Abstract
System assurance is the justified confidence that a system functions as intended and is free of exploitable vulnerabilities, either intentionally or unintentionally designed or inserted as part of the system at any time during the life cycle. The computation and communication backbone of cyber-physical systems (CPS), coupled with readily available technological advances, makes them vulnerable to classes of threats previously not relevant for many physical control and computational systems. The design of resilient CPS encompasses not only the increasingly new ways in which these systems are vulnerable to adversarial disruption (security) but also how these systems behave in an operational environment and with each other given increasing levels of autonomy and self-learning (function), as well as increasing interdependencies (net-centric connectedness). As CPS are interconnected, the concept of system trust reflects the extent to which one system’s assurance is dependent on another system’s assurance; in other words, the acceptance of that dependence implies trust between the two. System assurance can be met only through a comprehensive and aggressive systems engineering approach that encompasses the following three critical dimensions: (1) the structure of systems, including architecture and accounting for various kinds of dynamism for the purpose of resiliency and autonomy, (2) the process and engineering activities by which systems are constructed, evolved, and sustained, including mechanisms for measurement of critical attributes and management of alternatives and commitments, and (3) the supporting models and techniques through which evidence can be created to support assurance judgments.
This chapter discusses historical and emerging methods for evaluation and design of system assurance pertaining to CPS. Current assurance methods and tools are all 40–65 years old, while the technology and system compositions are very different today. There is a recognition of the need for new tools that address the inherent complications of today’s complex interconnected systems. The chapter provides context by reviewing traditional system assurance practices, their benefits and shortfalls, and obviating the need for new practices in an era of emerging complexity and risk of cyber attacks. The chapter then discusses how assurance practices can be improved using new design strategies that rely on both functional and formal design methods.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
NSF. (2013). Cyber-physical systems. National Science Foundation (NSF) program solicitation 16-549, NSF document number nsf16549, March 4, 2016. [online] Retrieved June 1, 2017, from https://www.nsf.gov/publications/pub_summ.jsp?ods_key=nsf16549
NIST. (2016). National Institute for Standards and Technology (NIST) Framework for Cyber-Physical Systems Release 1.0: Cyber Physical Systems Public Working Group (Rep.). May 2016. Retrieved June 1, 2017, from https://pages.nist.gov/cpspwg/
Griffor, E. (Ed.). (2016). Handbook of system safety and security: Cyber risk and risk management, cyber security, adversary modeling, threat analysis, business of safety, functional safety, software systems, and cyber physical systems. Cambridge, MA: Syngress.
Avižienis, A., Laprie, J., Randell, B., & Landwehr, C. (2004). Basic concepts and taxonomy of dependable and secure computing. IEEE Transactions on Dependable and Secure Computing, 1(1), 11–22.
DoDI. (2014). Department of Defense Instruction (DoDI) 8500.01, Cybersecurity. March 14, 2014.
Reed, M. (2016). DoD Strategy for Cyber Resilient Weapon Systems. In Paper presented at the National Defense Industries Association, Annual Systems Engineering Conference, Alexandria VA, October 2016.
Boehm, B., & Kukreja, N. (2015). An initial ontology for system qualities. INCOSE International Symposium, 25(1), 341–356.
Newman, M., Barabasi, A., & Watts, D. (2011). The structure and dynamics of networks. Princeton, NJ: Princeton University Press.
Geard, N. (2010). In T. Gross & H. Sayama (Eds.), Adaptive networks: Theory, models and applications. Berlin: Springer-Verlag.
NATO. (2010). North Atlantic Treaty Organization (NATO), engineering for system assurance in NATO programs. Washington, DC: NATO Standardization Agency. DoD 5220.22M-NISPOM-NATO-AEP-67, February 2010.
Hilburn, T., Ardis, M., Johnson, G., Kornecki, A., & Mead, N. (2013). Software assurance competency model. Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University. Technical Note CMU/SEI-2013-TN-004, 2013. Retrieved October 1, 2018, from http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=47953
McDermott, T., & Horowitz, B. (2017). Human Capital Development – Resilient Cyber Physical Systems. Systems Engineering Research Center (SERC) Technical Report SERC-2017-TR-075, September 29, 2017. Retrieved October 1, 2018, from https://sercuarc.org/publication/?id=163&pub-type=Technical-Report&publication=SERC-2017-TR-113-Human+Capital+Development+%E2%80%93+Resilient+Cyber+Physical+Systems
Wan, J., Canedo, A., & Al Faruque, M. (2015). Security-aware functional modeling of cyber-physical systems. In 2015 IEEE 20th International Conference on Emerging Technology & Factory Automation (ETFA) 2015 (pp. 1–4).
