CYBER-PHYSICAL SYSTEMS: VULNERABILITIES, ATTACKS AND THREATS | I |
Chapter 1, “Improving Security and Privacy for Cyber-Physical Systems,” analyzes the threats and attacks in various cyber-physical system domains and discusses the defensive approaches for avoiding such attacks. Different security studies have been compared in this chapter with a focus on issues and solutions by considering the impact of cyber-attacks, attack modeling and security architecture deployment.
Chapter 2, “Vulnerability Analysis for Cyber-Physical Systems,” provides a brief overview of the vulnerability analysis of cyber-physical systems. The chapter introduces cyber-physical systems (CPS) and discusses the different attacks and threats that prevail in CPS and countermeasures to prevent or mitigate risks. A detailed assessment of vulnerabilities in various CPSs such as industrial control systems (ICSs), distributed control systems (DCSs), and smart grids is analyzed.
Chapter 3, “State Estimation-Based Attack Detection in Cyber-Physical Systems: Limitations and Solutions,” presents a detailed case study regarding model-based attack detection procedures for CPSs. In particular, data from a real-world water treatment plant is collected and analyzed.
Chapter 1
Improving Security and Privacy in Cyber-Physical Systems
Sumaiya Thaseen, Aswani Kumar Cherukuri and Amir Ahmad
Contents
1.1 Introduction
1.2 Security Objectives for Cyber-Physical Systems
1.2.1 Security
1.2.1.1 Physical
1.2.1.2 Cyber
1.2.2 Privacy
1.2.2.1 Confidentiality
1.2.2.2 Integrity
1.2.2.3 Availability
1.2.2.4 Authenticity
1.3 CPS Attacks and Threats
1.3.1 Eavesdropping
1.3.2 Compromised-Key Attack
1.3.3 Man-in-the-Middle Attack
1.3.4 Denial-of-Service (DoS) Attack
1.3.5 CPS Defense Mechanisms
1.4 CPS Security Perspectives
1.4.1 Intrusion Detection Systems
1.4.2 Estimation of Consequences of Cyber Attacks
1.4.3 Modeling of CPS Attacks
1.4.4 CPS Attacks Detection
1.4.5 Development of Security Architecture
1.5 CPS Architecture and Attacks
1.5.1 Attacks at the Perception Layer
1.5.2 Attacks at the Transmission Layer
1.5.3 Attacks at the Application Layer
1.6 Attack Mitigation Strategy
1.6.1 Risk Assessment for CPS
1.6.2 Single-Layer Solutions for CPS
1.6.3 Multilayer Solutions for CPS
1.6.4 Security Framework for CPS
1.7 Conclusion and Future Research Direction
References
1.1 Introduction
The integration of different cyber and physical components utilizing modern computing technologies is termed as cyber-physical systems (CPSs). The Internet of Things (IoT) paradigm ensures secure and energy-efficient transfer of information between the physical and the cyber world. Many applications such as smart medicine, smart vehicles, smart city, mobile systems and defense systems use CPS as the basis for the development. The development of CPS was originally considered as an innovation to improve the quality of human life and to get rid of routine work. The CPS has been a key target in some of the highly publicized security breaches over the last decade. Cyber- and physical-security concepts cannot protect CPSs from unexpected vulnerabilities arising due to the crossover effects and complex interdependencies; physical attacks may cause compromise or damage to the information system; cyber attacks can cause physical malfunctions. Cyber threats seen in nature which originate in cyberspace are scalable but create an impact on the physical space of the system.
Barriers of CPS include security issues, various protocols and standards, and power supply devices. The risk of intrusions and attacks in CPS is also due to the self-sufficiency and remote location of CPS devices. A critical challenge is encountered when there is human interaction with CPSs. Interpreting human–machine behavior and developing appropriate models considering the situational and environmental changes are huge and challenging tasks. Such changes are essential in military and air traffic systems (Sztipanovits et al., 2012).
The primary problems identified for CPS security (Xinlan et al., 2010) are (1) awareness of threats and possible consequences of attacks for modeling security threats, (2) understanding the unique characteristics of CPSs and their variations from traditional information technology security, and (3) discussion of the security mechanisms applicable to CPSs to design reliable and fault-tolerant architectures for detection and prevention of cyber and physical threats. Another issue with security is there are many stakeholders. They all distinguish various security threats and risks and focus towards different goals. Thus, the consideration is to ensure multiple levels of security for the stakeholders involved in their respective contexts and environments. CPS requires an improved infrastructure with sensor-enabled automatic systems including computational devices and physical processes. There are different kinds of data transported to and from different devices, in the format that is required by the devices using specific communication mechanism which the device can handle. As a result, security and privacy are the key concerns for CPS design, development and operation. The aim of this chapter is to discuss the potential attacks in CPSs and help designers of emerging CPSs to build more secure, privacy-enhanced products in the future.
The sections of the chapter are organized as follows: Section 1.2 highlights the security and privacy in C...