Abstract
We argue that cyber-physical systems cannot be protected just by protecting their IT infrastructure and that the CIA approach to security is insufficient. Rather, the IT components should be treated as a control system, inputs to that control system should be checked for veracity, and control algorithms should be designed in a way that they can handle a certain amount of adversarial actions.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
- 2.
- 3.
The earliest source in the authors’ possession is a draft for ISO 7498/2 from 1985.
- 4.
https://www.shodan.io/, accessed February 2015.
- 5.
References
Anderson, R.: Security engineering. John Wiley & Sons, Hoboken (2008)
Arends, R., Koch, P.: DNS for fun and profit. In: 12. DFN-CERT Workshop, 2005 (2005). https://www.dfn-cert.de/dokumente/workshop/2005/dfncert-ws2005-f7paper.pdf. Accessed February 2015
Borselius, N.: Mobile agent security. Electron. Commun. Eng. J. 14(5), 211–218 (2002)
Clark, D.R., Wilson, D.R.: A comparison of commercial and military computer security policies. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 184–194 (1987)
CPS Steering Group. Cyber-physical systems executive summary (2008). http://iccps.acm.org/2013/_doc/CPS-Executive-Summary.pdf. Accessed February 2015
Gollmann, D.: Veracity, plausibility, and reputation. In: Askoxylakis, I., Pöhls, H.C., Posegga, J. (eds.) WISTP 2012. LNCS, vol. 7322, pp. 20–28. Springer, Heidelberg (2012)
Howard, S., Lorenzin, L.: Utilize open standards to protect control systems networks. RTC Magazine, pp. 28–31, February 2010
Hruska, J.: Computer viruses. In: Grover, D. (ed.) The Protection of Computer Software - Its Technology and Applications, 2nd edn, pp. 183–219. Cambridge University Press, Cambridge (1992)
Khalili, A., Sami, A., Azimi, M., Moshtari, S., Salehi, Z., Ghiasi, M., Safavi, A.: Employing secure coding practices into industrial applications: a case study. Empirical Software Engineering, pp. 1–13, December 2014
Krotofil, M., Cárdenas, A.A., Manning, B., Jason Larsen, C.P.S.: Driving cyber-physical systems to unsafe operating conditions by timing DoS attacks on sensor signals. In Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC 2014, pp. 146–155. ACM, New York (2014)
Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 3(9), 49–51 (2011)
Langner, R.: To kill a centrifuge. Technical report, Langner Communications (2013)
Lee, E.A.: Cyber-physical systems - are computing foundations adequate? NSF Workshop on Cyber-Physical Systems (2006)
Leishear, R.A.: Fluid Mechanics. Dynamic Stresses, and Piping Design. ASME, Water Hammer (2013)
Sherr, M., Blaze, M., Loo, B.T.: Veracity: Practical secure network coordinates via vote-based agreements. In: USENIX Annual Technical Conference (USENIX-ATC). USENIX, June 2009
Tippenhauer, N.O., Pöpper, C., Rasmussen, K.B., Capkun, S.: On the requirements for successful GPS spoofing attacks. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 75–86. ACM (2011)
Tippenhauer, N.O., Rasmussen, K.B., Pöpper, C., Čapkun, S.: Attacks on public WLAN-based positioning systems. In: Proceedings of the 7th International Conference on Mobile Systems, Applications, and Services, pp. 29–40. ACM (2009)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Gollmann, D., Krotofil, M. (2016). Cyber-Physical Systems Security. In: Ryan, P., Naccache, D., Quisquater, JJ. (eds) The New Codebreakers. Lecture Notes in Computer Science(), vol 9100. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-49301-4_14
Download citation
DOI: https://doi.org/10.1007/978-3-662-49301-4_14
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-49300-7
Online ISBN: 978-3-662-49301-4
eBook Packages: Computer ScienceComputer Science (R0)