Abstract
We introduce a design methodology to assure run-time security of cyber physical system (CPS) applications. The methodology has two independent, but complementary, components that employ novel approaches to design run-time monitors that detect both computational and false data cyber-attacks to assure security of CPS at run-time. Based on the executable specification of a CPS application, the first component protects CPS computations through comparison of the application execution and the application-specification execution in real-time. The second component assures safety and integrity of CPS data through vulnerability analysis of the application specification for false data injection attacks based on non-linear verification techniques. We demonstrate our approach through its application to a typical CPS example application; we demonstrate that run-time monitors employing verification techniques are effective, efficient, and readily applicable to demanding real-time critical systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
“Nsf industry 4.0,” https://www.nsf.gov/pubs/2014/nsf14542/nsf14542.htm.
“Nist cps,” https://www.nist.gov/el/cyber-physical-systems.
M. Zeller, “Myth or reality – does the aurora vulnerability pose a risk to my generator?” in 2011 64th Annual Conference for Protective Relay Engineers, April 2011, pp. 130–136.
R. Langner, “Stuxnet: Dissecting a cyberwarfare weapon,” IEEE Security and Privacy, vol. 9, no. 3, pp. 49–51, May 2011.
B. Kang, K. McLaughlin, and S. Sezer, “Towards a stateful analysis framework for smart grid network intrusion detection,” in Proceedings of the 4th International Symposium for ICS & SCADA Cyber Security Research 2016, ser. ICS-CSR ’16, 2016, pp. 1–8.
U. Lindqvist and P. G. Neumann, “The future of the internet of things,” Communications of the ACM, vol. 60, no. 2, pp. 26–30, January 2017.
V. Hodge and J. Austin, “A survey of outlier detection methodologies,” Artif. Intell. Rev., vol. 22, no. 2, pp. 85–126, 2004.
A. Lakhina, M. Crovella, and C. Diot, “Mining anomalies using traffic feature distributions,” SIGCOMM Comput. Commun. Rev., vol. 35, no. 4, pp. 217–228, Aug. 2005.
V. Paxson, “Bro: A system for detecting network intruders in real-time,” in Proceedings of the 7th Conference on USENIX Security Symposium - Volume 7, ser. SSYM’98, Berkeley, CA, USA, 1998, pp. 2435–2463.
C. Watterson and D. Heffernan, “Runtime verification and monitoring of embedded systems,” Software, IET, vol. 1, no. 5, pp. 172–179, 2007.
S. Adepu and A. Mathur, Using Process Invariants to Detect Cyber Attacks on a Water Treatment System. Springer, 2016, pp. 91–104.
M. Khan, D. Serpanos, and H. Shrobe, “A rigorous and efficient run-time security monitor for real-time critical embedded system applications,” in IEEE 3rd WF-IoT, December 2016, pp. 100–105.
M. T. Khan, D. Serpanos, and H. Shrobe, “Armet: Behavior-based secure and resilient industrial control systems,” Proceedings of the IEEE, vol. 106, no. 1, pp. 129–143, Jan 2018.
B. Courcelle and J. Engelfriet, Graph Structure and Monadic Second-Order Logic: A Language-Theoretic Approach. Cambridge University Press, 2012.
G. Hug and J. A. Giampapa, “Vulnerability assessment of ac state estimation with respect to false data injection cyber-attacks,” IEEE Transactions on Smart Grid, vol. 3, no. 3, pp. 1362–1370, 2012.
S. Gao, S. Kong, and E. M. Clarke, “dReal: An SMT Solver for Nonlinear Theories over the Reals,” in Proceedings of the CADE’13. Springer, 2013, pp. 208–214.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Khan, M.T., Serpanos, D., Shrobe, H. (2020). Run-Time Security Assurance of Cyber Physical System Applications. In: Bhattacharyya, S., Potkonjak, M., Velipasalar, S. (eds) Embedded, Cyber-Physical, and IoT Systems. Springer, Cham. https://doi.org/10.1007/978-3-030-16949-7_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-16949-7_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-16948-0
Online ISBN: 978-3-030-16949-7
eBook Packages: EngineeringEngineering (R0)