On the role of latent design conditions in cyber-physical systems security (original) (raw)
Related papers
State of the art of cyber-physical systems security: An automatic control perspective
Journal of Systems and Software, 2018
Context: Cyber-physical systems (CPS) are integrations of computation, networking, and physical processes. Due to the tight cyberphysical coupling and to the potentially disrupting consequences of failures, security is one of the primary concerns for this type of systems. CPS security is attracting several research efforts from different and independent areas (e.g., secure control, intrusion detection in SCADA systems, etc.), each of them with specific peculiarities, features, and capabilities, resulting in a considerably variegated and complex scientific body of knowledge on the topic. Objective: In this study we aim at identifying, classifying, and analyzing existing research on CPS security in order to better understand how security is actually addressed when dealing with cyber-physical systems. Based on this analysis of the state of the art, we also aim at identifying the implications for future research on CPS security. Method: In order to achieve this, we designed and conducted a systematic mapping study to identify, classify, and compare relevant studies proposing a method or technique for cyber-physical systems security. A comparison framework for classifying methods or techniques for CPS security has been empirically defined; identified relevant studies have been classified on the basis of publication trends, their characteristics and focus, and their validation strategies. Results: We selected a total of 118 primary studies as a result of the systematic mapping process. From the collected data we can observe that (i) even if solutions for CPS security has emerged only recently, in the last years they are gaining a sharply increasing scientific interest across heterogeneous publication venues; (ii) the bulk of the works on security for cyber-physical systems is focused on power grids, and the approaches considering attacks on sensors and their protection completely dominate the scene; regardless of application field and considered system components, all the works on CPS security deal with attacks, in order to either implement or to counteract them, and putting together all this studies gives us the possibility to categorize the existing (cyber-physical) attack models; it comes as surprise that very few papers consider communication aspects or imperfections and attempt to provide non-trivial mathematical models of the communication; (iii) most advanced and realistic validation methods have been exploited in the power networks application domain, but even there a benchmark is still missing. Conclusion: The systematic map of research on CPS security provided here is based on, for instance, application fields, various system components, related algorithms and models, attacks characteristics and defense strategies. This work presents a powerful comparison framework for existing and future research on this hot topic, important for both industry and academia.
Addressing safety and security contradictions in cyber-physical systems
2009
Abstract Modern cyber-physical systems are found in important domains such as automobiles, medical devices, building automation, avionics, etc.. Hence, they are increasingly prone to security violations. Often such vulnerabilities occur as a result of contradictory requirements between the safety/real-time properties and the security needs of the system. In this paper we propose a formal framework that assists designers in detecting such conflicts early, thus increasing both, the safety and the security of the overall system.
The myths and facts behind cyber security risks for industrial control systems
Proceedings of the VDE Kongress, 2004
Process control and SCADA systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. Unfortunately, new research indicates this complacency is misplaced -the move to open standards such as Ethernet, TCP/IP and web technologies is letting hackers take advantage of the control industry's ignorance. This paper summarizes the incident information collected in the BCIT Industrial Security Incident Database (ISID), describes a number of events that directly impacted process control systems and identifies the lessons that can be learned from these security events.
Fundamental Challenges of Cyber-Physical Systems Security Modeling
2020 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S)
Systems modeling practice lacks security analysis tools that can interface with modeling languages to facilitate security by design. Security by design is a necessity in the age of safety critical cyber-physical systems, where security violations can cause hazards. Currently, the overlap between security and safety is narrow. But deploying cyber-physical systems means that today's adversaries can intentionally trigger accidents. By implementing security assessment tools for modeling languages we are better able to address threats earlier in the system's lifecycle and, therefore, assure their safe and secure behavior in their eventual deployment. We posit that cyberphysical systems security modeling is practiced insufficiently because it is still addressed similarly to information technology systems.
