Alessandro Erba

CISPA Helmholtz Center for Information Security
Ph.D. Candidate

Alessandro Erba is a Postdoctoral researcher at Karlsruhe Institute of Technology with Prof. Christian Wressnegger. Before, he was a PhD student at CISPA Helmholtz Center for Information Security and Saarbrücken Graduate School of Computer Science (Saarland University) under the supervision by Dr. Nils Ole Tippenhauer. His research interest includes Cyber-Physical Systems Security, Anomaly Detection, and Adversarial Machine Learning. He works on adversarial examples against anomaly detectors for Cyber-Physical Systems, industrial protocol security (e.g., OPC UA), and autonomous vehicle security (e.g., Drones). For his contribution to the field of Cyber-Physical Systems Security, he received multiple distinguished paper awards (ACSAC '22, CPS&IoTsec '22, DIMVA '23). During his PhD studies, he visited the Cyber-Physical Security Lab (CPSec) with Prof. Saman Zonouz at the Georgia Institute of Technology. He holds Master's and Bachelor's degrees in Computer Science Engineering from Politecnico di Milano in Italy. During his master's, he was a visiting student at the iTrust lab at Singapore University of Technology and Design.


Cyber-Physical Systems (CPS) autonomously accomplish tasks in the physical environment. CPS employs computational resources, sensor, actuators, and communication protocols. Examples of such systems are Industrial Control Systems (ICS) and Unmanned Aerial Vehicles (UAV). Their security is of primary importance in our society. Attacks on such systems occurred in the past, harming humans, and causing environmental pollution, and economic losses. To mitigate the risk of attacks on CPS, anomaly detection (AD) techniques have been proposed. In our research, we investigate the security aspects of anomaly detection for CPS when targeted with concealment attacks for classifier evasion. We evaluate the robustness of process-based AD proposed in the literature against attacks that aim to conceal process anomalies. We propose three frameworks to assess the security of AD by exploring attacker constraints, detection properties, and minimal perturbation boundaries. Our proposed frameworks enable the first systematic security analysis of CPS anomaly detectors.