Design and Run-Time Aspects of Secure Cyber-Physical Systems

  • Apostolos P. FournarisEmail author
  • Andreas Komninos
  • Aris S. Lalos
  • Athanasios P. Kalogeras
  • Christos Koulamas
  • Dimitrios Serpanos


Cyber-Physical Systems (CPSs) combine computational and physical components enabling real-world interaction. Digitization, decentralization, and high connectivity, as well as incorporation of various enabling technologies, raise various security issues. These security concerns may affect safety, endangering assets and even human lives. This is especially true for CPS utilization in different sectors of great significance, including manufacturing or critical infrastructures, creating a need for efficiently handling relevant security issues. Including security as part of a software-intensive technical system (i.e., the CPS) that can be distributed and highly resilient highlights the need for appropriate security methodologies to be applied on the CPS from the engineering stage during CPS design. The efficient security-related processes that are implemented at design time have an impact on security monitoring during the CPS operational phase (at run-time). Efficient and accurate security monitoring that follows security-by-design principles can be a potent tool in the hands of the CPS manager for detecting and mitigating cyber threats. Monitoring traffic and activity at the system boundaries, detecting changes to device status and configuration, detecting suspicious activity indicating attacks, detecting unauthorized activity that is suspicious or violates security policies, and timely responding to security incidents and recovering from them are issues that need to be efficiently tackled with by security monitoring. In this chapter, we explore the various CPS cybersecurity threats and discuss how adding security as a parameter at the CPS design phase can provide a well-structured and efficient approach on providing strong security CPS foundations. New technologies on CPS security design are presented and emerging security directions are discussed. Furthermore, in the chapter, the different aspects of security monitoring are presented with a special emphasis on CPSs, discussing the various existing monitoring approaches that are followed in order to detect security issues at run-time. Specific use cases of CPSs in the manufacturing domain and with reference to critical infrastructures are also detailed and security requirements like confidentiality, integrity, and availability are discussed.


Security by design Security run-time monitoring Cyber-physical systems security Cybersecurity Digital Twins 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.



This work is supported by the project "I3T—Innovative Application of Industrial Internet of Things (IIoT) in Smart Environments” (MIS 5002434) implemented under the “Action for the Strategic Development on the Research and Technological Sector,” funded by the Operational Programme “Competitiveness, Entrepreneurship and Innovation” (NSRF 2014–2020) and co-financed by Greece and the European Union (European Regional Development Fund).


  1. Alcaraz, C., & Zeadally, S. (2013). Critical control system protection in the 21st century. Computer, 46, 74–83.CrossRefGoogle Scholar
  2. Amin, S., Schwartz, G. A., & Shankar Sastry, S. (2013). Security of interdependent and identical networked control systems. Automatica, 49, 186–192. Scholar
  3. Baheti, R., & Gill, H. (2011). Cyber-physical systems. The Impact of Control Technology, 12, 161–166.Google Scholar
  4. Barnett, M., & Schulte, W. (2003). Runtime verification of net contracts. Journal of Systems and Software, 65, 199–208.CrossRefGoogle Scholar
  5. Barras, B., Boutin, S., Cornes, C., Courant, J., Filliatre, J.-C., Gimenez, E., et al. (1997). The Coq proof assistant reference manual: Version 6.1 (PhD Thesis). Inria.Google Scholar
  6. Bécue, A., Fourastier, Y., Praça, I., Savarit, A., Baron, C., Gradussofs, B., et al. (2018). CyberFactory#1—Securing the industry 4.0 with cyber-ranges and digital twins. In 2018 14th IEEE International Workshop on Factory Communication Systems (WFCS) (pp. 1–4).
