Cyber-Physical Systems Modeling for Security Using SysML
- 373 Downloads
Modeling cyber-physical systems (CPS) presents a unique challenge due to their numerous heterogeneous components, complex physical interactions, and disjoint communication networks. Modeling CPS to aid security analysis further adds to these challenges, because securing CPS requires not only understanding of the system architecture but also the system’s role within its broader mission. This is due to the infeasibility of completely securing every single component, network, and part within a CPS. As such it is necessary to be cognizant of the system’s expected service, or mission, so the effects of an exploit can be mitigated, and the system can at least perform its mission in a partially degraded manner. A security analysis methodology based on this philosophy is greatly aided by the creation of a model that combines system architecture information, its admissible behaviors, and its mission context. This paper presents a technique for creating such a model using the Systems Modeling Language.
KeywordsCybersecurity SysML Cyber-physical system Systems modeling Security analysis
Systems Modeling Language
Systems-Theoretic Process Analysis for Security
This research is based upon the work supported by the Department of Defense through the Systems Engineering Research Center managed by the Stevens Institute of Technology.
- 1.Hause, M. (2006). The SysML modelling language. In Fifteenth European Systems Engineering Conference.Google Scholar
- 3.Bakirtzis, G., Carter, B. T., Elks, C. R., & Fleming, C. H. (2018). A model-based approach to security analysis for cyber-physical systems. In 2018 Annual IEEE International Systems conference (SysCon) (pp. 1–8). IEEE.Google Scholar
- 4.Carter, B. T., Bakirtzis, G., Elks, C. R., & Fleming, C. H. (2018). A systems approach for eliciting mission-centric security requirements. In 2018 Annual IEEE International Systems Conference (SysCon) (pp. 1–8). IEEE.Google Scholar
- 5.Delligatti, L. (2013). SysML distilled: A brief guide to the systems modeling language. Boston: Addison-Wesley.Google Scholar
- 6.Bakirtzis, G., Carter, B. T., Fleming, C. H., & Elks, C. R. (2017, December). MISSION AWARE: Evidence-based, mission-centric cybersecurity analysis. ArXiv-eprints.Google Scholar
- 7.Young, W., & Leveson, N. (2013). Systems thinking for safety and security. In Proceedings of the 29th Annual Computer Security Applications Conference (ACSAC 2013) (pp. 1–8). ACM.Google Scholar
- 8.Derler, P., Lee, E. A., & Vincentelli, A. S. (2011). Addressing modeling challenges in cyber-physical systems. Technical report no. UCB/EECS-2011-17. Berkeley, CA: Electrical Engineering and Computer Science Department, University of California.Google Scholar
- 9.Jensen, J. C., Chang, D. H., & Lee, E. A. (2011). A model-based design methodology for cyber-physical systems. In Proceedings of the International Wireless Communications and Mobile Computing Conference—IWCMC 2011 (pp. 1666–1671).Google Scholar
- 10.Brunner, M., Huber, M., Sauerwein, C., & Breu, R. (2017). Towards an integrated model for safety and security requirements of cyber-physical systems. In 2017 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C) (pp. 334–340).Google Scholar