A Security Evaluation of a Platform Intended for Critical Infrastructure - A Case Study for Sinusoidal Systems
| dc.contributor.author | Kokkinakis, Josefin | |
| dc.contributor.author | Alexanderson, Tobias | |
| dc.contributor.department | Chalmers tekniska högskola / Institutionen för data och informationsteknik | sv |
| dc.contributor.department | Chalmers University of Technology / Department of Computer Science and Engineering | en |
| dc.contributor.examiner | Damaschke, Peter | |
| dc.contributor.supervisor | Russo, Alejandro | |
| dc.date.accessioned | 2026-06-30T07:51:35Z | |
| dc.date.issued | 2026 | |
| dc.date.submitted | ||
| dc.description.abstract | The Digital Measurement Platform (DMP) is a safety-critical system designed for digital substations. It uses software applications to replicate the functionality of traditional physical power meters by processing data directly from the IEC61850 process bus. This allows multiple virtual meters to operate efficiently on a single hardware unit. While the operational feasibility and precision of the DMP have been carefully tested, its cybersecurity resilience remains unexplored. Given its deployment in critical infrastructure, this lack of security analysis is a significant gap. This thesis addresses that gap by performing a purple-team security assessment of the DMP. Through threat modeling, baseline security evaluation, and controlled attack experiments, we evaluate the resilience of the platform against an attacker controlling code inside an unprivileged container. We find that the DMP demonstrates resilience against container escapes, SQL injection, and Confused Deputy attacks. However, several Denial of Service vulnerabilities were successfully exploited. Flooding shared bind mounts and stdout/stderr bypasses cgroup resource limits to exhaust the host storage, while architectural weaknesses in the framework’s message handling enable OOM crashes within seconds. Mitigations are proposed for all successful exploits. | |
| dc.identifier.coursecode | datx05 | |
| dc.identifier.uri | https://hdl.handle.net/20.500.12380/311647 | |
| dc.language.iso | eng | |
| dc.setspec.uppsok | Technology | |
| dc.subject | container security, critical infrastructure, purple teaming, digital measurement platform | |
| dc.title | A Security Evaluation of a Platform Intended for Critical Infrastructure - A Case Study for Sinusoidal Systems | |
| dc.type.degree | Examensarbete för masterexamen | sv |
| dc.type.degree | Master's Thesis | en |
| dc.type.uppsok | H | |
| local.programme | Computer science -algorithms, languages and logic (MPALG), MSc |
