Ioannis Zografopoulos
@umb.edu
Assistant Professor
University of Massachusetts Boston
Ioannis Zografopoulos is an assistant professor in the Engineering Department of the College of Science and Mathematics at the University of Massachusetts (UMass) Boston. He received his Ph.D. in Electrical and Computer Engineering from King Abdullah University of Science and Technology (KAUST) in 2023. Prior, he graduated with B.Eng. and M.Eng. degrees in Computer, Communications, and Network Engineering, and an M.Sc. degree in Electrical and Computer Engineering from the University of Thessaly, Volos, Greece, in 2014 and 2015, respectively.
His research interests include cyber-physical systems security, with an emphasis on embedded systems for industrial, distributed energy, and power grid applications.
EDUCATION
King Abdullah University of Science and Technology Thuwal, Saudi Arabia
Ph.D. candidate in Electrical & Computer Engineering, CEMSE division (Sep 2021 - Jul 2023)
Florida State University Tallahassee, Florida
Ph.D. candidate in Electrical & Computer Engineering, dep. ECE (Jan 2019 - Aug 2021)
University of Thessaly Volos, Greece
M.Sc. in Science and Technology of Electrical & Computer Engineering (Nov 2015)
University of Thessaly Volos, Greece
Diploma (5-year B.Eng. + M.Eng.) in Computer, Communications & Networks Engineering (Aug 2014)
RESEARCH INTERESTS
Electric grid security and resilience with integration of renewable and distributed energy resources;
Cyberphysical systems and Internet-of-Things (IoT);
Hardware security and embedded systems security;
Industrial system and critical infrastructure security;
Real-time controller- and hardware-
Scopus Publications
Scholar Citations
Scholar h-index
Scholar i10-index
Scopus Publications
Ioannis Zografopoulos, Nikos D. Hatziargyriou, and Charalambos Konstantinou
Institute of Electrical and Electronics Engineers (IEEE)
The digitization and decentralization of the electric power grid are key thrusts for an economically and environmentally sustainable future. Towards this goal, distributed energy resources (DER), including rooftop solar panels, battery storage, electric vehicles, etc., are becoming ubiquitous in power systems. Power utilities benefit from DERs as they minimize operational costs; at the same time, DERs grant users and aggregators control over the power they produce and consume. DERs are interconnected, interoperable, and support remotely controllable features, thus, their cybersecurity is of cardinal importance. DER communication dependencies and the diversity of DER architectures widen the threat surface and aggravate the cybersecurity posture of power systems. In this work, we focus on security oversights that reside in the cyber and physical layers of DERs and can jeopardize grid operations. Existing works have underlined the impact of cyberattacks targeting DER assets, however, they either focus on specific system components (e.g., communication protocols), do not consider the mission-critical objectives of DERs, or neglect the adversarial perspective (e.g., adversary/attack models) altogether. To address these omissions, we comprehensively analyze adversarial capabilities and objectives when manipulating DER assets, and then present how protocol and device-level vulnerabilities can materialize into cyberattacks impacting power system operations. Finally, we provide mitigation strategies to thwart adversaries and directions for future DER cybersecurity research.
Kalinath Katuri, Ioannis Zografopoulos, Ha Thi Nguyen, and Charalambos Konstantinou
IEEE
Smart grid advancements and the increased integration of digital devices have transformed the existing power grid into a cyber-physical energy system. This reshaping of the current power system can make it vulnerable to cyber-attacks, which could cause irreversible damage to the energy infrastructure resulting in the loss of power, equipment damage, etc. Constant threats emphasize the importance of cybersecurity investigations. At the same time, developing cyber-physical system (CPS) simulation testbeds is crucial for vulnerability assessment and the implementation and validation of security solutions. In this paper, two separate real-time CPS testbeds are developed based on the availability of local research facilities for impact analysis of denial-of-service (DoS) attacks on microgrids. The two configurations are implemented using two different digital real-time simulator systems, one using the real-time digital simulator (RTDS) with a hardware-in-the-loop (HIL) setup and the other one using OPAL-RT with ExataCPS to emulate the cyber-layer infrastructure. Both testbeds demonstrate the impact of DoS attacks on microgrid control and protection operation.
