Skip to main content
SpringerLink
Log in

Overview of Security for Smart Cyber-Physical Systems

  • Chapter
  • First Online:
Security of Cyber-Physical Systems

Abstract

The tremendous growth of interconnectivity and dependencies of physical and cyber domains in cyber-physical systems (CPS) makes them vulnerable to several security threats like remote cyber-attacks, hardware, and software-based side-channel attacks, especially in safety-critical applications, i.e., healthcare, autonomous driving, etc. Though traditional software or hardware security measures can address these attacks in the respective domains due to enormous data and interdependencies of the physical-world and cyber-world, these techniques cannot be used directly. Therefore, to address these challenges, machine learning-based security measures have been proposed. This chapter first presents a brief overview of various security threats at different CPS layers, their respective threat models, and associated research challenges towards developing robust security measures. Towards the end, we briefly discuss and present a preliminary analysis of the state-of-the-art online anomaly detection techniques that leverage the machine learning algorithms and property-specific language, respectively.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Black-box model: When the attacker has only access to the inputs and outputs of the targeted model.

  2. 2.

    White-box model: When the attacker knows the architecture, trained weights and all other parameters of the targeted model.

References

  1. R.F. Babiceanu et al., Big data and virtualization for manufacturing cyber-physical systems: a survey of the current status and future outlook. Comput. Ind. 81, 128–137 (2016)

    Article  Google Scholar 

  2. R. Rajkumar et al., Cyber-physical systems: the next computing revolution, in IEEE DAC (2010), pp. 731–736

    Google Scholar 

  3. M. Shafique et al., Intelligent security measures for smart cyber physical systems, in Euromicro/IEEE DSD (2018), pp. 280–287

    Google Scholar 

  4. D. Ratasich et al., A roadmap toward the resilient internet of things for cyber-physical systems. IEEE Access 7, 13260–13283 (2019)

    Article  Google Scholar 

  5. J. Giraldo et al., Security and privacy in cyber-physical systems: a survey of surveys. IEEE Des. Test 34(4), 7–17 (2017)

    Article  Google Scholar 

  6. A. Humayedet al., Cyber-physical systems security—a survey. IEEE Internet Things J. 4(6), 1802–1831 (2017)

    Google Scholar 

  7. M. Pelino et al., The Internet of Things Heat Map, 2017 (Forrester Research, Cambridge, 2017)

    Google Scholar 

  8. Statista. Internet of things (IoT) connected devices installed base worldwide from 2015 to 2025 (in billions) (2019). https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/. Accessed 04 Nov 2019

  9. F. Kriebel et al., Robustness for smart cyber physical systems and internet-of-things: from adaptive robustness methods to reliability and security for machine learning, in IEEE ISVLSI (2018), pp. 581–586

    Google Scholar 

  10. S. Rehman et al., Hardware and software techniques for heterogeneous fault-tolerance, in IEEE IOLTS (2018), pp. 115–118

    Google Scholar 

  11. R.B. Sowby, Hydroterrorism: a threat to water resources. Wasatch Water Rev. 1–4 (2016)

    Google Scholar 

  12. S.A. Timashev, Cyber reliability, resilience, and safety of physical infrastructures, in IOP Conference Series: Materials Science and Engineering, vol. 481 (2019), p. 012009

    Google Scholar 

  13. C. Cerrudo, An emerging us (and world) threat: cities wide open to cyber attacks. Secur. Smart Cities 17, 137–151 (2015)

    Google Scholar 

  14. S.A. Groeneveld, N. Jongejan, A.T.L. Fiolet et al., Hacking into a pacemaker; risks of smart healthcare devices. Nederlands tijdschrift voor geneeskunde 163 (2019)

    Google Scholar 

  15. J.L. Beavers et al., Hacking NHS pacemakers: a feasibility study, in IEEE ICGS3 (2019), pp. 206–212

    Google Scholar 

  16. Y. Shoukry et al., Non-invasive spoofing attacks for anti-lock braking systems, in International Workshop on Cryptographic Hardware and Embedded Systems (Springer, Berlin, 2013), pp. 55–72

    Google Scholar 

  17. S.N. Narayanan et al., Security in smart cyber-physical systems: a case study on smart grids and smart cars, in Smart Cities Cybersecurity and Privacy (Elsevier, Amsterdam, 2019), pp. 147–163

    Google Scholar 

  18. Y. Shoukry et al., Pycra: physical challenge-response authentication for active sensors under spoofing attacks, in AM CCS (2015), pp. 1004–1015

    Google Scholar 

  19. A. Francillon, B. Danev, S. Capkun, Relay attacks on passive keyless entry and start systems in modern cars, in NDSS, 2011

    Google Scholar 

  20. D. Preuveneers et al., The intelligent industry of the future: a survey on emerging trends, research challenges and opportunities in industry 4.0. J. Ambient Intell. Smart Environ. 9(3), 287–298 (2017)

    Google Scholar 

  21. C.-T. Lin et al., Cyber attack and defense on industry control systems, in IEEE Conference on Dependable and Secure Computing (2017), pp. 524–526

    Google Scholar 

  22. D. Antonioli et al., Taking control: design and implementation of botnets for cyber-physical attacks with CPSBot (2018). Preprint. arXiv:1802.00152

    Google Scholar 

  23. P. Wang et al., Cyber-physical anomaly detection for power grid with machine learning, in Industrial Control Systems Security and Resiliency (Springer, Berlin, 2019), pp. 31–49

