Somali Chaterji,Parinaz Naghizadeh,Muhammad Ashraful Alam,Saurabh Bagchi,Mung Chiang,David Corman,Brian Henz,Suman Jana,Na Li,Shaoshuai Mou,Meeko Oishi,Chunyi Peng,Tiark Rompf,Ashutosh Sabharwal,Shreyas Sundaram,James Weimer,Jennifer Weller

DOI: https://doi.org/10.48550/arXiv.2001.00090

2019-12-20

Abstract:Cyberphysical systems (CPS) are ubiquitous in our personal and professional lives, and they promise to dramatically improve micro-communities (e.g., urban farms, hospitals), macro-communities (e.g., cities and metropolises), urban structures (e.g., smart homes and cars), and living structures (e.g., human bodies, synthetic genomes). The question that we address in this article pertains to designing these CPS systems to be resilient-from-the-ground-up, and through progressive learning, resilient-by-reaction. An optimally designed system is resilient to both unique attacks and recurrent attacks, the latter with a lower overhead. Overall, the notion of resilience can be thought of in the light of three main sources of lack of resilience, as follows: exogenous factors, such as natural variations and attack scenarios; mismatch between engineered designs and exogenous factors ranging from DDoS (distributed denial-of-service) attacks or other cybersecurity nightmares, so called "black swan" events, disabling critical services of the municipal electrical grids and other connected infrastructures, data breaches, and network failures; and the fragility of engineered designs themselves encompassing bugs, human-computer interactions (HCI), and the overall complexity of real-world systems. In the paper, our focus is on design and deployment innovations that are broadly applicable across a range of CPS application areas.

Computers and Society,Distributed, Parallel, and Cluster Computing,Systems and Control

Jianxin Xu,Dongqin Feng

DOI: https://doi.org/10.1155/2017/2430835

IF: 1.968

2017-01-01

Security and Communication Networks

Abstract:This paper discusses two aspects of major risks related to the cyber security of an industrial control system (ICS), including the exploitation of the vulnerabilities of legitimate communication parties and the features abused by unauthorized parties. We propose a novel framework for exposing the above two types of risks. A state fusion finite state machine (SF-FSM) model is defined to describe multiple request-response packet pair sequence signatures of various applications using the same protocol. An inverted index of keywords in an industrial protocol is also proposed to accomplish fast state sequence matching. Then we put forward the concept of scenario reconstruction, using state sequence matching based on SF-FSM, to present the known vulnerabilities corresponding to applications of a specific type and version by identifying the packet interaction characteristics from the data flow in the supervisory control layer network. We also implement an anomaly detection approach to identifying illegal access using state sequence matching based on SF-FSM. An anomaly is asserted if none of the state sequence signatures in the SF-FSM is matched with a packet flow. Ultimately, an example based on industrial protocols is demonstrated by a prototype system to validate the methods of scenario reconstruction and anomaly detection.

Jiming Chen,Vijay Gupta,Daniel E. Quevedo,Pietro Tesi

DOI: https://doi.org/10.1002/rnc.5051

IF: 3.8973

2020-01-01

International Journal of Robust and Nonlinear Control

Abstract:Due to advances in computing and communication technologies, there has been a growing interest in cyberphysical systems (CPS). These are systems where physical devices are monitored/controlled via embedded computers and networks. By exploiting sensing, computation, and networking capabilities, CPS are paving the way for a new generation of engineering systems, which enable automatic decision‐making processes in fields ranging from customized manufacturing and transportation to health care and energy. Integration of information technology methods with a physical system such as a power grid, transportation system, and supply chain to form a “smart” infrastructure holds the promise of greater efficiency, reliability, and sustainability. However, any such coupling introduces privacy and security issues. The “systems and control” community has contributed to the CPS agenda, addressing issues like estimation, control, and coordination under information constraints. However, a deep understanding of the privacy and security requirements in CPS and their influence on classical control‐theoretic paradigms is still missing...

