Design and Run-Time Aspects of Secure Cyber-Physical Systems
Cyber-Physical Systems (CPSs) combine computational and physical components enabling real-world interaction. Digitization, decentralization, and high connectivity, as well as incorporation of various enabling technologies, raise various security issues. These security concerns may affect safety, endangering assets and even human lives. This is especially true for CPS utilization in different sectors of great significance, including manufacturing or critical infrastructures, creating a need for efficiently handling relevant security issues. Including security as part of a software-intensive technical system (i.e., the CPS) that can be distributed and highly resilient highlights the need for appropriate security methodologies to be applied on the CPS from the engineering stage during CPS design. The efficient security-related processes that are implemented at design time have an impact on security monitoring during the CPS operational phase (at run-time). Efficient and accurate security monitoring that follows security-by-design principles can be a potent tool in the hands of the CPS manager for detecting and mitigating cyber threats. Monitoring traffic and activity at the system boundaries, detecting changes to device status and configuration, detecting suspicious activity indicating attacks, detecting unauthorized activity that is suspicious or violates security policies, and timely responding to security incidents and recovering from them are issues that need to be efficiently tackled with by security monitoring. In this chapter, we explore the various CPS cybersecurity threats and discuss how adding security as a parameter at the CPS design phase can provide a well-structured and efficient approach on providing strong security CPS foundations. New technologies on CPS security design are presented and emerging security directions are discussed. Furthermore, in the chapter, the different aspects of security monitoring are presented with a special emphasis on CPSs, discussing the various existing monitoring approaches that are followed in order to detect security issues at run-time. Specific use cases of CPSs in the manufacturing domain and with reference to critical infrastructures are also detailed and security requirements like confidentiality, integrity, and availability are discussed.
KeywordsSecurity by design Security run-time monitoring Cyber-physical systems security Cybersecurity Digital Twins
Unable to display preview. Download preview PDF.
This work is supported by the project "I3T—Innovative Application of Industrial Internet of Things (IIoT) in Smart Environments” (MIS 5002434) implemented under the “Action for the Strategic Development on the Research and Technological Sector,” funded by the Operational Programme “Competitiveness, Entrepreneurship and Innovation” (NSRF 2014–2020) and co-financed by Greece and the European Union (European Regional Development Fund).
- Baheti, R., & Gill, H. (2011). Cyber-physical systems. The Impact of Control Technology, 12, 161–166.Google Scholar
- Barras, B., Boutin, S., Cornes, C., Courant, J., Filliatre, J.-C., Gimenez, E., et al. (1997). The Coq proof assistant reference manual: Version 6.1 (PhD Thesis). Inria.Google Scholar
- Bécue, A., Fourastier, Y., Praça, I., Savarit, A., Baron, C., Gradussofs, B., et al. (2018). CyberFactory#1—Securing the industry 4.0 with cyber-ranges and digital twins. In 2018 14th IEEE International Workshop on Factory Communication Systems (WFCS) (pp. 1–4). https://doi.org/10.1109/WFCS.2018.8402377.
