Cyber-Physical Systems (CPS) have been increasingly subject to cyber-attacks including code injection attacks. Zero day attacks further exasperate the threat landscape by requiring a shift to defense in depth approaches. With the tightly coupled nature of cyber components with the physical domain, these attacks have the potential to cause significant damage if safety-critical applications such as automobiles are compromised. Moving target defense techniques such as instruction set randomization (ISR) have been commonly proposed to address these types of attacks. However, under current implementations an attack can result in system crashing which is unacceptable in CPS. As such, CPS necessitate proper control reconfiguration mechanisms to prevent a loss of availability in system operation. This paper addresses the problem of maintaining system and security properties of a CPS under attack by integrating ISR, detection, and recovery capabilities that ensure safe, reliable, and predictable system operation. Specifically, we consider the problem of detecting code injection attacks and reconfiguring the controller in real-time. The developed framework is demonstrated with an autonomous vehicle case study.
more »
« less
Evaluating the effects of cyber-attacks on cyber physical systems using a hardware-in-the-loop simulation testbed
Cyber-Physical Systems (CPS) consist of embedded computers with sensing and actuation capability, and are integrated into and tightly coupled with a physical system. Because the physical and cyber components of the system are tightly coupled, cyber-security is important for ensuring the system functions properly and safely. However, the effects of a cyberattack on the whole system may be difficult to determine, analyze, and therefore detect and mitigate. This work presents a model based software development framework integrated with a hardware-in-the-loop (HIL) testbed for rapidly deploying CPS attack experiments. The framework provides the ability to emulate low level attacks and obtain platform specific performance measurements that are difficult to obtain in a traditional simulation environment. The framework improves the cybersecurity design process which can become more informed and customized to the production environment of a CPS. The developed framework is illustrated with a case study of a railway transportation system.
more »
« less
- Award ID(s):
- 1743772
- NSF-PAR ID:
- 10076128
- Date Published:
- Journal Name:
- 2017 Resilience Week (RWS)
- Page Range / eLocation ID:
- 177 to 183
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
Cyber-physical systems (CPS) extensively share information with each other, work collaboratively over Internet of Things, and seamlessly integrated with human society. Designing CPS requires the new consideration of design for connectivity where security, privacy, and trust are of the main concerns. Particularly trust can affect system behavior in a networked environment. In this paper, trustworthiness is quantitatively measured by the perceptions of ability, benevolence, and integrity. Ability indicates the capabilities of sensing, reasoning, and influence in a society. Benevolence measures the genuineness of intention and reciprocity in information exchange. Integrity captures the system predictability and dependability. With these criteria, trust-based CPS network design and optimization are demonstrated.more » « less
-
null (Ed.)Cyber-Physical Systems (CPS) are important components of critical infrastructure and must operate with high levels of reliability and security. We propose a conceptual approach to securing CPSs: the Cyber-Physical Immune System (CPIS), a collection of hardware and software elements deployed on top of a conventional CPS. Inspired by its biological counterpart, the CPIS comprises an independent network of distributed computing units that collects data from the conventional CPS, utilizes data-driven techniques to identify threats, adapts to the changing environment, alerts the user of any threats or anomalies, and deploys threat-mitigation strategies.more » « less
-
Owing1 to an immense growth of internet-connected and learning-enabled cyber-physical systems (CPSs) [1], several new types of attack vectors have emerged. Analyzing security and resilience of these complex CPSs is difficult as it requires evaluating many subsystems and factors in an integrated manner. Integrated simulation of physical systems and communication network can provide an underlying framework for creating a reusable and configurable testbed for such analyses. Using a model-based integration approach and the IEEE High-Level Architecture (HLA) [2] based distributed simulation software; we have created a testbed for integrated evaluation of large-scale CPS systems. Our tested supports web-based collaborative metamodeling and modeling of CPS system and experiments and a cloud computing environment for executing integrated networked co-simulations. A modular and extensible cyber-attack library enables validating the CPS under a variety of configurable cyber-attacks, such as DDoS and integrity attacks. Hardware-in-the-loop simulation is also supported along with several hardware attacks. Further, a scenario modeling language allows modeling of alternative paths (Courses of Actions) that enables validating CPS under different what-if scenarios as well as conducting cyber-gaming experiments. These capabilities make our testbed well suited for analyzing security and resilience of CPS. In addition, the web-based modeling and cloud-hosted execution infrastructure enables one to exercise the entire testbed using simply a web-browser, with integrated live experimental results display.more » « less
-
The development of Cyber-Physical Systems (CPS) and the Internet of Things (IoT) has influenced Cyber-Physical Manufacturing Systems (CPMS). Collaborative manufacturing among organizations with geographically distributed operations using Nanomanufacturing (NM) requires integrated networking for enhanced productivity. The present research provides a unique cyber nanomanufacturing framework by combining digital design with various artificial neural networks (ANN) approaches to predict the optimal nano/micro-manufacturing process. It enables the visualization tool for real-time allocation of nano/micro-manufacturing resources to simulate machine availability for five types of NM processes in real-time for a dynamic machine identification system. This research establishes a foundation for a smart agent system with predictive capabilities for cyber nanomanufacturing in real-time.more » « less