Shafkat Islam, Ioannis Zografopoulos, Md Tamjid Hossain, Shahriar Badsha, and Charalambos Konstantinou
IEEE
Smart grid (SG) systems enhance grid resilience and efficient operation, leveraging the bidirectional flow of energy and information between generation facilities and prosumers. For energy demand management (EDM), the SG network requires computing a large amount of data generated by massive Internet-of-things sensors and advanced metering infrastructure (AMI) with minimal latency. This paper proposes a deep reinforcement learning (DRL)-based resource allocation scheme in a 6G-enabled SG edge network to offload resource-consuming EDM computation to edge servers. Automatic resource provisioning is achieved by harnessing the computational capabilities of smart meters in the dynamic edge network. To enforce DRL-assisted policies in dense 6G networks, the state information from multiple edge servers is required. However, adversaries can “poison” such information through false state injection (FSI) attacks, exhausting SG edge computing resources. Toward addressing this issue, we investigate the impact of such FSI attacks with respect to abusive utilization of edge resources, and develop a lightweight FSI detection mechanism based on supervised classifiers. Simulation results demonstrate the efficacy of DRL in dynamic resource allocation, the impact of the FSI attacks, and the effectiveness of the detection technique.
Ioannis Zografopoulos, Abraham Peedikayil Kuruvila, Kanad Basu, and Charalambos Konstantinou
Elsevier BV
Ioannis Zografopoulos and Charalambos Konstantinou
Institute of Electrical and Electronics Engineers (IEEE)
The distributed generation capabilities of microgrids (MGs) arise as essential assets in enhancing grid resilience. The integration of distributed energy sources, controllable loads, and prosumers necessitates the deployment of potent control and communication synergies. While those synergies transform MGs into cyber-physical systems through information technologies able to sense, control, and actuate local resources and loads, they inadvertently expose MGs to cyber-attack threats. Increasing the security of critical communication and control systems against “black swan” events, i.e., high-impact low-probability cyber-physical incidents, is a major priority for MG operations. Such incidents, if left unabated, can intensify and elicit system dynamics instability, eventually causing outages and system failures. In this article, we develop an integrated approach for multiagent MG systems able to perform the detection of malicious cyber-physical attacks based on subspace methods. We employ the small-signal model of an autonomous/islanded MG and consider different attack models targeting the MG’s secondary frequency control. The attack detector is constructed via identifying the stable kernel representation of the autonomous cyber-physical MG in the attack-free case. We illustrate the impact of the attack models as well as the feasibility of the developed detection method in simulation models of the Canadian urban benchmark distribution system.
Ioannis Zografopoulos, Panagiotis Karamichailidis, Andreas T. Procopiou, Fei Teng, George C. Konstantopoulos, and Charalambos Konstantinou
IEEE
In this paper, we present a mitigation methodology that leverages battery energy storage system (BESS) resources in coordination with microgrid (MG) ancillary services to maintain power system operations during cyberattacks. The control of MG agents is achieved in a distributed fashion, and once a misbehaving agent is detected, the MG,${}^{\\prime}\\mathbf{s}$ mode supervisory controller (MSC) isolates the compromised agent and initiates self-healing procedures to support the power demand and restore the compromised agent. Our results demonstrate the practicality of the proposed attack mitigation strategy and how grid resilience can be improved using BESS synergies. Simulations are performed on a modified version of the Canadian urban benchmark distribution model.
