Turn on the tap and water comes out.
It’s a system that we generally take for granted—but probably shouldn’t—in an increasingly hostile world where life-sustaining infrastructure has become a target for sophisticated hackers.
“Cyber attacks are happening here in the U.S. and all around the globe,” says PhD student Nazia Raza ’24G. “There’s an urgent need to develop techniques and solutions to identify and mitigate those threats to water distribution, energy, and other infrastructure systems.”
Raza, who is advised by Farrah Moazeni, an assistant professor of civil and environmental engineering, recently published a paper in the journal Water Research, in which she outlines a novel holistic cybersecurity framework for smart water distribution systems. She describes it as a “comprehensive guide” for water authorities that will allow them to detect attacks, localize them, and assess their severity. Although other models have addressed detection or localization in isolation, such a three-part model is the first of its kind.
“The first step is to be able to detect an attack when it happens,” says Raza. “Then, you need to know where it’s being launched, because you might have thousands of pipes and valves within a system.”
For example, if the attack is located at pipe number 3000, she explains, the water authority’s decision-maker would need to prioritize the range and types of attacks to best allocate the resources needed to resolve them.
“For this, you need a severity assessment,” she says. “We’ve come up with a framework that solves each of these three problems and can be directly deployed to enhance the cybersecurity protection layers of our smart water distribution systems.”