Three tenets for secure cyber-physical system design and assessment
Cyber Sensing 2014, 2014
This paper presents a threat-driven quantitative mathematical framework for secure cyber-physical system design and assessment. Called The Three Tenets, this originally empirical approach has been used by the US Air Force Research Laboratory (AFRL) for secure system research and development. The Tenets were first documented in 2005 as a teachable methodology. The Tenets are motivated by a system threat model that itself consists of three elements which must exist for successful attacks to occur:-system susceptibility;-threat accessibility and;-threat capability. The Three Tenets arise naturally by countering each threat element individually. Specifically, the tenets are: Tenet 1: Focus on What's Critical-systems should include only essential functions (to reduce susceptibility); Tenet 2: Move Key Assets Out-of-Band-make mission essential elements and security controls difficult for attackers to reach logically and physically (to reduce accessibility); Tenet 3: Detect, React, Adapt-confound the attacker by implementing sensing system elements with dynamic response technologies (to counteract the attackers' capabilities). As a design methodology, the Tenets mitigate reverse engineering and subsequent attacks on complex systems. Quantified by a Bayesian analysis and further justified by analytic properties of attack graph models, the Tenets suggest concrete cyber security metrics for system assessment.
2017
Today’s society relies upon the smooth and secure functioning of the mission-critical infrastructures and their services. Much of this critical infrastructure relies on the complex cyber-physical systems and the industrial control systems. In recent years, securing these two types of systems has been a top priority due to a significant increase in number of attacks. Most of these systems are often several decades old, and they were developed without significant consideration of the security requirements. As such, there is an urgent need to protect these cyber-physical and industrial systems from external vulnerabilities. In this paper, we present a survey of the cyber-physical and industrial control systems, and explore the possibility and necessity for security of such systems. We discuss the various types of cyber-physical and industrial control systems currently being used, assess the vulnerabilities of such systems, discuss the literature on the cyber-physical and industrial con...
Asian Research Publishing Network (ARPN), 2017
Cyber-Physical Systems (CPSs) are currently widely used in people's daily lives but present risks and threats, especially when used by cybercriminals against the governments, corporations, organizations, or individuals. CPS applications are increasingly becoming attractive and are targeted by cyber-attacks. Tools and theories that can be used by organizations and researchers to understand the types of new threats and the impacts that each threat can cause to the physical systems are lacking at present. In this research, current physical security threats of CPSs for the last few years are investigated to briefly describe the usage, application domains, and security challenges of CPSs in their field of application. This work serves a basis for further studies on cyber physical security.
Securing industrial control system environments: the missing piece
Journal of Cyber Security Technology, 2018
Cyber-attacks on Industrial Control Systems (ICS) are no longer matters of anticipation. Industrial infrastructures are continually being targeted by malicious cyber actors with very little resistance on their paths. From network breaches to data theft, denial of service attacks to privilege escalation; command and control functions have in some way been exerted on targeted industrial systems. Safety, security, resilience, reliability and performance require private industrial control system user organizations and the public sector to device strategies and steps towards dealing decisively to these emerging and increasing ICS cyber security concerns. There are already couple security solutions proposed by governments, private organizations, academia, and industries for achieving this goal. This discourse reviews the ICS security risk landscape, current security strategies and solutions with a view to discovering the gaps or weaknesses in the effective mitigation of cyber-attacks, and the enhancement of cyber security. Notable fissures in existing ICS security solutions include: greater emphasis on technology security while discounting other critical bits like people and processes, which is clearly incongruent with emerging security threats and attack trends, the unilateral dimension strategy towards security which focuses more on SCADA systems, and the emergence of more sector-specific solutions as against generic security solutions. Better solutions include approaches that follow similar evolutionary patterns as the problem trend. These include cyber security measures that would embrace constant evolution in response to changes in the threat, vulnerabilities, attacks, and impact domains. Solutions that recognise and capture; people, process, and technology security enhancement into a single system entity with holistic provisioning that can meet all three-entity vulnerabilities for a more secured ICS environment.
Proceedings of the 6th ACM on Cyber-Physical System Security Workshop, 2020
A design-centric modeling approach was proposed to model the behaviour of the physical processes controlled by Industrial Control Systems (ICS) and study the cascading impact of data-oriented attacks. A threat model was used as input to guide the construction of the CPS model where control components which are within the adversary's intent and capabilities are extracted. The relevant control components are subsequently modeled together with their control dependencies and operational design specifications. The approach was demonstrated and validated on a water treatment testbed. Attacks were simulated on the testbed model where its resilience to attacks was evaluated using proposed metrics such as Impact Ratio and Time-to-Critical-State. From the analysis of the attacks, design strengths and weaknesses were identified and design improvements were recommended to increase the testbed's resilience to attacks. CCS CONCEPTS • Security and privacy → Distributed systems security; • Computer systems organization → Sensors and actuators; Reliability; Redundancy.