Aidong Xu,Xingpu Cai,Mengya Li,Yang Cao,Huajun Chen,Wei Ding,Chao Hong,Zhibing Wu,Qi Wang

DOI: https://doi.org/10.1109/cyber46603.2019.9066579

2019-01-01

Abstract:With the development of information and communication technology, power system has integrated deeply with communication system, which is a typical cyber physical system. While the development of smart grid makes the power side control more accurate and efficient, it also poses potential cyber attack risks. Attackers can cause grid faults and further power outages by disguising the attack behaviors as natural faults. When the grid is on operation, a large amount of data is generated on both the power side and the information side. Therefore, identifying the cause of the grid faults correctly through data mining can be helpful to take correct countermeasures in time to prevent the fault from expanding. In this paper, an identification method is proposed based on the collaborative characteristic sequence of a certain event and is verified on a four-machine two-zone system. The results show that method is effective and reliable.

Mariana Segovia-Ferreira,Jose Rubio-Hernan,Ana Rosa Cavalli,Joaquin Garcia-Alfaro

DOI: https://doi.org/10.1145/3652953

IF: 16.6

2024-03-16

ACM Computing Surveys

Abstract:Concerns for the resilience of Cyber-Physical Systems (CPS) in critical infrastructure are growing. CPS integrate sensing, computation, control, and networking into physical objects and mission-critical services, connecting traditional infrastructure to internet technologies. While this integration increases service efficiency, it has to face the possibility of new threats posed by the new functionalities. This leads to cyber-threats, such as denial-of-service, modification of data, information leakage, spreading of malware, and many others. Cyber-resilience refers to the ability of a CPS to prepare, absorb, recover, and adapt to the adverse effects associated with cyber-threats, e.g., physical degradation of the CPS performance resulting from a cyber-attack. Cyber-resilience aims at ensuring CPS survival, by keeping the core functionalities of the CPS in case of extreme events. The literature on cyber-resilience is rapidly increasing, leading to a broad variety of research works addressing this new topic. In this article, we create a systematization of knowledge about existing scientific efforts of making CPS cyber-resilient. We systematically survey recent literature addressing cyber-resilience with a focus on techniques that may be used on CPS. We first provide preliminaries and background on CPS and threats, and subsequently survey state-of-the-art approaches that have been proposed by recent research work applicable to CPS. In particular, we aim at differentiating research work from traditional risk management approaches, based on the general acceptance that it is unfeasible to prevent and mitigate all possible risks threatening a CPS. We also discuss questions and research challenges, with a focus on the practical aspects of cyber-resilience, such as the use of metrics and evaluation methods, as well as testing and validation environments.

computer science, theory & methods

Paul Griffioen,Sean Weerakkody,Omur Ozel,Yilin Mo,Bruno Sinopoli

DOI: https://doi.org/10.23919/ecc.2019.8796117

2019-01-01

Abstract:Cyber-physical systems (CPSs) have become targets for malicious adversaries, creating new challenges for attaining reliable CPS performance. Achieving CPS security requires tools which extend beyond what is offered in state of the art software and cyber security. In this tutorial, we consider a science of CPS security which combines tools from both cyber security and system theory to defend against adversarial behavior. We discuss realistic and intelligent attack models from an adversarial perspective and then present mechanisms for defenders to achieve resilience by recognizing and responding to such malicious behavior. The focus of this tutorial is particularly on the recognition and detection of attacks, which is the first and foremost step in achieving resilience and is a necessary prerequisite to any active response.