Rashid, N., Wan, J., Quiros, G., Canedo, A., & Al Faruque, M. (2017). Modeling and simulation of cyberattacks for resilient cyber-physical systems. In 13th IEEE Conference on Automation Science and Engineering (CASE) 2017 (pp. 988–993).
Benner, L. (1975). Accident investigations: Multilinear events sequencing methods. Journal of Safety Research, 7(2), 67–73. 3.
Leveson, N. (2012). Engineering a safer world: Systems thinking applied to safety (p. 13). Cambridge, MA: MIT Press.
Goldman, H. (2010, November). Building secure, resilient architectures for cyber mission assurance. McLean, VA: The MITRE Corporation.
Young, W., & Leveson, N. (2013). Systems thinking for safety and security. In Proceedings of the 29th Annual Computer Security Applications Conference (ACSAC ’13) (pp. 1–8). New York: ACM.
Lu, Y., Ferrese, F., & Labouliere, M. (2007) Anti-threat mobile agent-based ship freshwater cooling system. In Automation & Controls Symposium.
Lu, Y., Kuruganty, R., Al Faruque, M. A., Ren, Q., Zhang, W., & Scheidt, P. R. D. (2012). Risk based multi-agent chilled water control system for a more survivable naval ship. International Journal of Intelligent Control and Systems, 17(4), 102–112. 14.
Hirtz, J., Stone, R. B., Szykman, S., McAdams, D. A., & Wood, K. L. (2001). Evolving a functional basis for engineering design. In Proceedings of the ASME Design Engineering Technical Conference: DETC2001, Pittsburgh, PA.
Hirtz, J., Stone, R., McAdams, D., Szykman, S., & Wood, K. L. (2002). A functional basis for engineering design: Reconciling and evolving previous efforts. Research in Engineering Design, 13, 65. https://doi.org/10.1007/s00163-001-0008-3.
Wan, J., Canedo, A., & Al Faruque, M. (2014, December). Functional model-based design methodology for automotive cyber-physical systems. IEEE Systems Journal, 11(4), 2028–2039.
Wan, J., Canedo, A., & Al Faruque, M. (2015). Cyber-physical co-design at the functional-level for multi-domain automotive systems. IEEE Systems Journal, 11(4), 2949–2959.
Friedenthal, S., Moore, A., & Steiner, R. (2014). A practical guide to SysML: The systems modeling language. Amsterdam: Morgan Kaufmann.
Kruse, B., Gilz, T., Shea, K., & Eigner, M. (2014). Systematic comparison of functional models in SysML for design library evaluation. Procedia CIRP, 21, 34–39.
Weilkiens, T. (2011). Systems engineering with SysML/UML: Modeling, analysis, design. Burlington, MA: Morgan Kaufmann.
Li, L. (2007). Topologies of complex networks: Functions and structures. Pasadena, CA: California Institute of Technology.
Baresi, L., & Heckel, R. (2002). Tutorial introduction to graph transformation: A software engineering perspective. In International Conference on Graph Transformation. Berlin: Springer.
Ehrig, H., Rozenberg, G., & Kreowski, H. (1999). Handbook of graph grammars and computing by graph transformation (Vol. 3). London: World Scientific.
Karsai, G., Agrawal, A., Shi, F., & Sprinkle, J. (2003). On the use of graph transformation in the formal specification of model interpreters. J. UCS, 9(11), 1296–1321.
Plasmeijer, R., Van Eekelen, M., & Plasmeijer, M. (1993). Functional programming and parallel graph rewriting (Vol. 857). Reading, MA: Addison-Wesley.
Manadhata, P., Tan, K. M., Maxion, R. A., & Wing, J. M. (2007). An approach to measuring a system’s attack surface. No. CMU-CS-07-146. Pittsburg, PA: Carnegie-Mellon University, School of Computer Science.
Sheyner, O., Haines, J., Jha, S., Lippmann, R., & Wing, J. (2002). Automated generation and analysis of attack graphs. In Proceedings of the 2002 IEEE Symposium on Security and Privacy (SP ’02). Washington, DC: IEEE Computer Society.
Apvrille, L., & Roudier, Y. (2015). SysML-sec attack graphs: Compact representations for complex attacks. In International Workshop on Graphical Models for Security. Cham: Springer.
