Cyber-Physical Systems Modeling for Security Using SysML

  • Bryan T. Carter
  • Cody H. Fleming
  • Carl R. Elks
  • Georgios BakirtzisEmail author
Conference paper


Modeling cyber-physical systems (CPS) presents a unique challenge due to their numerous heterogeneous components, complex physical interactions, and disjoint communication networks. Modeling CPS to aid security analysis further adds to these challenges, because securing CPS requires not only understanding of the system architecture but also the system’s role within its broader mission. This is due to the infeasibility of completely securing every single component, network, and part within a CPS. As such it is necessary to be cognizant of the system’s expected service, or mission, so the effects of an exploit can be mitigated, and the system can at least perform its mission in a partially degraded manner. A security analysis methodology based on this philosophy is greatly aided by the creation of a model that combines system architecture information, its admissible behaviors, and its mission context. This paper presents a technique for creating such a model using the Systems Modeling Language.


Cybersecurity SysML Cyber-physical system Systems modeling Security analysis 



Cyber-physical system


Systems Modeling Language


Systems-Theoretic Process Analysis for Security



This research is based upon the work supported by the Department of Defense through the Systems Engineering Research Center managed by the Stevens Institute of Technology.


  1. 1.
    Hause, M. (2006). The SysML modelling language. In Fifteenth European Systems Engineering Conference.Google Scholar
  2. 2.
    Nicol, D. M., Sanders, W. H., & Trivedi, K. S. (2004). Model-based evaluation from dependability to security. IEEE Transactions on Dependable and Secure Computing, 1(1), 48–65.CrossRefGoogle Scholar
  3. 3.
    Bakirtzis, G., Carter, B. T., Elks, C. R., & Fleming, C. H. (2018). A model-based approach to security analysis for cyber-physical systems. In 2018 Annual IEEE International Systems conference (SysCon) (pp. 1–8). IEEE.Google Scholar
  4. 4.
    Carter, B. T., Bakirtzis, G., Elks, C. R., & Fleming, C. H. (2018). A systems approach for eliciting mission-centric security requirements. In 2018 Annual IEEE International Systems Conference (SysCon) (pp. 1–8). IEEE.Google Scholar
  5. 5.
    Delligatti, L. (2013). SysML distilled: A brief guide to the systems modeling language. Boston: Addison-Wesley.Google Scholar
  6. 6.
    Bakirtzis, G., Carter, B. T., Fleming, C. H., & Elks, C. R. (2017, December). MISSION AWARE: Evidence-based, mission-centric cybersecurity analysis. ArXiv-eprints.Google Scholar
  7. 7.
    Young, W., & Leveson, N. (2013). Systems thinking for safety and security. In Proceedings of the 29th Annual Computer Security Applications Conference (ACSAC 2013) (pp. 1–8). ACM.Google Scholar
  8. 8.
    Derler, P., Lee, E. A., & Vincentelli, A. S. (2011). Addressing modeling challenges in cyber-physical systems. Technical report no. UCB/EECS-2011-17. Berkeley, CA: Electrical Engineering and Computer Science Department, University of California.Google Scholar
  9. 9.
    Jensen, J. C., Chang, D. H., & Lee, E. A. (2011). A model-based design methodology for cyber-physical systems. In Proceedings of the International Wireless Communications and Mobile Computing Conference—IWCMC 2011 (pp. 1666–1671).Google Scholar
  10. 10.
    Brunner, M., Huber, M., Sauerwein, C., & Breu, R. (2017). Towards an integrated model for safety and security requirements of cyber-physical systems. In 2017 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C) (pp. 334–340).Google Scholar
  11. 11.
    Ouchani, S., & Lenzini, G. (2014). Attacks generation by detecting attack surfaces. Procedia Computer Science, 32, 529–536.CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Bryan T. Carter
    • 1
  • Cody H. Fleming
    • 3
  • Carl R. Elks
    • 2
  • Georgios Bakirtzis
    • 1
    • 2
    Email author
  1. 1.Coordinated Systems Lab, UVACharlottesvilleUSA
  2. 2.Dependable Cyber-Physical Systems Lab, VCURichmondUSA
  3. 3.Mechanical and Aerospace EngineeringUniversity of VirginiaCharlottesvilleUSA

Personalised recommendations