Ioannis Zografopoulos,Juan Ospina,XiaoRui Liu,Charalambos Konstantinou

DOI: https://doi.org/10.48550/arXiv.2101.10198

2021-01-25

Cryptography and Security

Abstract:Cyber-physical systems (CPS) are interconnected architectures that employ analog, digital, and communication resources for their interaction with the physical environment. CPS are the backbone of enterprise, industrial, and critical infrastructure. Thus, their vital importance makes them prominent targets for malicious attacks aiming to disrupt their operations. Attacks targeting cyber-physical energy systems (CPES), given their mission-critical nature, can have disastrous consequences. The security of CPES can be enhanced leveraging testbed capabilities to replicate power system operations, discover vulnerabilities, develop security countermeasures, and evaluate grid operation under fault-induced or maliciously constructed scenarios. In this paper, we provide a comprehensive overview of the CPS security landscape with emphasis on CPES. Specifically, we demonstrate a threat modeling methodology to accurately represent the CPS elements, their interdependencies, as well as the possible attack entry points and system vulnerabilities. Leveraging the threat model formulation, we present a CPS framework designed to delineate the hardware, software, and modeling resources required to simulate the CPS and construct high-fidelity models which can be used to evaluate the system's performance under adverse scenarios. The system performance is assessed using scenario-specific metrics, while risk assessment enables system vulnerability prioritization factoring the impact on the system operation. The overarching framework for modeling, simulating, assessing, and mitigating attacks in a CPS is illustrated using four representative attack scenarios targeting CPES. The key objective of this paper is to demonstrate a step-by-step process that can be used to enact in-depth cybersecurity analyses, thus leading to more resilient and secure CPS.

Hakan Kayan,Matthew Nunes,Omer Rana,Pete Burnap,Charith Perera

DOI: https://doi.org/10.48550/arXiv.2101.03564

2021-01-10

Abstract:Industrial cyber-physical systems (ICPSs) manage critical infrastructures by controlling the processes based on the "physics" data gathered by edge sensor networks. Recent innovations in ubiquitous computing and communication technologies have prompted the rapid integration of highly interconnected systems to ICPSs. Hence, the "security by obscurity" principle provided by air-gapping is no longer followed. As the interconnectivity in ICPSs increases, so does the attack surface. Industrial vulnerability assessment reports have shown that a variety of new vulnerabilities have occurred due to this transition while the most common ones are related to weak boundary protection. Although there are existing surveys in this context, very little is mentioned regarding these reports. This paper bridges this gap by defining and reviewing ICPSs from a cybersecurity perspective. In particular, multi-dimensional adaptive attack taxonomy is presented and utilized for evaluating real-life ICPS cyber incidents. We also identify the general shortcomings and highlight the points that cause a gap in existing literature while defining future research directions.

Cryptography and Security

Nils Müller,Kaibin Bao,Jörg Matthes,Kai Heussen

DOI: https://doi.org/10.1016/j.compind.2023.103982

2023-05-26

Abstract:Cyber-physical systems (CPSs) constitute the backbone of critical infrastructures such as power grids or water distribution networks. Operating failures in these systems can cause serious risks for society. To avoid or minimize downtime, operators require real-time awareness about critical incidents. However, online event identification in CPSs is challenged by the complex interdependency of numerous physical and digital components, requiring to take cyber attacks and physical failures equally into account. The online event identification problem is further complicated through the lack of historical observations of critical but rare events, and the continuous evolution of cyber attack strategies. This work introduces and demonstrates CyPhERS, a Cyber-Physical Event Reasoning System. CyPhERS provides real-time information pertaining the occurrence, location, physical impact, and root cause of potentially critical events in CPSs, without the need for historical event observations. Key novelty of CyPhERS is the capability to generate informative and interpretable event signatures of known and unknown types of both cyber attacks and physical failures. The concept is evaluated and benchmarked on a demonstration case that comprises a multitude of attack and fault events targeting various components of a CPS. The results demonstrate that the event signatures provide relevant and inferable information on both known and unknown event types.