  7. Befekadu, G. K., Gupta, V., & Antsaklis, P. J. (2015). Risk-sensitive control under Markov modulated denial-of-service (DoS) attack strategies. IEEE Transactions on Automatic Control, 60, 3299–3304. Scholar
  8. Bellovin, S. M. (1989). Security problems in the TCP/IP protocol suite. ACM SIGCOMM Computer Communication Review, 19, 32–48.CrossRefGoogle Scholar
  9. Blum, M., & Wasserman, H. (1994). Software reliability via run-time result-checking. Journal of the ACM. Citeseer.Google Scholar
  10. Börger, E., & Stärk, R. (2012). Abstract state machines: A method for high-level system design and analysis. Cham: Springer.zbMATHGoogle Scholar
  11. Byres, E., & Lowe, J. (2004). The myths and facts behind cyber security risks for industrial control systems. In Proceedings of the VDE Kongress (pp. 213–218). Citeseer.Google Scholar
  12. Cárdenas, A. A., Amin, S., Lin, Z.-S., Huang, Y.-L., Huang, C.-Y., & Sastry, S. (2011). Attacks against process control systems: Risk assessment, detection, and response. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS’11 (pp. 355–366). New York: ACM. Scholar
  13. Chen, T., & Abu-Nimeh, S. (2011). Lessons from stuxnet. Computer, 44, 91–93.CrossRefGoogle Scholar
  14. Chupilko, M., & Kamkin, A. (2013). Runtime verification based on executable models: On-the-fly matching of timed traces. ArXivPrepr. ArXiv13031010.Google Scholar
  15. Damjanovic-Behrendt, V. (2018). A digital twin architecture for security, privacy and safety. ERCIM NEWS, 115, 25–26.Google Scholar
  16. Davidson, D., Wu, H., Jellinek, R., Singh, V., & Ristenpart, T. (2016). Controlling UAVs with sensor input spoofing attacks. In 10th USENIX Workshop on Offensive Technologies (WOOT 16).Google Scholar
  17. Delaware, B., Pit-Claudel, C., Gross, J., & Chlipala, A. (2015). Fiat: Deductive synthesis of abstract data types in a proof assistant. In ACM SIGPLAN notices (pp. 689–700). New York: ACM.Google Scholar
  18. Dignan, L. (2017). GE aims to replicate digital twin success with security-focused digital ghost. ZDNet.Google Scholar
  19. Ding, D., Wei, G., Zhang, S., Liu, Y., & Alsaadi, F. E. (2017). On scheduling of deception attacks for discrete-time networked systems equipped with attack detectors. Neurocomputing, 219, 99–106. Scholar
  20. Eckhart, M., & Ekelhart, A. (2018a). Towards security-aware virtual environments for digital twins. In Proceedings of the 4th ACM Workshop on Cyber-Physical System Security, CPSS’18 (pp. 61–72). New York: ACM. Scholar
  21. Eckhart, M., & Ekelhart, A. (2018b). Securing cyber-physical systems through digital twins. ERCIM NEWS, 115, 22–23.Google Scholar
  22. Eckhart, M., & Ekelhart, A. (2018c). Aspecification-based state replication approach for digital twins. In Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and Privacy (pp. 36–47). New York: ACM.CrossRefGoogle Scholar
  23. Ericsson, G. N. (2010). Cyber security and power system communication—Essential parts of a smart grid infrastructure. IEEE Transactions on Power Delivery, 25, 1501–1507.CrossRefGoogle Scholar
  24. Folds, D. J. (2015). Human in the loop simulation. In Modeling and simulation in the systems engineering lifecycle (pp. 175–183). London: Springer.CrossRefGoogle Scholar
  25. Fournaris, A. P., & Sklavos, N. (2014). Secure embedded system hardware design–a flexible security and trust enhanced approach. Computers and Electrical Engineering, 40, 121–133.CrossRefGoogle Scholar
  26. Fournaris, A. P., Pocero Fraile, L., & Koufopavlou, O. (2017a). Exploiting hardware vulnerabilities to attack embedded system devices: A survey of potent microarchitectural attacks. Electronics, 6, 52.CrossRefGoogle Scholar
  27. Fournaris, A. P., Lampropoulos, K., & Koufopavlou, O. (2017b). Hardware security for critical infrastructures-the CIPSEC project approach. In 2017 IEEE Computer Society Annual Symposium on VLSI (ISVLSI) (pp. 356–361). IEEE.Google Scholar
  28. Fournaris, A. P., Lampropoulos, K., & Koufopavlou, O. (2018). Trusted hardware sensors for anomaly detection in critical infrastructure systems. In Modern Circuits and Systems Technologies (MOCAST), 2018 7th International Conference (pp. 1–4). IEEE.Google Scholar