Suman Rath, Ioannis Zografopoulos, Pedro P. Vergara, Vassilis C. Nikolaidis, and Charalambos Konstantinou
IEEE
Embedded controllers, sensors, actuators, advanced metering infrastructure, etc. are cornerstone components of cyber-physical energy systems such as microgrids (MGs). Harnessing their monitoring and control functionalities, sophisticated schemes enhancing MG stability can be deployed. However, the deployment of ‘smart’ assets increases the threat surface. Power systems possess mechanisms capable of detecting abnormal operations. Furthermore, the lack of sophistication in attack strategies can render them detectable since they blindly violate power system semantics. On the other hand, the recent increase of process-aware rootkits that can attain persistence and compromise operations in undetectable ways requires special attention. In this work, we investigate the steps followed by stealthy rootkits at the process level of control systems pre- and post-compromise. We investigate the rootkits' precompromise stage involving the deployment to multiple system locations and aggregation of system-specific information to build a neural network-based virtual data-driven model (VDDM) of the system. Then, during the weaponization phase, we demonstrate how the VDDM measurement predictions are paramount, first to orchestrate crippling attacks from multiple system standpoints, maximizing the impact, and second, impede detection blinding system operator situational awareness.
Christos Xenofontos, Ioannis Zografopoulos, Charalambos Konstantinou, Alireza Jolfaei, Muhammad Khurram Khan, and Kim-Kwang Raymond Choo
Institute of Electrical and Electronics Engineers (IEEE)
Internet of Things (IoT) devices are becoming ubiquitous in our lives, with applications spanning from the consumer domain to commercial and industrial systems. The steep growth and vast adoption of IoT devices reinforce the importance of sound and robust cybersecurity practices during the device development life cycles. IoT-related vulnerabilities, if successfully exploited can affect, not only the device itself but also the application field in which the IoT device operates. Evidently, identifying and addressing every single vulnerability are an arduous, if not impossible, task. Attack taxonomies can assist in classifying attacks and their corresponding vulnerabilities. Security countermeasures and best practices can then be leveraged to mitigate threats and vulnerabilities before they emerge into catastrophic attacks and ensure overall secure IoT operation. Therefore, in this article, we provide an attack taxonomy, which takes into consideration the different layers of the IoT stack, i.e., device, infrastructure, communication, and service, and each layer’s designated characteristics, which can be exploited by adversaries. Furthermore, using nine real-world cybersecurity incidents that had targeted IoT devices deployed in the consumer, commercial, and industrial sectors, we describe the IoT-related vulnerabilities, exploitation procedures, attacks, impacts, and potential mitigation mechanisms and protection strategies. These (and many other) incidents highlight the underlying security concerns of IoT systems and demonstrate the potential attack impacts of such connected ecosystems, while the proposed taxonomy provides a systematic procedure to categorize attacks based on the affected layer and corresponding impact.
Abraham Peedikayil Kuruvila, Ioannis Zografopoulos, Kanad Basu, and Charalambos Konstantinou
Elsevier BV
Arunmozhi Manimuthu, Venugopal Dharshini, Ioannis Zografopoulos, M. K. Priyan, and Charalambos Konstantinou
Springer Science and Business Media LLC
Suman Rath, Ioannis Zografopoulos, and Charalambos Konstantinou
ACM
Cyber-physical microgrids hold the key to a carbon-neutral power sector since they enable renewable and distributed energy resource integration, can alleviate overloaded distribution systems, and provide economic energy by generating and consuming power locally. The utilization of cyber-physical assets such as controllers, IoT sensors and actuators, and communication devices can enhance the stability and improve the control of microgrids. However, such assets, if maliciously operated, can become attack entry points and jeopardize the grid operation. Blind and uncoordinated cyber-attacks can be identified by existing security measures overcoming potential operational disruptions. However, rootkit attacks can stay hidden within cyber-physical systems and leverage system information to mask their presence. Rootkit detection is a strenuous process and requires advanced security methods due to their sophisticated operation. A careful analysis of possible rootkit target locations and their exploitation techniques is necessary to design effective threat detection and mitigation mechanisms. This paper discusses the cyber kill chain of a rootkit which can simultaneously deploy itself at multiple locations in a microgrid in a coordinated and stealthy way in order to maximize the impact on power system operations. The rootkit leverages system measurements to hide its presence and its attack impact from the detection mechanisms.