Cryptography and Security,Signal Processing,Systems and Control,Machine Learning

Amel Bennaceur,Carlo Ghezzi,Kenji Tei,Timo Kehrer,Danny Weyns,Radu Calinescu,Schahram Dustdar,Zhenjiang Hu,Shinichi Honiden,Fuyuki Ishikawa,Zhi Jin,Jeffrey Kramer,Marin Litoiu,Michele Loreti,Gabriel Moreno,Hausi Muller,Laura Nenzi,Bashar Nuseibeh,Liliana Pasquale,Wolfgang Reisig,Heinz Schmidt,Christos Tsigkanos,Haiyan Zhao

DOI: https://doi.org/10.1109/seams.2019.00018

2019-01-01

Abstract:From smart buildings to medical devices to smart nations, software systems increasingly integrate computation, networking, and interaction with the physical environment. These systems are known as Cyber-Physical Systems (CPS). While these systems open new opportunities to deliver improved quality of life for people and reinvigorate computing, their engineering is a difficult problem given the level of heterogeneity and dynamism they exhibit. While progress has been made, we argue that complexity is now at a level such that existing approaches need a major re-think to define principles and associated techniques for CPS. In this paper, we identify research challenges when modelling, analysing and engineering CPS. We focus on three key topics: theoretical foundations of CPS, self-adaptation methods for CPS, and exemplars of CPS serving as a research vehicle shared by a larger community. For each topic, we present an overview and suggest future research directions, thereby focusing on selected challenges. This paper is one of the results of the Shonan Seminar 118 on Modelling and Analysing Resilient Cyber-Physical Systems, which took place in December 2018.

Ye Yuan,Xiuchuan Tang,Wei Pan,Xiuting Li,Wei Zhou,Hai-Tao Zhang,Han Ding,Jorge Goncalves

DOI: https://doi.org/10.1038/s41467-019-12490-1

2018-10-01

Abstract:Cyber-physical systems (CPSs) embed software into the physical world. They appear in a wide range of applications such as smart grids, robotics, intelligent manufacture and medical monitoring. CPSs have proved resistant to modeling due to their intrinsic complexity arising from the combination of physical components and cyber components and the interaction between them. This study proposes a general framework for reverse engineering CPSs directly from data. The method involves the identification of physical systems as well as the inference of transition logic. It has been applied successfully to a number of real-world examples ranging from mechanical and electrical systems to medical applications. The novel framework seeks to enable researchers to make predictions concerning the trajectory of CPSs based on the discovered model. Such information has been proven essential for the assessment of the performance of CPS, the design of failure-proof CPS and the creation of design guidelines for new CPSs.

Systems and Control,Artificial Intelligence,Machine Learning

R. Pavithra,Vishnu kumar Kaliappan,Sivaramakrishnan Rajendar

DOI: https://doi.org/10.1007/s42979-023-01897-9

2023-07-29

SN Computer Science

Abstract:Upcoming technological innovations and findings are immense in the field of intelligent transport systems (ITS). Cyber-physical systems (CPSs) are complex systems that integrate communication, control, and computing technology. CPSs are widely used today in intelligent transportation. For every development of a new system, there is a parallel offender who initiates the attack to destroy the root of the system developed. The attack category is infinite in such developing technology. In this paper, we have focused on preserving the security of ITS from cyber-physical systems perceptive, and various vulnerabilities, attacks, and countermeasures against ITS. Reinforcement learning is the latest buzzword in which an agent can understand and explain the environment, perform an action, and learn through trial and error. The paper also explains how reinforcement learning helps ITS in terms of security.

Zeynep GÜRKAŞ AYDIN,Murat KAZANÇ

DOI: https://doi.org/10.17093/alphanumeric.1404181

2023-12-31

Alphanumeric Journal

Abstract:The prominence of cyber security continues to increase on a daily basis. Following the cyber attacks in recent years, governments have implemented a range of regulations. The advancement of technology and digitalization has led to the creation of new vulnerabilities that cyber attackers can exploit. The digitalization of facilities such as energy distribution networks and water infrastructures has enhanced their efficiency, thereby benefiting states and society. The modern sensors, controllers, and networks of these new generation facilities have made them susceptible to cyber attackers. While all forms of cyber attacks are detrimental, targeting critical cyber-physical systems presents a heightened level of peril. These assaults have the potential to disrupt the social structure and pose a threat to human lives. Various techniques are employed to guarantee the security of these facilities, which is of utmost importance. This study examined the applications of machine learning and deep learning methods, which are sub-branches of artificial intelligence that have recently undergone a period of significant advancement. Intrusion detection systems are being created for the networks that facilitate communication among the hardware components of the cyber-physical system. Another potential application area involves the development of models capable of detecting anomalies and attacks in the data generated by sensors and controllers. Cyber physical systems exhibit a wide range of diversity. Due to the wide range of variations, it is necessary to utilize specific datasets for training the model. Generating a dataset through attacks on a functional cyber-physical system is unattainable. The study also analyzed the solutions to this problem. Based on the analyzed studies, it has been observed that the utilization of artificial intelligence enhances the security of cyber physical systems.