  29. Fovino, I. N., Carcano, A., Masera, M., & Trombetta, A. (2009). An experimental investigation of malware attacks on SCADA systems. International Journal of Critical Infrastructure Protection, 2, 139–145.CrossRefGoogle Scholar
  30. Francia, G., III, Thornton, D., & Brookshire, T. (2012). Cyberattacks on SCADA systems. In Proceeding of the 16th colloquium for Information Systems Education (pp. 9–14).Google Scholar
  31. Gandhi, R., Sharma, A., Mahoney, W., Sousan, W., Zhu, Q., & Laplante, P. (2011). Dimensions of cyber-attacks: Cultural, social, economic, and political. IEEE Technology and Society Magazine, 30, 28–38. Scholar
  32. Gao, S., Kong, S., & Clarke, E. M. (2013). dReal: An SMT solver for nonlinear theories over the reals. In International Conference on Automated Deduction (pp. 208–214). New York: Springer.Google Scholar
  33. Gollmann, D. (2012). Security for cyber-physical systems. In International doctoral workshop on Mathematical and Engineering Methods in Computer Science (pp. 12–14). New York: Springer.Google Scholar
  34. Halfond, W. G., Viegas, J., Orso, A., et al. (2006). A classification of SQL-injection attacks and countermeasures. In Proceedings of the IEEE International Symposium on Secure Software Engineering (pp. 13–15). IEEE.Google Scholar
  35. Hoare, C. A. R. (1978). Proof of correctness of data representations. In Programming methodology (pp. 269–281). Springer.Google Scholar
  36. Hodge, V., & Austin, J. (2004). A survey of outlier detection methodologies. Artificial Intelligence Review, 22, 85–126.zbMATHCrossRefGoogle Scholar
  37. Humayed, A., Lin, J., Li, F., & Luo, B. (2017). Cyber-physical systems security—A survey. IEEE Internet of Things Journal, 4, 1802–1831. Scholar
  38. Hwang, H., Jung, G., Sohn, K., & Park, S. (2008). A study on MITM (man in the middle) vulnerability in wireless network using 802.1 X and EAP. In Information Science and Security, 2008. ICISS. International Conference (pp. 164–170). IEEE.Google Scholar
  39. Igure, V. M., Laughter, S. A., & Williams, R. D. (2006). Security issues in SCADA networks. Computers & Security, 25, 498–506.CrossRefGoogle Scholar
  40. Kane, A. (2015). Runtime monitoring for safety-critical embedded systems.Google Scholar
  41. Katsigiannis, K., & Serpanos, D. (2018). MTF-storm: A high performance fuzzer for Modbus/TCP. In 2018 IEEE 23rd International Conference on Emerging Technologies and Factory Automation (ETFA) (pp. 926–931). IEEE.Google Scholar
  42. Khan, M. T., Serpanos, D., & Shrobe, H. (2016). A rigorous and efficient run-time security monitor for real-time critical embedded system applications. In Internet of Things (WF-IoT), 2016 IEEE 3rd World Forum (pp. 100–105). IEEE.Google Scholar
  43. Khan, M. T., Serpanos, D., & Shrobe, H. (2018). ARMET: Behavior-based secure and resilient industrial control systems. Proceedings of the IEEE, 106, 129–143.CrossRefGoogle Scholar
  44. Khorshed, M. T., Sharma, N. A., Kumar, K., Prasad, M., Ali, A. B. M. S., & Xiang, Y. (2015). Integrating internet-of-things with the power of cloud computing and the intelligence of big data analytics—A three layered approach. In 2015 2nd Asia-Pacific World Congress on Computer Science and Engineering (APWC on CSE) (pp. 1–8).
  45. Kim, K.-D., & Kumar, P. R. (2012). Cyber-physical systems: A perspective at the centennial. Proceedings of the IEEE, 100, 1287–1308.CrossRefGoogle Scholar
  46. Kim, T. T., & Poor, H. V. (2011). Strategic protection againstdata injection attacks on power grids. IEEE Transactions on Smart Grid, 2, 326–333. Scholar
  47. Koopman, P., & Wagner, M. (2016). Challenges in autonomous vehicle testing and validation. SAE International Journal of Transportation Safety, 4, 15–24.CrossRefGoogle Scholar
  48. Koulamas, C., & Kalogeras, A. (2018). Cyber-physical systems and digital twins in the industrial IoT. Computer, 51(11), 95–98.CrossRefGoogle Scholar
  49. Koulamas, C., & Lazarescu, M. T. (2018). Real-time embedded systems: Present and future. MDPI Electronics, 7.Google Scholar
  50. Kriebel, F., Rehman, S., Hanif, M. A., Khalid, F., & Shafique, M. (2018). Robustness for smart cyber physical systems and internet-of-things: From adaptive robustness methods to reliability and security for machine learning. In 2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI) (pp. 581–586).