XioRui Liu, Juan Ospina, Ioannis Zografopoulos, Alonzo Russel, and Charalambos Konstantinou
ACM
Real-time simulation enables the understanding of system operating conditions by evaluating simulation models of physical components running synchronized at the real-time wall clock. Leveraging the real-time measurements of comprehensive system models, faster than real-time (FTRT) simulation allows the evaluation of system architectures at speeds faster than real-time. FTRT simulation can assist in predicting the system's behavior efficiently, thus assisting the operation of system processes. Namely, the provided acceleration can be used for improving system scheduling, assessing system vulnerabilities, and predicting system disruptions in real-time systems. The acceleration of simulation times can be achieved by utilizing digital real-time simulators (RTS) and high-performance computing (HPC) architectures. FTRT simulation has been widely used, among others, for the operation, design, and investigation of power system events, building emergency management plans, wildfire prediction, etc. In this paper, we review the existing literature on FTRT simulation and its applications in different disciplines, with a particular focus on power systems. We present existing system modeling approaches, simulation tools and computing frameworks, and stress the importance of FTRT accuracy.
Ioannis Zografopoulos, Charalambos Konstantinou, Nektarios Georgios Tsoutsos, Dan Zhu, and Robert Broadwater
ACM
In this paper, we examine the impact of cyberattacks in an integrated transmission and distribution (T&D) power grid model with distributed energy resource (DER) integration. We adopt the OCTAVE Allegro methodology to identify critical system assets, enumerate potential threats, analyze, and prioritize risks for threat scenarios. Based on the analysis, attack strategies and exploitation scenarios are identified which could lead to system compromise. Specifically, we investigate the impact of data integrity attacks in inverted-based solar PV controllers, control signal blocking attacks in protective switches and breakers, and coordinated monitoring and switching time-delay attacks.
Ioannis Zografopoulos, Juan Ospina, Xiaorui Liu, and Charalambos Konstantinou
Institute of Electrical and Electronics Engineers (IEEE)
Cyber-physical systems (CPS) are interconnected architectures that employ analog and digital components as well as communication and computational resources for their operation and interaction with the physical environment. CPS constitute the backbone of enterprise (e.g., smart cities), industrial (e.g., smart manufacturing), and critical infrastructure (e.g., energy systems). Thus, their vital importance, interoperability, and plurality of computing devices make them prominent targets for malicious attacks aiming to disrupt their operations. Attacks targeting cyber-physical energy systems (CPES), given their mission-critical nature within the power grid infrastructure, can lead to disastrous consequences. The security of CPES can be enhanced by leveraging testbed capabilities in order to replicate and understand power systems operating conditions, discover vulnerabilities, develop security countermeasures, and evaluate grid operation under fault-induced or maliciously constructed scenarios. Adequately modeling and reproducing the behavior of CPS could be a challenging task. In this paper, we provide a comprehensive overview of the CPS security landscape with an emphasis on CPES. Specifically, we demonstrate a threat modeling methodology to accurately represent the CPS elements, their interdependencies, as well as the possible attack entry points and system vulnerabilities. Leveraging the threat model formulation, we present a CPS framework designed to delineate the hardware, software, and modeling resources required to simulate the CPS and construct high-fidelity models that can be used to evaluate the system’s performance under adverse scenarios. The system performance is assessed using scenario-specific metrics, while risk assessment enables the system vulnerability prioritization factoring the impact on the system operation. The overarching framework for modeling, simulating, assessing, and mitigating attacks in a CPS is illustrated using four representative attack scenarios targeting CPES. The key objective of this paper is to demonstrate a step-by-step process that can be used to enact in-depth cybersecurity analyses, thus leading to more resilient and secure CPS.
Giannis Kazdaridis, Ioannis Zografopoulos, Nikos Sidiropoulos, Polychronis Symeonidis, and Thanasis Korakis
ACM
Juan Ospina, Ioannis Zografopoulos, XiaoRui Liu, and Charalambos Konstantinou
ACM
In this work, we present the impact of time-delay attacks in cyberphysical energy systems. The evaluation is performed in a real-time co-simulation environment that captures the interdependency between the system's cyber and physical models.