Charalambos Konstantinou,George Stergiopoulos,Masood Parvania,Paulo Esteves-Verissimo

DOI: https://doi.org/10.1109/rws52686.2021.9611797

2021-10-18

Abstract:Cyber-physical systems (CPS) incorporate the complex and large-scale engineered systems behind critical infrastructure operations, such as water distribution networks, energy delivery systems, healthcare services, manufacturing systems, and transportation networks. Industrial CPS in particular need to simultaneously satisfy requirements of available, secure, safe and reliable system operation against diverse threats, in an adaptive and sustainable way. These adverse events can be of accidental or malicious nature and may include natural disasters, hardware or software faults, cyberattacks, or even infrastructure design and implementation faults. They may drastically affect the results of CPS algorithms and mechanisms, and subsequently the operations of industrial control systems (ICS) deployed in those critical infrastructures. Such a demanding combination of properties and threats calls for resilience-enhancement methodologies and techniques, working in real-time operation. However, the analysis of CPS resilience is a difficult task as it involves evaluation of various interdependent layers with heterogeneous computing equipment, physical components, network technologies, and data analytics. In this paper, we apply the principles of chaos engineering (CE) to industrial CPS, in order to demonstrate the benefits of such practices on system resilience. The systemic uncertainty of adverse events can be tamed by applying runtime CE-based analyses to CPS in production, in order to predict environment changes and thus apply mitigation measures limiting the range and severity of the event, and minimizing its blast radius.

Beatrice Cassottana,Muhammad M Roomi,Daisuke Mashima,Giovanni Sansavini

DOI: https://doi.org/10.1111/risa.14089

Abstract:Cyber-physical systems (CPSs) are monitored and controlled by a computing and communicating core. This cyber layer enables better management of the controlled subsystem, but it also introduces threats to the security and protection of CPSs, as demonstrated by recent cyberattacks. The resulting governance and policy emphasis on cybersecurity is reflected in the academia by a vast body of literature. In this article, we systematize existing knowledge on CPS analysis. Specifically, we focus on the quantitative assessment of CPSs before and after the occurrence of a disruption. Through the systematic analysis of the models and methods adopted in the literature, we develop a CPS resilience assessment framework consisting of three steps, namely, (1) CPS description, (2) disruption scenario identification, and (3) resilience strategy selection. For each step of the framework, we suggest established methods for CPS analysis and suggest four criteria for method selection. The framework proposes a standardized workflow to assess the resilience of CPSs before and after the occurrence of a disruption. The application of the proposed framework is exemplified with reference to a power substation and associated communication network.The case study shows that the proposed framework supports resilience decision making by quantifying the effects of the implementation of resilience strategies.

Denise Ratasich,Faiq Khalid,Florian Geissler,Radu Grosu,Muhammad Shafique,Ezio Bartocci

DOI: https://doi.org/10.1109/ACCESS.2019.2891969

2018-11-06

Abstract:The Internet of Things (IoT) is a ubiquitous system connecting many different devices - the things - which can be accessed from the distance. The cyber-physical systems (CPS) monitor and control the things from the distance. As a result, the concepts of dependability and security get deeply intertwined. The increasing level of dynamicity, heterogeneity, and complexity adds to the system's vulnerability, and challenges its ability to react to faults. This paper summarizes state-of-the-art of existing work on anomaly detection, fault-tolerance and self-healing, and adds a number of other methods applicable to achieve resilience in an IoT. We particularly focus on non-intrusive methods ensuring data integrity in the network. Furthermore, this paper presents the main challenges in building a resilient IoT for CPS which is crucial in the era of smart CPS with enhanced connectivity (an excellent example of such a system is connected autonomous vehicles). It further summarizes our solutions, work-in-progress and future work to this topic to enable "Trustworthy IoT for CPS". Finally, this framework is illustrated on a selected use case: A smart sensor infrastructure in the transport domain.