  51. Lakhina, A., Crovella, M., & Diot, C. (2005). Mining anomalies using traffic feature distributions. In ACM SIGCOMM Computer Communication Review (pp. 217–228). New York: ACM.Google Scholar
  52. Langner, R. (2011). Stuxnet: Dissecting a cyberwarfare weapon. IEEE Security and Privacy, 9, 49–51.CrossRefGoogle Scholar
  53. Lee, P., Clark, A., Bushnell, L., & Poovendran, R. (2014). A passivity framework for modeling and mitigating wormhole attacks on networked control systems. IEEE Transactions on Automatic Control, 59, 3224–3237. Scholar
  54. Lei, H., Chen, B., Butler-Purry, K. L., & Singh, C. (2018). Security and reliability perspectives in cyber-physical smart grids. In 2018 IEEE Innovative Smart Grid Technologies - Asia (ISGT Asia) (pp. 42–47).
  55. Leverett, E. P. (2011). Quantitatively assessing and visualising industrial system attack surfaces. University of Cambridge, Darwin College, 7.Google Scholar
  56. Lin, S.-W., Crawford, M., & Mellor, S. (2017a). The industrial internet of things, volume G1: Reference architecture. Industrial Internet Consortium.Google Scholar
  57. Lin, S.-W., Murphy, B., Clauer, E., Loewen, U., Neubert, R., Bachmann, G., et al. (2017b). Architecture alignment and interoperability - An industrial internet consortium and platform industrie 4.0 joint whitepaper (No. IIC:WHT: IN3: V1.0:PB: 2017120 5).Google Scholar
  58. Mamdouh, M., Elrukhsi, M. A. I., & Khattab, A. (2018). Securing the internet of things and wireless sensornetworks via machine learning: A survey. In 2018 International Conference on Computer and Applications (ICCA) (pp. 215–218).
  59. Martinelli, F., & Matteucci, I. (2007). An approach for the specification, verification and synthesis of secure systems. Electronic Notes in Theoretical Computer Science, 168, 29–43.CrossRefGoogle Scholar
  60. Matteucci, I. (2007). Automated synthesis of enforcing mechanisms for security properties in a timed setting. Electronic Notes in Theoretical Computer Science, 186, 101–120.MathSciNetzbMATHCrossRefGoogle Scholar
  61. Mitchell, R., & Chen, I.-R. (2014). A survey of intrusion detection techniques for cyber-physical systems. ACM Computing Surveys(CSUR), 46, 55.Google Scholar
  62. Mo, Y., Garone, E., Casavola, A., & Sinopoli, B. (2010). False data injection attacks against state estimation in wireless sensor networks. In 49th IEEE Conference on Decision and Control (CDC) (pp. 5967–5972).
  63. Mo, Y., Kim, T. H.-J., Brancik, K., Dickinson, D., Lee, H., Perrig, A., & Sinopoli, B. (2012). Cyber-physical security of a smart grid infrastructure. Proceedings of the IEEE, 100, 195–209.CrossRefGoogle Scholar
  64. Mouratidis, H., Giorgini, P., & Manson, G. (2003). Integrating security and systems engineering: Towards the modelling of secure information systems. In J. Eder & M. Missikoff (Eds.), Advanced information systems engineering (pp. 63–78). Berlin: Springer.Google Scholar
  65. Neuman, D. C. (2009). Challenges in security for cyber-physical systems. In DHS workshop on future directions in cyber-physical systems security.Google Scholar
  66. Pang, Z. H., Liu, G. P., & Dong, Z. (2011). Secure networked control systems under denial of service attacks. In IFAC proceedings volumes, 18th IFAC World Congress 44, 8908–8913. Scholar
  67. Paxson, V. (1998). Bro. A system for detecting network intruders in real-time. In Proceedings of the 7th USENIX security symposium.Google Scholar
  68. Pfleeger, C. P., & Pfleeger, S. L. (2006). Security in computing (4th ed.). Upper Saddle River, NJ: Prentice Hall.zbMATHGoogle Scholar
  69. Qin, S. J. (2012). Survey on data-driven industrial process monitoring and diagnosis. Annual Reviews in Control, 36, 220–234.CrossRefGoogle Scholar
