SURE: A Modeling and Simulation Integration Platform for Evaluation of SecUre and REsilient Cyber-Physical Systems (original) (raw)
Related papers
Integrated simulation testbed for security and resilience of CPS
Proceedings of the 33rd Annual ACM Symposium on Applied Computing
Owing 1 to an immense growth of internet-connected and learningenabled cyber-physical systems (CPSs) [1], several new types of attack vectors have emerged. Analyzing security and resilience of these complex CPSs is difficult as it requires evaluating many subsystems and factors in an integrated manner. Integrated simulation of physical systems and communication network can provide an underlying framework for creating a reusable and configurable testbed for such analyses. Using a model-based integration approach and the IEEE High-Level Architecture (HLA) [2] based distributed simulation software; we have created a testbed for integrated evaluation of large-scale CPS systems. Our tested supports web-based collaborative metamodeling and modeling of CPS system and experiments and a cloud computing environment for executing integrated networked co-simulations. A modular and extensible cyber-attack library enables validating the CPS under a variety of configurable cyber-attacks, such as DDoS and integrity attacks. Hardware-in-the-loop simulation is also supported along with several hardware attacks. Further, a scenario modeling language allows modeling of alternative paths (Courses of Actions) that enables validating CPS under different what-if scenarios as well as conducting cyber-gaming experiments. These capabilities make our testbed well suited for analyzing security and resilience of CPS. In addition, the webbased modeling and cloud-hosted execution infrastructure enables one to exercise the entire testbed using simply a web-browser, with integrated live experimental results display.
Fundamental Challenges of Cyber-Physical Systems Security Modeling
2020 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S)
Systems modeling practice lacks security analysis tools that can interface with modeling languages to facilitate security by design. Security by design is a necessity in the age of safety critical cyber-physical systems, where security violations can cause hazards. Currently, the overlap between security and safety is narrow. But deploying cyber-physical systems means that today's adversaries can intentionally trigger accidents. By implementing security assessment tools for modeling languages we are better able to address threats earlier in the system's lifecycle and, therefore, assure their safe and secure behavior in their eventual deployment. We posit that cyberphysical systems security modeling is practiced insufficiently because it is still addressed similarly to information technology systems.
Co-Simulation Platform for Characterizing Cyber Attacks in Cyber Physical Systems
2015 IEEE Symposium Series on Computational Intelligence, 2015
Smart grid is a complex cyber physical system containing numerous and variety of sources, devices, controllers and loads. Communication/Information infrastructure is the backbone of the smart grid system where different grid components are connected with each other through this structure. Therefore, the drawbacks of the information technology related issues are also becoming a part of the smart grid. Further, smart grid is also vulnerable to the grid related disturbances. For such a dynamic system, disturbance and intrusion detection is a paramount issue. This paper presents a Simulink and OPNET based co-simulated platform to carry out a cyber-intrusion in a cyber-network for modern power systems and smart grids. The cyber-attack effect is also characterized for the physical power system. The effectiveness of the co-simulated platform is demonstrated by the IEEE 30 bus power system model. The distributed denial of service attack, in terms of tampering with the circuit breaker reclosing signal was carried out in the cyber network to see its effect on the physical network. Different physical fault situations in the test system are considered and the results indicate the effectiveness of the proposed co-simulated scheme.
Threat Modeling of Cyber-Physical Systems in Practice
2021
Traditional Cyber-physical Systems (CPSs) were not built with cybersecurity in mind. They operated on separate Operational Technology (OT) networks. As these systems now become more integrated with Information Technology (IT) networks based on IP, they expose vulnerabilities that can be exploited by the attackers through these IT networks. The attackers can control such systems and cause behavior that jeopardizes the performance and safety measures that were originally designed into the system. In this paper, we explore the approaches to identify threats to CPSs and ensure the quality of the created threat models. The study involves interviews with eleven security experts working in security consultation companies, software engineering companies, an Original Equipment Manufacturer (OEM), and ground and areal vehicles integrators. We found through these interviews that the practitioners use a combination of various threat modeling methods, approaches, and standards together when they...
A Preliminary Design-Phase Security Methodology for Cyber–Physical Systems
Systems
Despite “cyber” being in the name, cyber–physical systems possess unique characteristics that limit the applicability and suitability of traditional cybersecurity techniques and strategies. Furthermore, vulnerabilities to cyber–physical systems can have significant safety implications. The physical and cyber interactions inherent in these systems require that cyber vulnerabilities not only be defended against or prevented, but that the system also be resilient in the face of successful attacks. Given the complex nature of cyber–physical systems, the identification and evaluation of appropriate defense and resiliency strategies must be handled in a targeted and systematic manner. Specifically, what resiliency strategies are appropriate for a given system, where, and which should be implemented given time and/or budget constraints? This paper presents two methodologies: (1) the cyber security requirements methodology and (2) a systems-theoretic, model-based methodology for identifying...