- Blum, M., & Wasserman, H. (1994). Software reliability via run-time result-checking. Journal of the ACM. Citeseer.Google Scholar
- Byres, E., & Lowe, J. (2004). The myths and facts behind cyber security risks for industrial control systems. In Proceedings of the VDE Kongress (pp. 213–218). Citeseer.Google Scholar
- Cárdenas, A. A., Amin, S., Lin, Z.-S., Huang, Y.-L., Huang, C.-Y., & Sastry, S. (2011). Attacks against process control systems: Risk assessment, detection, and response. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS’11 (pp. 355–366). New York: ACM. https://doi.org/10.1145/1966913.1966959.CrossRefGoogle Scholar
- Chupilko, M., & Kamkin, A. (2013). Runtime verification based on executable models: On-the-fly matching of timed traces. ArXivPrepr. ArXiv13031010.Google Scholar
- Damjanovic-Behrendt, V. (2018). A digital twin architecture for security, privacy and safety. ERCIM NEWS, 115, 25–26.Google Scholar
- Davidson, D., Wu, H., Jellinek, R., Singh, V., & Ristenpart, T. (2016). Controlling UAVs with sensor input spoofing attacks. In 10th USENIX Workshop on Offensive Technologies (WOOT 16).Google Scholar
- Delaware, B., Pit-Claudel, C., Gross, J., & Chlipala, A. (2015). Fiat: Deductive synthesis of abstract data types in a proof assistant. In ACM SIGPLAN notices (pp. 689–700). New York: ACM.Google Scholar
- Dignan, L. (2017). GE aims to replicate digital twin success with security-focused digital ghost. ZDNet.Google Scholar
- Eckhart, M., & Ekelhart, A. (2018b). Securing cyber-physical systems through digital twins. ERCIM NEWS, 115, 22–23.Google Scholar
- Fournaris, A. P., Lampropoulos, K., & Koufopavlou, O. (2017b). Hardware security for critical infrastructures-the CIPSEC project approach. In 2017 IEEE Computer Society Annual Symposium on VLSI (ISVLSI) (pp. 356–361). IEEE.Google Scholar
- Fournaris, A. P., Lampropoulos, K., & Koufopavlou, O. (2018). Trusted hardware sensors for anomaly detection in critical infrastructure systems. In Modern Circuits and Systems Technologies (MOCAST), 2018 7th International Conference (pp. 1–4). IEEE.Google Scholar
- Francia, G., III, Thornton, D., & Brookshire, T. (2012). Cyberattacks on SCADA systems. In Proceeding of the 16th colloquium for Information Systems Education (pp. 9–14).Google Scholar
- Gao, S., Kong, S., & Clarke, E. M. (2013). dReal: An SMT solver for nonlinear theories over the reals. In International Conference on Automated Deduction (pp. 208–214). New York: Springer.Google Scholar
- Gollmann, D. (2012). Security for cyber-physical systems. In International doctoral workshop on Mathematical and Engineering Methods in Computer Science (pp. 12–14). New York: Springer.Google Scholar
- Halfond, W. G., Viegas, J., Orso, A., et al. (2006). A classification of SQL-injection attacks and countermeasures. In Proceedings of the IEEE International Symposium on Secure Software Engineering (pp. 13–15). IEEE.Google Scholar
- Hoare, C. A. R. (1978). Proof of correctness of data representations. In Programming methodology (pp. 269–281). Springer.Google Scholar
- Hwang, H., Jung, G., Sohn, K., & Park, S. (2008). A study on MITM (man in the middle) vulnerability in wireless network using 802.1 X and EAP. In Information Science and Security, 2008. ICISS. International Conference (pp. 164–170). IEEE.Google Scholar
- Kane, A. (2015). Runtime monitoring for safety-critical embedded systems.Google Scholar
- Katsigiannis, K., & Serpanos, D. (2018). MTF-storm: A high performance fuzzer for Modbus/TCP. In 2018 IEEE 23rd International Conference on Emerging Technologies and Factory Automation (ETFA) (pp. 926–931). IEEE.Google Scholar
- Khan, M. T., Serpanos, D., & Shrobe, H. (2016). A rigorous and efficient run-time security monitor for real-time critical embedded system applications. In Internet of Things (WF-IoT), 2016 IEEE 3rd World Forum (pp. 100–105). IEEE.Google Scholar
- Khorshed, M. T., Sharma, N. A., Kumar, K., Prasad, M., Ali, A. B. M. S., & Xiang, Y. (2015). Integrating internet-of-things with the power of cloud computing and the intelligence of big data analytics—A three layered approach. In 2015 2nd Asia-Pacific World Congress on Computer Science and Engineering (APWC on CSE) (pp. 1–8). https://doi.org/10.1109/APWCCSE.2015.7476124.
- Koulamas, C., & Lazarescu, M. T. (2018). Real-time embedded systems: Present and future. MDPI Electronics, 7.Google Scholar
- Kriebel, F., Rehman, S., Hanif, M. A., Khalid, F., & Shafique, M. (2018). Robustness for smart cyber physical systems and internet-of-things: From adaptive robustness methods to reliability and security for machine learning. In 2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI) (pp. 581–586). https://doi.org/10.1109/ISVLSI.2018.00111.
- Lakhina, A., Crovella, M., & Diot, C. (2005). Mining anomalies using traffic feature distributions. In ACM SIGCOMM Computer Communication Review (pp. 217–228). New York: ACM.Google Scholar
- Lei, H., Chen, B., Butler-Purry, K. L., & Singh, C. (2018). Security and reliability perspectives in cyber-physical smart grids. In 2018 IEEE Innovative Smart Grid Technologies - Asia (ISGT Asia) (pp. 42–47). https://doi.org/10.1109/ISGT-Asia.2018.8467794.