  70. Rajkumar, R., Lee, I., Sha, L., & Stankovic, J. (2010). Cyber-physical systems: The next computing revolution. In Design Automation Conference (DAC), 2010 47th ACM/IEEE (pp. 731–736). IEEE.Google Scholar
  71. Rigatos, G. (2015). Differential flatness approaches to nonlinear filtering and control: Applications to electromechanical systems. New York: Springer.zbMATHCrossRefGoogle Scholar
  72. Rigatos, G. (2016). Intelligent renewable energy systems: Modelling and control. Cham: Springer.CrossRefGoogle Scholar
  73. Ross, R. S., Katzke, S. W., & Johnson, L. A. (2006). Minimum security requirements for federal information and information systems.Google Scholar
  74. Ruiz, J. F., Maña, A., & Rudolph, C. (2015). An integrated security and systems engineering process and modelling framework. The Computer Journal, 58, 2328–2350.CrossRefGoogle Scholar
  75. Ryu, D. H., Kim, H., & Um, K. (2009). Reducing security vulnerabilities for critical infrastructure. Journal of Loss Prevention in the Process Industries, 22, 1020–1024.CrossRefGoogle Scholar
  76. Santamarta, R. (2012). Here be backdoors: A journey into the secrets of industrial firmware. Black Hat USA.Google Scholar
  77. Schweichhart, K. (n.d.). Reference architectural model industrie 4.0 (RAMI 4.0) - An introduction.Google Scholar
  78. Serpanos, D. (2018). The cyber-physical systems revolution. Computer, 51, 70–73.CrossRefGoogle Scholar
  79. Serpanos, D., & Wolf, M. (2017). Internet-of-things (IoT) systems: Architectures, algorithms, methodologies. Cham: Springer.Google Scholar
  80. Setola, R. (2011). Cyber threats to SCADA systems.Google Scholar
  81. Singh, V. P., Kishor, N., & Samuel, P. (2016). Load frequency control with communication topology changes in smart grid. IEEE Transactions on Industrial Informatics, 12, 1943–1952. Scholar
  82. Soulat, R. (2014). Synthesis of correct-by-design schedulers for hybrid systems (PhD Thesis). École normale supérieure de Cachan-ENS Cachan.Google Scholar
  83. Tao, F., Zhang, H., Liu, A., & Nee, A. (2018). Digital twin in industry: State-of-the-art. IEEE Transactions on Industrial Informatics, 15(4), 2405–2415.CrossRefGoogle Scholar
  84. Tauber, M., & Schmittner, C. (2018). Enabling security and safety evaluation in industry 4.0 use cases with digital twins. ERCIM News.Google Scholar
  85. Turk, R. J., et al. (2005). Cyber incidents involving control systems. New York: CiteSeer.CrossRefGoogle Scholar
  86. Watterson, C., & Heffernan, D. (2007). Runtime verification and monitoring of embedded systems. IET Software, 1, 172–179.CrossRefGoogle Scholar
  87. Welch, D., & Lathrop, S. (2003). Wireless security threat taxonomy. In Information assurance workshop, 2003. IEEE systems, man and cybernetics society (pp. 76–83). IEEE.Google Scholar
  88. Yang, J., Yessenov, K., & Solar-Lezama, A. (2012). A language for automatically enforcing privacy policies. In ACM SIGPLAN notices (pp. 85–96). New York: ACM.Google Scholar
  89. Zhang, M., Duan, Y., Feng, Q., & Yin, H. (2015). Towards automatic generation of security-centric descriptions for android apps. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (pp. 518–529). New York: ACM.Google Scholar
  90. Zhang, H., Shu, Y., Cheng, P., & Chen, J. (2016). Privacy and performance trade-off in cyber-physical systems. IEEE Network, 30, 62–66. Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Apostolos P. Fournaris
    • 1
    Email author
  • Andreas Komninos
    • 1
  • Aris S. Lalos
    • 1
  • Athanasios P. Kalogeras
    • 1
  • Christos Koulamas
    • 1
  • Dimitrios Serpanos
    • 1
  1. 1.Industrial Systems InstituteATHENA Research CenterPatrasGreece

Personalised recommendations