Asian Research Publishing Network (ARPN), 2017
Cyber-Physical Systems (CPSs) are currently widely used in people's daily lives but present risks and threats, especially when used by cybercriminals against the governments, corporations, organizations, or individuals. CPS applications are increasingly becoming attractive and are targeted by cyber-attacks. Tools and theories that can be used by organizations and researchers to understand the types of new threats and the impacts that each threat can cause to the physical systems are lacking at present. In this research, current physical security threats of CPSs for the last few years are investigated to briefly describe the usage, application domains, and security challenges of CPSs in their field of application. This work serves a basis for further studies on cyber physical security.
Hazard Driven Threat Modelling for Cyber Physical Systems
Proceedings of the 2020 Joint Workshop on CPS&IoT Security and Privacy, 2020
Adversarial actors have shown their ability to infiltrate enterprise networks deployed around Cyber Physical Systems (CPSs) through social engineering, credential stealing and file-less infections. When inside, they can gain enough privileges to maliciously call legitimate APIs and apply unsafe control actions to degrade the system performance and undermine its safety. Our work lies at the intersection of security and safety, and aims to understand dependencies among security, reliability and safety in CPS/IoT. We present a methodology to perform hazard driven threat modelling and impact assessment in the context of CPSs. The process starts from the analysis of behavioural, functional and architectural models of the CPS. We then apply System Theoretic Process Analysis (STPA) on the functional model to highlight high-level abuse cases. We leverage a mapping between the architectural and the system theoretic (ST) models to enumerate those components whose impairment provides the attacker with enough privileges to tamper with or disrupt the data-flows. This enables us to find a causal connection between the attack surface (in the architectural model) and system level losses. We then link the behavioural and system theoretic representations of the CPS to quantify the impact of the attack. Using our methodology it is possible to compute a comprehensive attack graph of the known attack paths and to perform both a qualitative and quantitative impact assessment of the exploitation of vulnerabilities affecting target nodes. The framework and methodology are illustrated using a small scale example featuring a Communication Based Train Control (CBTC) system. Aspects regarding the scalability of our methodology and its application in real world scenarios are also considered. Finally, we discuss the possibility of using the results obtained to engineer both design time and real time defensive mechanisms. CCS CONCEPTS • Security and privacy → Distributed systems security; Information flow control.
Cyber-Physical Security Test Bed: A Platform for Enabling Collaborative Cyber Defense Methods
Energy cyber physical systems such as power systems are increasingly controlled by embedded microcontrollers that are connected to communication networks. Thus, modern power systems are increasingly under increased threat of cyber-attacks and tools are required to research the impact of these threats to the physical system. Cyber-attacks can be carried out in an electrical power system for the purpose of controlling switching devices or circuit breakers. Such attacks could weaken the power system or result in a power outage. A cyber physical security test bed is a necessary tool for conducting research in cyber physical security. It provides a platform by which attacks are simulated and evaluated on cyber physical systems. Methods to mitigate these threats can be validated in the same platform. This paper presents a hardware-in-the-loop based cyber-physical security test bed for substations. It consists of commercial equipment, and has capabilities to simulate the potential cyber threats and attacks, detect cyber intrusions, and could be used to validate cyber attack mitigation methods. A power system is modeled containing a detailed substation and simulated using Real Time Digital Simulator (RTDS), which is connected to Intelligent Electronic Devices (IEDs) and substation gateway to mimic power system protections and operations. Various types of cyber threats and intrusions are tested using this test bed to check the consequences and impacts of cyber attacks to power grids.
Cyber-Resilience Evaluation of Cyber-Physical Systems
2020 IEEE 19th International Symposium on Network Computing and Applications (NCA)
Cyber-Physical Systems (CPS) use computational resources to control physical process and provide critical services. For this reason, an attack in these systems may have dangerous consequences in the physical world. Hence, resilience is a fundamental property to ensure the safety of the people, the environment and the controlled physical process. In this paper, we present metrics to quantify the resilience level based on the design, structure, stability, and performance under the attack of a given CPS. The metrics provide reference points to evaluate whether the system is better prepared or not to face the adversaries. This way, it is possible to quantify the ability to recover from an adversary using its mathematical model based on switched linear systems and actuators saturation. Finally, we validate our approach using a numeric simulation on the Tennesse Eastman control challenge problem.
Systems Science of Secure and Resilient Cyberphysical Systems
2020
tions, cyberphysical systems (CPSs) are engineered systems where functionality emerges from the networked interaction of computational and physical processes. The tight integration creates novel systems with revolutionary impacts. This is evident in autonomous vehicles, military platforms, intelligent buildings, smart energy systems, robots, and smart medical devices. Emerging industrial platforms such as the Internet of Things (IoT) are triggering a gold rush toward new markets and creating societal-scale systems that, in addition to the synergy of computational and physical components, interact closely with humans (H-CPSs). A profound revolution driven by technology and market forces is turning whole industrial sectors into producers of CPSs. This innovation is not about adding computing and communication equipment to conventional products where both sides maintain separate identities. It is about merging computing and networking with physical systems to create new capabilities an...