Luckett, B. (2013). Integration of graphical modeling techniques as a structural framework for system-aware cyber security architecture selection. Thesis from http://libra.virginia.edu/catalog/libra-oa:3720
Aguilar, J. (2009, June 4). Design assurance guide. aerospace.wpengine.netdna-cdn.com/wp-content/uploads/2015/04/TOR-20098591-11-Design-Assurance-Guide.pdf. Accessed online via DTIC, 12 Nov 2018.
Caslake, S. (1974). Quality assurance. IEEE Transactions on Nuclear Science, 21(1), 1974. https://doi.org/10.1109/TNS.1974.4327589.
Rachowitz, B., Maue, R. K., Angrisano, N. P., & Abramson, B. (1991). A guide to engineering workstations: Using workstations efficiently. IEEE Spectrum, 28(4), 38–40. https://doi.org/10.1109/6.76301.
Alberts, C, Ellison, R, & Woody, C (2009). Cyber assurance. 2009 CERT Research Report. Software Engineering Institute, Carnegie Mellon University. Available at http://resources.sei.cmu.edu/library/asset-view.cfm?assetid=77638
Brooks, T. (2018). Cyber-assurance for the internet of things. New York: Wiley. Accessed 2018.
Wolf, M., & Dimitrios, S. (2018). Safety and security in cyber-physical systems and internet-of-things systems. Proceedings of the IEEE, 106(1), 9–20. https://doi.org/10.1109/JPROC.2017.2781198.
Pothon, F. (2012). DO-178C/ED-12C versus DO-178B/ED-12B Changes and Improvements. www.adacore.com/uploads/books/pdf/DO178C-ED12C-Changes_and_Improvements-Sep2012.pdf. Report generated from ACG Solution on the new update to the standards.
Nakajima, S., Talpin, J. P., Toyoshima, M., & Yu, H. (Eds.). (2018). Cyber-physical system design from an architecture analysis viewpoint: Communications of NII Shonan meetings (Vol. 2017). Singapore: Springer.
Mitsch, S., & Platzer, A. (2016). Modelplex: Verified runtime validation of verified cyber-physical system models. Formal Methods in System Design, 49(1–2), 33–74. https://doi.org/10.1007/s10703-016-0241-z.
Sedjelmaci, H., Senouci, S. M., & Ansari, N. (2018). A hierarchical detection and response system to enhance security against lethal cyber attacks in UAV networks. IEEE Transactions on Systems, Man & Cybernetics. Systems, 48(9), 1594–1606.
Brissaud, F., Barros, A., Be’renguer, C., & Charpentier, D. (2009). Reliability study of an intelligent transmitter. In 15th IS- SAT International Conference on Reliability and Quality in Design. (pp. 224–233). International Society of Science and Applied Technologies.
Modarres, M., & Cheon, S. (1999). Function-centered modeling of engineering systems using the goal tree–success tree technique and functional primitives. Reliability Engineering & System Safety, 64(2), 181–200.
Sabaliauskaite, G., & Adepu, S. (2017). Integrating six-step model with information flow diagrams for comprehensive analysis of cyber-physical system safety and security. In Proceedings of IEEE International Symposium on High Assurance Systems Engineering (pp. 41–48). https://doi.org/10.1109/HASE.2017.25.
Akella, R., Tang, H., & McMillin, B. (2010). Analysis of information flow security in cyber-physical systems. International Journal of Critical Infrastructure Protection, 3(3–4), 157–173.
Hasuo, I. (2017). Metamathematics for systems design: Comprehensive transfer of formal methods techniques to cyber-physical systems. New Generation Computing, 1-35, 1–35. https://doi.org/10.1007/s00354-017-0023-1.
Bliudze, S., Furic, S., Sifakis, J., & Viel, A. (2017). Rigorous design of cyber-physical systems. Software & Systems Modeling, 2(2), 1–24. https://doi.org/10.1007/s10270-017-0642-5.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
McDermott, T.A., Canedo, A., Clifford, M.M., Quirós, G., Sitterle, V.B. (2019). System Assurance in the Design of Resilient Cyber-Physical Systems. In: Al Faruque, M., Canedo, A. (eds) Design Automation of Cyber-Physical Systems. Springer, Cham. https://doi.org/10.1007/978-3-030-13050-3_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-13050-3_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-13049-7
Online ISBN: 978-3-030-13050-3
eBook Packages: EngineeringEngineering (R0)