Cognitive radio (CR) and device-to-device (D2D) systems are two promising dynamic spectrum access schemes in wireless communication systems to provide improved quality-of-service, and efficient spectrum utilization. This dissertation shows that both CR and D2D systems benefit from properly designed cooperation scheme.

In underlay CR systems, where secondary users (SUs) transmit simultaneously with primary users (PUs), reliable communication is by all means guaranteed for PUs, which likely deteriorates SUs’ performance. To overcome this issue, cooperation exclusively among SUs is achieved through multi-user diversity (MUD), where each SU is subject to an instantaneous interference constraint at the primary receiver. Therefore, the active number of SUs satisfying this constraint is random. Under different user distributions with the same mean number of SUs, the stochastic ordering of SU performance metrics including bit error rate (BER), outage probability, and ergodic capacity are made possible even without observing closed form expressions. Furthermore, a cooperation is assumed between primary and secondary networks, where those SUs exceeding the interference constraint facilitate PU’s transmission by relaying its signal. A fundamental performance trade-off between primary and secondary networks is observed, and it is illustrated that the proposed scheme outperforms non-cooperative underlay CR systems in the sense of system overall BER and sum achievable rate.

Similar to conventional cellular networks, CR systems suffer from an overloaded receiver having to manage signals from a large number of users. To address this issue, D2D communications has been proposed, where direct transmission links are established between users in close proximity to offload the system traffic. Several new cooperative spectrum access policies are proposed allowing coexistence of multiple D2D pairs in order to improve the spectral efficiency. Despite the additional interference, it is shown that both the cellular user’s (CU) and the individual D2D user's achievable rates can be improved simultaneously when the number of D2D pairs is below a certain threshold, resulting in a significant multiplexing gain in the sense of D2D sum rate. This threshold is quantified for different policies using second order approximations for the average achievable rates for both the CU and the individual D2D user.

The electric power system is monitored via an extensive network of sensors in tandem with data processing algorithms, i.e., an intelligent cyber layer, that enables continual observation and control of the physical system to ensure reliable operations. This data collection and processing system is vulnerable to cyber-attacks that impact the system operation status and lead to serious physical consequences, including systematic problems and failures.

This dissertation studies the physical consequences of unobservable false data injection (FDI) attacks wherein the attacker maliciously changes supervisory control and data acquisition (SCADA) or phasor measurement unit (PMU) measurements, on the electric power system. In this context, the dissertation is divided into three parts, in which the first two parts focus on FDI attacks on SCADA and the last part focuses on FDI attacks on PMUs.

The first part studies the physical consequences of FDI attacks on SCADA measurements designed with limited system information. The attacker is assumed to have perfect knowledge inside a sub-network of the entire system. Two classes of attacks with different assumptions on the attacker's knowledge outside of the sub-network are introduced. In particular, for the second class of attacks, the attacker is assumed to have no information outside of the attack sub-network, but can perform multiple linear regression to learn the relationship between the external network and the attack sub-network with historical data. To determine the worst possible consequences of both classes of attacks, a bi-level optimization problem wherein the first level models the attacker's goal and the second level models the system response is introduced.

The second part of the dissertation concentrates on analyzing the vulnerability of systems to FDI attacks from the perspective of the system. To this end, an off-line vulnerability analysis framework is proposed to identify the subsets of the test system that are more prone to FDI attacks.

The third part studies the vulnerability of PMUs to FDI attacks. Two classes of more sophisticated FDI attacks that capture the temporal correlation of PMU data are introduced. Such attacks are designed with a convex optimization problem and can always bypass both the bad data detector and the low-rank decomposition (LD) detector.

Multiple-channel detection is considered in the context of a sensor network where data can be exchanged directly between sensor nodes that share a common edge in the network graph. Optimal statistical tests used for signal source detection with multiple noisy sensors, such as the Generalized Coherence (GC) estimate, use pairwise measurements from every pair of sensors in the network and are thus only applicable when the network graph is completely connected, or when data are accumulated at a common fusion center. This thesis presents and exploits a new method that uses maximum-entropy techniques to estimate measurements between pairs of sensors that are not in direct communication, thereby enabling the use of the GC estimate in incompletely connected sensor networks. The research in this thesis culminates in a main conjecture supported by statistical tests regarding the topology of the incomplete network graphs.