Emerging Technologies,Machine Learning,Networking and Internet Architecture

Robert Mitchell,Ing-Ray Chen

DOI: https://doi.org/10.1145/2542049

IF: 16.6

2014-04-01

ACM Computing Surveys

Abstract:Pervasive healthcare systems, smart grids, and unmanned aircraft systems are examples of Cyber-Physical Systems (CPSs) that have become highly integrated in the modern world. As this integration deepens, the importance of securing these systems increases. In order to identify gaps and propose research directions in CPS intrusion detection research, we survey the literature of this area. Our approach is to classify modern CPS Intrusion Detection System (IDS) techniques based on two design dimensions: detection technique and audit material. We summarize advantages and drawbacks of each dimension’s options. We also summarize the most and least studied CPS IDS techniques in the literature and provide insight on the effectiveness of IDS techniques as they apply to CPSs. Finally, we identify gaps in CPS IDS research and suggest future research areas.

computer science, theory & methods

Bagula Antoine,Tuyishimire Emmanuel,Ajayi Olasupo

DOI: https://doi.org/10.48550/arXiv.1912.07479

2019-12-17

Abstract:Vast investments have recently been made worldwide in developing the Cyber-Physical System (CPS) technology with the expectations of improving economical and societal structures. However, great care must be paid to the CPS' complexity, the impact of emerging IoT (Internet of Things) protocols on the CPS infrastructure as well as the impact of information dissemination by these protocols on the safety of these infrastructures. This paper addresses the issue of CPS safety by proposing and evaluating the performance of a CPS management framework and the analysis of the dynamics of the underlining IoT network in the cyber-space. The main contributions of this paper are in threefold. Firstly, a new CPS framework is proposed; that: 1) builds around a layered architecture to compartmentalise the CPS functionalities into different modules for efficiency and scalability and 2) uses an inner feedback loop for the efficient management of CPS infrastructure. Secondly, building upon this framework, a novel diffusion model that uses the epidemic (interference) sets to produce accurate diffusion patterns across the CPS IoT subsystem is proposed. Finally, the proposed diffusion model is numerically analysed to show how it can be used to achieve efficient CPS surveillance in order to trigger reconfiguration to re-optimise the CPS when it is under stress. in IoT settings. The numerical analysis of the diffusion model shows that interference propagates in pairwise disjoint sets, with IoT nodes migrating from "susceptible" to "attacked" statuses and finally reaching the "removed" state at a predictable time. Deployment considerations on some of the current social and public networks are also onsidered

Distributed, Parallel, and Cluster Computing

Chuadhry Mujeeb Ahmed,Jianying Zhou

DOI: https://doi.org/10.48550/arXiv.2004.03178

2020-04-07

Abstract:The integration of cyber technologies (computing and communication) with the physical world gives rise to complex systems referred to as Cyber Physical Systems (CPS), for example, manufacturing, transportation, smart grid, and water treatment. Many of those systems are part of the critical infrastructure and need to perform safely, reliably, and securely in real-time. CPS security is challenging as compared to the conventional IT systems. An adversary can compromise the system in both the cyber and the physical domains. However, the unique set of technologies and processes being used in a CPS also bring up opportunities for defense. CPS security has been approached in several ways due to the complex interaction of physical and cyber components. In this work, a comprehensive study is taken to summarize the challenges and the proposed solutions for securing CPS from a Physics-based perspective.

Cryptography and Security,Systems and Control