning at Scale (2022-2026)

Call: ‘Joint Strategic Research Activities - Graduate School in Cybersecurity’, funded by the Dept. of Information Technology, Uppsala University

Awarded to: Salman Toor (PI), André Teixeira

USLC Members: Usama Zafar

The overall aims of the project are to mitigate the risk of attacks by providing security and enhanced privacy for a scalable federated training environment. In particular, the project addresses concerns related to security and privacy in federated machine learning against model poisoning and information leakage attacks. The envisioned approach is centered around developing new theories and methodologies to achieve two main aims: secure aggregation of local models under poisoning attacks, and private distributed aggregation of local models.

Data-driven Vulnerability Analysis for Critical Infrastructures (2022-2026)

Call: ‘Graduate School in Data-Intensive Science’, funded by the eSSENCE-SciLifeLab

Awarded to: Salman Toor (PI), André Teixeira

USLC Members: Zhenlu Sun

In the last two decades, solutions to address software vulnerabilities have evolved significantly. With predictive schemes, vulnerability analysis has shifted from being reactive to being proactive in terms of early identification of possible risks. A comprehensive vulnerability analysis requires data from application execution patterns, network logs, infrastructure logs, and traces from the source code. Efficient collection, availability and analysis of the log files is a non-trivial task as this data grows rapidly with the execution pattern of the applications. The other sources include infrastructure settings and, most importantly, the information available in public vulnerability databases. All these massive data sources form the basis to call vulnerability analysis a big data challenge. A comprehensive data-driven vulnerability analysis framework will be required to ensure reliable, efficient and uninterrupted mission critical services based on software applications. This project takes a data-intensive approach to analyse and diagnose the presence of cybersecurity vulnerabilities in software applications supporting services within critical computing infrastructures. Our approach consists of combining above-mentioned different data sources with attack modeling frameworks and use explainable machine learning techniques to analyze and diagnose security vulnerabilities in software and network configurations.

ReSiSt - Resilience, Safety, and Security in Tree-structured Civil Networks (2021-2024)

Call: VR Project Grant in Societal Security, funded by the Swedish Research Council (Vetenskapsrådet)

Awarded to: André Teixeira (PI), Alexander Medvedev, Per Mattsson, Stefan Engblom

USLC Members: Mohamed Abdalmoaty, Alain Govaert

Civil infrastructure networks (CIN) critically support modern society by distributing resources and protecting communities from hazards. Distributed control and monitoring of CIN to meet network demand under the network efficiency and cost constraints also poses physical security and cyber-security challenges. The resilience of civil infrastructure to disruptive events is the overarching topic of the present project. The project goal is to devise a coherent system theoretical platform for resilience analysis of CIN as well as resilience informed control of those. More specifically, a CIN is modeled as a cyber-physical system (CPS) whose physical layer is a transportation network equipped with actuator and sensor nodes interlaced with a computer network that implements control and monitoring of the physical layer. The scope is limited to the consideration of CPS with a tree-structured physical layer and covers a broad class of pipeline systems, i.e. networked systems transporting single or multi phase fluids. Failures, breakdowns, natural hazards, and cyberattacks are considered potential disruptive events. The project will be conducted along three main threads Mathematical modeling of CIM as CPS Model based assessment of resilience via operational indices Resilience informed control of CIM. The feasibility and efficacy of the developed mathematical models and algorithms will be evaluated with respect to urban water and wastewater networks.

Secure and Resilient Control Systems (2020-2025)

Call: SSF Future Research Leaders 7, funded by the Swedish Foundation for Strategic Research (SSF)

Awarded to: André Teixeira (PI)

USLC Members: Sribalaji Anand, Anh Tung Nguyen, Daniel Arnstöm, Ruslan Seifullaev

Reports of cyber-attacks on digitally controlled systems supporting modern societies, such as Stuxnet, have shown their devastating consequences to safety and human lives, and shed light on the attackers modus operandi first learn the system, then tamper the visible information so the attack is undetected, and meanwhile have significant impact on the physical system. It is of the utmost importance to be able to detect and mitigate such malicious cyber-attacks. Unfortunately, existing methods in control engineering consider impact on the physical system and detectability separately, and thus fail to accurately tackle cyber attacks that strategically mix high impact with low detectability. On the other hand, approaches from secure control assume adversaries with perfect knowledge, resulting in overly pessimistic, unrealistic conclusions. The project will produce approaches to analyze and mitigate cyber-attacks on control systems, through the following actions 1) to construct novel sensitivity metrics that jointly consider the impact and detectability of attacks under uncertainty; 2) to design optimal anomaly detectors, controllers, and security measure deployment that minimize the novel sensitivity metrics, and thus increase security; 3) to experimentally validate the developed scientific approaches in testbeds and numerical benchmarks. The developed science and tools will induce a paradigm change in robust control and fault detection, and allow for more effective handling of anomalies.

ADSec - Analysis and Design of Secure and Resilient Control Systems (2019-2023)

Call: VR Starting Grant, funded by the Swedish Research Council (Vetenskapsrådet)

Awarded to: André Teixeira (PI)

USLC Members: Sribalaji Anand, Fatih Emre Tosun

Reports on cyber-attacks, such as Stuxnet, have shown their devastating consequences on digitally controlled systems supporting modern societies. It is therefore of the utmost importance for control systems to be able to early detect and mitigate malicious cyber-attacks, which aim at having a significant impact on the system while remaining undetected. Unfortunately, existing techniques in control theory consider impact and detectability separately, and thus fail to accurately tackle malicious cyber-attacks. The aim of this project is to develop novel security metrics that jointly consider the impact and detectability of attacks, and that support the analysis and design of anomaly detectors and controllers for improved security and resilience.

LifeSec - Don’t Hack my Body (2018-2023)

Call: SSF Cyber Security Framework Program, funded by the Swedish Foundation for Strategic Research (SSF)

Awarded to: Thiemo Voigt (UU, PI), Robin Augustin (UU), Anders Ahlén (UU), Subhrakanti Dey (UU)

USLC Members: André Teixeira, Fatih Emre Tosun

Implanted devices must be effectively secured to avoid life-threatening scenarios where attackers control implanted devices such as pacemakers or insuline pumps, or install malware inside a human body. This project devises a security architecture for networked implanted medical devices that also enables a secure connection of the in-body network to the Internet. Our architecture ensures confidentiality, integrity and availability of the implanted devices considering also patients’ privacy.

… see all Projects