Giannis Kazdaridis, Nikos Sidiropoulos, Ioannis Zografopoulos, Polychronis Symeonidis, and Thanasis Korakis
ACM
In this work we illustrate a novel power management architecture towards eliminating the power draw of IoT platforms during inactive periods. Our principle suggests the employment of an off-chip Real-Time-Clock (RTC) configured to control the power supply of the under consideration mote, by enabling or disabling its power in a power-gating fashion. The selected RTC features an ultra-low power profile and it is the only module that remains powered during sleep, hence the overall mote's consumption is substantially diminished. Additionally, we introduce an alternative topology in which the host MCU remains powered in sleep state while the power-gating scheme is applied only in the rest of the peripherals of the IoT node, in an effort to exploit the MCUs benefits such as RAM retention and ultra-fast wake-ups. The proposed principle can be adopted by any IoT mote, in order to extend the life expectancy of battery-powered applications, by pushing sleep currents an order of magnitude lower. Moreover, we demonstrate the ICARUS mote, the first sensor that draws a sleep current of only 22 nA on a 3 V supply. Direct comparison of power draw in sleep state with state-of-the-art sensors illustrates improvements of roughly 98 % - 99.8 %, while we demonstrate that the life expectancy of the same motes can be prolonged from 2.7 years to 19 years under specific duty-cycles.
Giannis Kazdaridis, Nikos Sidiropoulos, Ioannis Zografopoulos, Polychronis Symeonidis, and Thanasis Korakis
ACM
In this work we demonstrate the ICARUS mote, the first wireless sensor node that features the extremely-low sleep current of 22 nA. To achieve this, we employ an off-chip on-board Real-Time-Clock (RTC) circuit with an ultra-low power consumption profile. The RTC is configured to control the power supply of the under consideration mote, by enabling or disabling its power in a power-gating fashion, while it is the only module that remains powered during sleep, hence the overall mote’s consumption is substantially diminished. The proposed principle can be adopted by any IoT mote, in order to extend the life expectancy of battery-powered applications, by pushing sleep currents an order of magnitude lower.
Ioannis Zografopoulos, Juan Ospina, and Charalambos Konstantinou
IEEE
Electric energy systems are undergoing significant changes to improve system reliability and accommodate increasing power demands. The penetration of distributed energy resources (DERs) including roof-top solar panels, energy storage, electric vehicles, etc., enables the on-site generation of economically dispatchable power curtailing operational costs. The effective control of DERs requires communication between utilities and DER system operators. The communication protocols employed for DER management and control lack sophisticated cybersecurity features and can compromise power systems secure operation if malicious control commands are issued to DERs. To overcome authentication-related protocol issues, we present a bolt-on security extension that can be implemented on Distributed Network Protocol v3 (DNP3). We port an authentication framework, DERauth, into DNP3, and utilize real-time measurements from a simulated DER battery energy storage system to enhance communication security. We evaluate our framework in a testbed setup using DNP3 master and outstation devices performing secure authentication by leveraging the entropy of DERs.
Ali Sayghe, Yaodan Hu, Ioannis Zografopoulos, Xiaorui Liu, R. Dutta, Yier Jin and Charalambos Konstantinou
Over the last decade, the number of cyber attacks targeting power systems and causing physical and economic damages has increased rapidly. Among them, false data injection attacks (FDIAs) are a class of cyber-attacks against power grid monitoring systems. Adversaries can successfully perform FDIAs to manipulate the power system state estimation (SE) by compromising sensors or modifying system data. SE is an essential process performed by the energy management system towards estimating unknown state variables based on system redundant measurements and network topology. SE routines include bad data detection algorithms to eliminate errors from the acquired measurements, e.g. in case of sensor failures. FDIAs can bypass BDD modules to inject malicious data vectors into a subset of measurements without being detected, and thus manipulate the results of the SE process. To overcome the limitations of traditional residual-based BDD approaches, data-driven solutions based on machine learning algorithms have been widely adopted for detecting malicious manipulation of sensor data due to their fast execution times and accurate results. This study provides a comprehensive review of the most up-to-date machine learning methods for detecting FDIAs against power system SE algorithms.