- Leverett, E. P. (2011). Quantitatively assessing and visualising industrial system attack surfaces. University of Cambridge, Darwin College, 7.Google Scholar
- Lin, S.-W., Crawford, M., & Mellor, S. (2017a). The industrial internet of things, volume G1: Reference architecture. Industrial Internet Consortium.Google Scholar
- Lin, S.-W., Murphy, B., Clauer, E., Loewen, U., Neubert, R., Bachmann, G., et al. (2017b). Architecture alignment and interoperability - An industrial internet consortium and platform industrie 4.0 joint whitepaper (No. IIC:WHT: IN3: V1.0:PB: 2017120 5).Google Scholar
- Mamdouh, M., Elrukhsi, M. A. I., & Khattab, A. (2018). Securing the internet of things and wireless sensornetworks via machine learning: A survey. In 2018 International Conference on Computer and Applications (ICCA) (pp. 215–218). https://doi.org/10.1109/COMAPP.2018.8460440.
- Maurer, T. (2017). What is a digital twin? Siemens. https://community.plm.automation.siemens.com/t5/Digital-Twin-Knowledge-Base/What-is-a-digital-twin/ta-p/432960.
- Mitchell, R., & Chen, I.-R. (2014). A survey of intrusion detection techniques for cyber-physical systems. ACM Computing Surveys(CSUR), 46, 55.Google Scholar
- Mo, Y., Garone, E., Casavola, A., & Sinopoli, B. (2010). False data injection attacks against state estimation in wireless sensor networks. In 49th IEEE Conference on Decision and Control (CDC) (pp. 5967–5972). https://doi.org/10.1109/CDC.2010.5718158.
- Mouratidis, H., Giorgini, P., & Manson, G. (2003). Integrating security and systems engineering: Towards the modelling of secure information systems. In J. Eder & M. Missikoff (Eds.), Advanced information systems engineering (pp. 63–78). Berlin: Springer.Google Scholar
- Neuman, D. C. (2009). Challenges in security for cyber-physical systems. In DHS workshop on future directions in cyber-physical systems security.Google Scholar
- Paxson, V. (1998). Bro. A system for detecting network intruders in real-time. In Proceedings of the 7th USENIX security symposium.Google Scholar
- Rajkumar, R., Lee, I., Sha, L., & Stankovic, J. (2010). Cyber-physical systems: The next computing revolution. In Design Automation Conference (DAC), 2010 47th ACM/IEEE (pp. 731–736). IEEE.Google Scholar
- Ross, R. S., Katzke, S. W., & Johnson, L. A. (2006). Minimum security requirements for federal information and information systems.Google Scholar
- Santamarta, R. (2012). Here be backdoors: A journey into the secrets of industrial firmware. Black Hat USA.Google Scholar
- Schweichhart, K. (n.d.). Reference architectural model industrie 4.0 (RAMI 4.0) - An introduction.Google Scholar
- Serpanos, D., & Wolf, M. (2017). Internet-of-things (IoT) systems: Architectures, algorithms, methodologies. Cham: Springer.Google Scholar
- Setola, R. (2011). Cyber threats to SCADA systems.Google Scholar
- Soulat, R. (2014). Synthesis of correct-by-design schedulers for hybrid systems (PhD Thesis). École normale supérieure de Cachan-ENS Cachan.Google Scholar
- Tauber, M., & Schmittner, C. (2018). Enabling security and safety evaluation in industry 4.0 use cases with digital twins. ERCIM News.Google Scholar
- Welch, D., & Lathrop, S. (2003). Wireless security threat taxonomy. In Information assurance workshop, 2003. IEEE systems, man and cybernetics society (pp. 76–83). IEEE.Google Scholar
- Yang, J., Yessenov, K., & Solar-Lezama, A. (2012). A language for automatically enforcing privacy policies. In ACM SIGPLAN notices (pp. 85–96). New York: ACM.Google Scholar
- Zhang, M., Duan, Y., Feng, Q., & Yin, H. (2015). Towards automatic generation of security-centric descriptions for android apps. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (pp. 518–529). New York: ACM.Google Scholar