The world of a hearing impaired person is much different than that of somebody capable of discerning different frequencies and magnitudes of sound waves via their ears. This is especially true when hearing impaired people play video games. In most video games, surround sound is fed through some sort of digital output to headphones or speakers. Based on this information, the gamer can discern where a particular stimulus is coming from and whether or not that is a threat to their wellbeing within the virtual world. People with reliable hearing have a distinct advantage over hearing impaired people in the fact that they can gather information not just from what is in front of them, but from every angle relative to the way they're facing. The purpose of this project was to find a way to even the playing field, so that a person hard of hearing could also receive the sensory feedback that any other person would get while playing video games To do this, visual surround sound was created. This is a system that takes a surround sound input, and illuminates LEDs around the periphery of glasses based on the direction, frequency and amplitude of the audio wave. This provides the user with crucial information on the whereabouts of different elements within the game. In this paper, the research and development of Visual Surround Sound is discussed along with its viability in regards to a deaf person's ability to learn the technology, and decipher the visual cues.

RF convergence of radar and communications users is rapidly becoming an issue for a multitude of stakeholders. To hedge against growing spectral congestion, research into cooperative radar and communications systems has been identified as a critical necessity for the United States and other countries. Further, the joint sensing-communicating paradigm appears imminent in several technological domains. In the pursuit of co-designing radar and communications systems that work cooperatively and benefit from each other's existence, joint radar-communications metrics are defined and bounded as a measure of performance. Estimation rate is introduced, a novel measure of radar estimation information as a function of time. Complementary to communications data rate, the two systems can now be compared on the same scale. An information-centric approach has a number of advantages, defining precisely what is gained through radar illumination and serves as a measure of spectral efficiency. Bounding radar estimation rate and communications data rate jointly, systems can be designed as a joint optimization problem.

In this dissertation, I propose potential techniques to improve the quality-of-service (QoS) of real-time applications in cognitive radio (CR) systems. Unlike best-effort applications, real-time applications, such as audio and video, have a QoS that need to be met. There are two different frameworks that are used to study the QoS in the literature, namely, the average-delay and the hard-deadline frameworks. In the former, the scheduling algorithm has to guarantee that the packet's average delay is below a prespecified threshold while the latter imposes a hard deadline on each packet in the system. In this dissertation, I present joint power allocation and scheduling algorithms for each framework and show their applications in CR systems which are known to have strict power limitations so as to protect the licensed users from interference.

A common aspect of the two frameworks is the packet service time. Thus, the effect of multiple channels on the service time is studied first. The problem is formulated as an optimal stopping rule problem where it is required to decide at which channel the SU should stop sensing and begin transmission. I provide a closed-form expression for this optimal stopping rule and the optimal transmission power of secondary user (SU).

The average-delay framework is then presented in a single CR channel system with a base station (BS) that schedules the SUs to minimize the average delay while protecting the primary users (PUs) from harmful interference. One of the contributions of the proposed algorithm is its suitability for heterogeneous-channels systems where users with statistically low channel quality suffer worse delay performances. The proposed algorithm guarantees the prespecified delay performance to each SU without violating the PU's interference constraint.

Finally, in the hard-deadline framework, I propose three algorithms that maximize the system's throughput while guaranteeing the required percentage of packets to be transmitted by their deadlines. The proposed algorithms work in heterogeneous systems where the BS is serving different types of users having real-time (RT) data and non-real-time (NRT) data. I show that two of the proposed algorithms have the low complexity where the power policies of both the RT and NRT users are in closed-form expressions and a low-complexity scheduler.

I propose a new communications scheme where signature signals are used to carry digital data by suitably modulating the signal parameters with information bits. One possible application for the proposed scheme is in underwater acoustic (UWA) communications; with this motivation, I demonstrate how it can be applied in UWA communications. In order to do that, I exploit existing parameterized models for mammalian sounds by using them as signature signals. Digital data is transmitted by mapping vectors of information bits to a carefully designed set of parameters with values obtained from the biomimetic signal models. To complete the overall system design, I develop appropriate receivers taking into account the specific UWA channel models. I present some numerical results from the analysis of data recorded during the Kauai Acomms MURI 2011 (KAM11) UWA communications experiment.

It is shown that the proposed communication scheme results in approximate channel models with amplitude-limited inputs and signal-dependent additive noise. Motivated by this observation, I study capacity of amplitude-limited channels under different transmission scenarios. Specifically, I consider fading channels, signal-dependent additive Gaussian noise channels, multiple-input multiple-output (MIMO) systems and parallel Gaussian channels under peak power constraints.

