An official website of the United States government
Cyber-Physical Systems (CPS) consist of embedded computers with sensing and actuation capability, and are integrated into and tightly coupled with a physical system. Because the physical and cyber components of the system are tightly coupled, cyber-security is important for ensuring the system functions properly and safely. However, the effects of a cyberattack on the whole system may be difficult to determine, analyze, and therefore detect and mitigate. This work presents a model based software development framework integrated with a hardware-in-the-loop (HIL) testbed for rapidly deploying CPS attack experiments. The framework provides the ability to emulate low level attacks and obtain platform specific performance measurements that are difficult to obtain in a traditional simulation environment. The framework improves the cybersecurity design process which can become more informed and customized to the production environment of a CPS. The developed framework is illustrated with a case study of a railway transportation system.
more »
« less
Metrics-Driven Evaluation of Cybersecurity for Critical Railway Infrastructure
In the past couple of years, railway infrastructure has been growing more connected, resembling more of a traditional Cyber-Physical System model. Due to the tightly coupled nature between the cyber and physical domains, new attack vectors are emerging that create an avenue for remote hijacking of system components not designed to withstand such attacks. As such, best practice cybersecurity techniques need to be put in place to ensure the safety and resiliency of future railway designs, as well as infrastructure already in the field. However, traditional large-scale experimental evaluation that involves evaluating a large set of variables by running a design of experiments (DOE) may not always be practical and might not provide conclusive results. In addition, to achieve scalable experimentation, the modeling abstractions, simulation configurations, and experiment scenarios must be designed according to the analysis goals of the evaluations. Thus, it is useful to target a set of key operational metrics for evaluation and configure and extend the traditional DOE methods using these metrics. In this work, we present a metrics-driven evaluation approach for evaluating the security and resilience of railway critical infrastructure using a distributed simulation framework. A case study with experiment results is provided that demonstrates the capabilities of our testbed.
more »
« less
- Award ID(s):
- 1743772
- PAR ID:
- 10076181
- Date Published:
- Journal Name:
- IEEE Resilience Week
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
Owing1 to an immense growth of internet-connected and learning-enabled cyber-physical systems (CPSs) [1], several new types of attack vectors have emerged. Analyzing security and resilience of these complex CPSs is difficult as it requires evaluating many subsystems and factors in an integrated manner. Integrated simulation of physical systems and communication network can provide an underlying framework for creating a reusable and configurable testbed for such analyses. Using a model-based integration approach and the IEEE High-Level Architecture (HLA) [2] based distributed simulation software; we have created a testbed for integrated evaluation of large-scale CPS systems. Our tested supports web-based collaborative metamodeling and modeling of CPS system and experiments and a cloud computing environment for executing integrated networked co-simulations. A modular and extensible cyber-attack library enables validating the CPS under a variety of configurable cyber-attacks, such as DDoS and integrity attacks. Hardware-in-the-loop simulation is also supported along with several hardware attacks. Further, a scenario modeling language allows modeling of alternative paths (Courses of Actions) that enables validating CPS under different what-if scenarios as well as conducting cyber-gaming experiments. These capabilities make our testbed well suited for analyzing security and resilience of CPS. In addition, the web-based modeling and cloud-hosted execution infrastructure enables one to exercise the entire testbed using simply a web-browser, with integrated live experimental results display.more » « less
-
Abstract Digitally enabled technologies are increasingly cyber-physical systems (CPSs). They are networked in nature and made up of geographically dispersed components that manage and control data received from humans, equipment, and the environment. Researchers evaluating such technologies are thus challenged to include CPS subsystems and dynamics that might not be obvious components of a product system. Although analysts might assume CPS have negligible or purely beneficial impact on environmental outcomes, such assumptions require justification. As the physical environmental impacts of digital processes (e.g. cryptocurrency mining) gain attention, the need for explicit attention to CPS in environmental assessment becomes more salient. This review investigates how the peer-reviewed environmental assessment literature treats environmental implications of CPS, with a focus on journal articles published in English between 2010 and 2020. We identify nine CPS subsystems and dynamics addressed in this literature: energy system, digital equipment, non-digital equipment, automation and management, network infrastructure, direct costs, social and health effects, feedbacks, and cybersecurity. Based on these categories, we develop a ‘cyber-consciousness score’ reflecting the extent to which the 115 studies that met our evaluation criteria address CPS, then summarize analytical methods and modeling techniques drawn from reviewed literature to facilitate routine inclusion of CPS in environmental assessment. We find that, given challenges in establishing system boundaries, limited standardization of how to evaluate CPS dynamics, and failure to recognize the role of CPS in a product system under evaluation, the extant environmental assessment literature in peer-reviewed journals largely ignores CPS subsystems and dynamics when evaluating digital or digitally-enabled technologies.more » « less
-
Natural hazards, including hurricanes and earthquakes, can escalate into catastrophic societal events due to the destruction of the built environment. To minimize the impact of such hazards on vulnerable communities, civil infrastructure must be designed with performance criteria that prioritize public safety and ensure continuous operation. The National Science Foundation funded Natural Hazards Engineering Research Infrastructure (NHERI) program focuses on advancing the development of resilient infrastructure. The NHERI Lehigh Real-time Multi-directional Simulation Experimental Facility (EF) is one of the facilities within this program. The facility serves as an open-access research hub, offering advanced technologies and engineering tools to develop innovative solutions for natural hazard mitigation. It is uniquely equipped to perform large-scale, multi-directional structural testing in real-time using a cyber-physical simulation technique known as real-time hybrid simulation. This technique enables researchers to model entire systems subjected to dynamic loads at a full scale, allowing for realistic assessments of infrastructure responses to specific hazard scenarios and the development of effective mitigation strategies. This paper explores how cyber-physical simulation has revolutionized research in natural hazards engineering and its influence on engineering practices. It highlights several ongoing projects at the NHERI Lehigh EF aimed at enhancing community resilience in hazard-prone regions. The paper also discusses the planned expansion of the EF, which aims to broaden its focus to include a wider range of natural hazards, and infrastructure systems. This expansion will incorporate both physical and computational resources to enhance the understanding of fluid interactions in combined natural hazards and climate change impacts on coastal and offshore infrastructure. The NHERI Lehigh EF represents a transformative facility that is reshaping natural hazards research and will continue to play a pivotal role in the development of risk management strategies for more resilient communities.more » « less
-
Cyber-physical system security is a significant concern in the critical infrastructure. Strong interdependencies between cyber and physical components render cyber-physical systems highly susceptible to integrity attacks such as injecting malicious data and projecting fake sensor measurements. Traditional security models partition cyber-physical systems into just two domains – high and low. This absolute partitioning is not well suited to cyber-physical systems because they comprise multiple overlapping partitions. Information flow properties, which model how inputs to a system affect its outputs across security partitions, are important considerations in cyber-physical systems. Information flows support traceability analysis that helps detect vulnerabilities and anomalous sources, contributing to the implementation of mitigation measures. This chapter describes an automated model with graph-based information flow traversal for identifying information flow paths in the Automatic Dependent Surveillance-Broadcast (ADS-B) system used in civilian aviation, and subsequently partitioning the flows into security domains. The results help identify ADS-B system vulnerabilities to failures and attacks, and determine potential mitigation measures.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- The DOI is not currently available.