Ioannis Zografopoulos and Charalambos Konstantinou
IEEE
Over the past decades, power systems have experienced drastic transformations in order to address the growth in energy demand, reduce carbon emissions, and enhance power quality and energy efficiency. This shift to the smart grid concept involves, among others, the utilization of distributed energy resources (DERs) such as rooftop solar panels and storage systems, contributing towards grid decentralization while improving control over power generation. In order to seamlessly integrate DERs into power systems, embedded devices are used to support the communication and control functions of DERs. As a result, vulnerabilities of such components can be ported to the industrial environment. Insecure control networks and protocols further exacerbate the problem. Towards reducing the attack surface, we present an authentication scheme for DERs, DERauth, which leverages the inherent entropy of the DER battery energy storage system (BESS) as a root-of-trust. The DER authentication is achieved using a challenge-reply mechanism that relies on the corresponding DER's BESS state-of-charge (SoC) and voltage measurements. A dynamically updating process ensures that the BESS state is up-to-date. We evaluate our proof-of-concept in a prototype development that uses lithium-ion (li-ion) batteries for the BESS. The robustness of our design is assessed against modeling attacks performed by neural networks.
Giannis Kazdaridis, Ioannis Zographopoulos, Nikos Sidiropoulos, Polychronis Symeonidis, and Thanasis Korakis
ACM
In this work we present a novel power management architecture for Wireless Sensor Network devices towards minimizing the power consumption when nodes remain in sleep state. Specifically, we propose the employment of an on-board timer circuit that consumes only few nano Amperes, along with a power switch that controls the power rail of the under consideration node. According to our principle, the node remains solely disconnected from power when in sleep state in an effort to minimize the quiescent draw, while the timer is responsible for reinforcing the node back in active mode when required. Our implementation achieves the minimization of power draw in sleep state down to 33 nA, while it can easily be integrated with any IoT platform.
Giannis Kazdaridis, Stratos Keranidis, Polychronis Symeonidis, Panagiotis Tzimotoudis, Ioannis Zographopoulos, Panagiotis Skrimponis, and Thanasis Korakis
ACM
In this paper, we present a LoRa based city-scale testbed that employs several sensing devices scattered across the urban area to characterize air quality and weather conditions in real-time. The installation is augmented through a custom link quality evaluation framework that continuously monitors the Packet Delivery Ratio versus RSSI relation to characterize the performance of LoRa standard under realistic conditions. Experimental results, collected over a period of 2 months, efficiently analyze LoRa's performance across a wide range of protocol configurations. Finally, we also present in-lab experiments that characterize the efficiency of LoRa modules in terms of power and energy efficiency per bit, along with valuable insights aimed at the development of energy efficient protocol improvements.
Giannis Kazdaridis, Ioannis Zographopoulos, Polychronis Symeonidis, Panagiotis Skrimponis, Thanasis Korakis, and Leandros Tassiulas
ACM
Typical wireless sensor devices feature an extreme power consumption range between their active and sleep states, thus requiring different hardware setups for measuring their expenditure with high accuracy. In this demo paper we present the NITOS dynamic ACM, an in-situ power meter that exploits auto-ranging methods to support high dynamic currents. Our implementation features 250 kSps of sampling rate, while attaining high precision in both the active and sleep states of the targeted device, by using two different shunt resistors that are alternated automatically with the aid of a high speed comparator. The acquired results indicate the smooth performance of our system as well as the high accuracy attained.
Giannis Kazdaridis, Panagiotis Skrimponis, Ioannis Zographopoulos, Polychronis Symeonidis, Thanasis Korakis, and Leandros Tassiulas
ACM
Typical wireless sensor network applications follow duty-cycle mechanisms, yielding important energy savings by reducing the power consumption of idle listening. However, this approach still dictates predefined cycles of active operation, which in some application scenarios is meaningless. Extended lifetime can be achieved by asynchronously awakening sensor network's nodes only when truly required. In this work we present NITOS wake-up receiver that can be employed by typical sensor nodes to provide asynchronous wake-ups and substantially reduce their energy expenditure. Our wake-up circuit operates in the 868 MHz band and is activated by LoRa frames using OOK modulation. The developed system supports selective awakenings with the aid of a low-power micro-controller dedicated to sample the acquired signal and identify the wake-up address.