I also consider practical channel coding problems for channels with signal-dependent noise. I consider two specific models; signal-dependent additive Gaussian noise channels and Z-channels which serve as binary-input binary-output approximations to the Gaussian case. I propose a new upper bound on the probability of error, and utilize it for design of codes. I illustrate the tightness of the derived bounds and the performance of the designed codes via examples.

The large distributed electric power system is a hierarchical network involving the

transportation of power from the sources of power generation via an intermediate

densely connected transmission network to a large distribution network of end-users

at the lowest level of the hierarchy. At each level of the hierarchy (generation/ trans-

mission/ distribution), the system is managed and monitored with a combination of

(a) supervisory control and data acquisition (SCADA); and (b) energy management

systems (EMSs) that process the collected data and make control and actuation de-

cisions using the collected data. However, at all levels of the hierarchy, both SCADA

and EMSs are vulnerable to cyber attacks. Furthermore, given the criticality of the

electric power infrastructure, cyber attacks can have severe economic and social con-

sequences.

This thesis focuses on cyber attacks on SCADA and EMS at the transmission

level of the electric power system. The goal is to study the consequences of three

classes of cyber attacks that can change topology data. These classes include: (i)

unobservable state-preserving cyber attacks that only change the topology data; (ii)

unobservable state-and-topology cyber-physical attacks that change both states and

topology data to enable a coordinated physical and cyber attack; and (iii) topology-

targeted man-in-the-middle (MitM) communication attacks that alter topology data

shared during inter-EMS communication. Specically, attack class (i) and (ii) focus on

the unobservable attacks on single regional EMS while class (iii) focuses on the MitM

attacks on communication links between regional EMSs. For each class of attacks,

the theoretical attack model and the implementation of attacks are provided, and the

worst-case attack and its consequences are exhaustively studied. In particularly, for

class (ii), a two-stage optimization problem is introduced to study worst-case attacks

that can cause a physical line over

ow that is unobservable in the cyber layer. The long-term implication and the system anomalies are demonstrated via simulation.

For attack classes (i) and (ii), both mathematical and experimental analyses sug-

gest that these unobservable attacks can be limited or even detected with resiliency

mechanisms including load monitoring, anomalous re-dispatches checking, and his-

torical data comparison. For attack class (iii), countermeasures including anomalous

tie-line interchange verication, anomalous re-dispatch alarms, and external contin-

gency lists sharing are needed to thwart such attacks.

The electric power system is one of the largest, most complicated, and most important cyber-physical systems in the world. The link between the cyber and physical level is the Supervisory Control and Data Acquisition (SCADA) systems and Energy Management Systems (EMS). Their functions include monitoring the real-time system operation through state estimation (SE), controlling the system to operate reliably, and optimizing the system operation efficiency. The SCADA acquires the noisy measurements, such as voltage angle and magnitude, line power flows, and line current magnitude, from the remote terminal units (RTUs). These raw data are firstly sent to the SE, which filters all the noisy data and derives the best estimate of the system state. Then the estimated states are used for other EMS functions, such as contingency analysis, optimal power flow, etc.

In the existing state estimation process, there is no defense mechanism for any malicious attacks. Once the communication channel between the SCADA and RTUs is hijacked by the attacker, the attacker can perform a man-in-middle attack and send data of its choice. The only step that can possibly detect the attack during the state estimation process is the bad data detector. Unfortunately, even the bad data detector is unable to detect a certain type of attack, known as the false data injection (FDI) attacks.

Diagnosing the physical consequences of such attacks, therefore, is very important to understand system stability. In this thesis, theoretical general attack models for AC and DC attacks are given and an optimization problem for the worst-case overload attack is formulated. Furthermore, physical consequences of FDI attacks, based on both DC and AC model, are addressed. Various scenarios with different attack targets and system configurations are simulated. The details of the research, results obtained and conclusions drawn are presented in this document.

The problem of cooperative radar and communications signaling is investigated. Each system typically considers the other system a source of interference. Consequently, the tradition is to have them operate in orthogonal frequency bands. By considering the radar and communications operations to be a single joint system, performance bounds on a receiver that observes communications and radar return in the same frequency allocation are derived. Bounds in performance of the joint system is measured in terms of data information rate for communications and radar estimation information rate for the radar. Inner bounds on performance are constructed.