    Google Scholar 

  24. S. Jin et al., Changepoint-based anomaly detection for prognostic diagnosis in a core router system, in IEEE TCAD, 2018

    Google Scholar 

  25. T. Roth et al., Physical attestation of cyber processes in the smart grid, in Springer ICIIS (2013), pp. 96–107

    Google Scholar 

  26. H.R. Ghaeini et al., Patt: physics-based attestation of control systems, in RAID (2019), pp. 165–180

    Google Scholar 

  27. A. Essa et al., Cyber physical sensors system security: threats, vulnerabilities, and solutions, in IEEE ICSGSC (2018), pp. 62–67

    Google Scholar 

  28. H. Salmani et al., On design vulnerability analysis and trust benchmarks development, in IEEE ICCD (2013), pp. 471–474

    Google Scholar 

  29. B. Shakya et al., Benchmarking of hardware Trojans and maliciously affected circuits. J. Hardware Syst. Secur. 1(1), 85–102 (2017)

    Article  Google Scholar 

  30. J. Wurm et al., Introduction to cyber-physical system security: a cross-layer perspective. IEEE Trans. Multi-Scale Comput. Syst. 3(3), 215–227 (2016)

    Article  Google Scholar 

  31. S.R. Chhetri et al., Cross-domain security of cyber-physical systems, in IEEE ASP-DAC (2017), pp. 200–205

    Google Scholar 

  32. Y. Liu et al., False data injection attacks against state estimation in electric power grids. ACM Trans. Inf. Syst. Secur. 14(1), 13 (2011)

    Google Scholar 

  33. E. Nakashima et al., Hackers have attacked foreign utilities, CIA analyst says. Washington Post, 19, 2008

    Google Scholar 

  34. H. Fawzi et al., Secure estimation and control for cyber-physical systems under adversarial attacks. IEEE Trans. Autom. Control 59(6), 1454–1467 (2014)

    Article  MathSciNet  MATH  Google Scholar 

  35. F. Pasqualetti et al., Attack detection and identification in cyber-physical systems. IEEE Trans. Autom. Control 58(11), 2715–2729 (2013)

    Article  MathSciNet  MATH  Google Scholar 

  36. Y. Mo et al., Detecting integrity attacks on SCADA systems. IEEE Trans. Control Syst. Technol. 22(4), 1396–1407 (2013)

    Google Scholar 

  37. M. Zeller, Myth or reality—does the aurora vulnerability pose a risk to my generator?, in IEEE Conference for Protective Relay Engineers (2011), pp. 130–136

    Google Scholar 

  38. S. Islam et al., Physical layer security for the smart grid: vulnerabilities, threats and countermeasures. IEEE Trans. Ind. Inform. 15, 6522–6530 (2019)

    Article  Google Scholar 

  39. C. Li et al., Hijacking an insulin pump: security attacks and defenses for a diabetes therapy system, in IEEE International Conference on e-Health Networking, Applications and Services (2011), pp. 150–156

    Google Scholar 

  40. K. Koscher et al., Experimental security analysis of a modern automobile, in IEEE Symposium on Security and Privacy (2010), pp. 447–462

    Google Scholar 

  41. T. Hoppe et al., Security threats to automotive can networks—practical examples and selected short-term countermeasures. Reliab. Eng. Syst. Saf. 96(1), 11–25 (2011)

    Article  Google Scholar 

  42. S. Han et al., Intrusion detection in cyber-physical systems: techniques and challenges. IEEE Syst. J. 8(4), 1052–1062 (2014)

    Article  Google Scholar 

  43. C. Konstantinou et al., Cyber-physical systems: a security perspective, in IEEE ETS (2015), pp. 1–8

    Google Scholar 

  44. M. Conti, Leaky cps: inferring cyber information from physical properties (and the other way around), in ACM Workshop on CPS (2018), pp. 23–24

    Google Scholar 

  45. A. Chattopadhyay et al., Security of autonomous vehicle as a cyber-physical system, in IEEE ISED (2017), pp. 1–6

    Google Scholar 

  46. J.A. Stankovic, Research directions for the internet of things. IEEE Internet Things J. 1(1), 3–9 (2014)

    Article  MathSciNet  Google Scholar 

  47. Q. Xu et al., Security-aware waveforms for enhancing wireless communications privacy in cyber-physical systems via multipath receptions. IEEE Internet Things J. 4(6), 1924–1933 (2017)

    Article  Google Scholar 

  48. Y. Mo et al., Secure control against replay attacks, in IEEE Allerton (2009), pp. 911–918

    Google Scholar 

  49. L. Peng et al., Energy efficient jamming attack schedule against remote state estimation in wireless cyber-physical systems. Neurocomputing 272, 571–583 (2018)

    Article  Google Scholar 

  50. Y. Li et al., Jamming attacks on remote state estimation in cyber-physical systems: a game-theoretic approach. IEEE Trans. Autom. Control 60(10), 2831–2836 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  51. Y. Won et al., An attack-resilient cps architecture for hierarchical control: a case study on train control systems. IEEE Comput. 51(11), 46–55 (2018)

    Article  Google Scholar 

  52. S. Ali et al., Wsn security mechanisms for cps, in Cyber Security for Cyber Physical Systems (Springer, Berlin, 2018), pp. 65–87

    Google Scholar 

  53. G. Hatzivasilis et al., SCOTRES: secure routing for IoT and CPS. IEEE Internet Things J. 4(6), 2129–2141 (2017)

    Article  Google Scholar 

  54. S.H. Bouk et al., Named data networking’s intrinsic cyber-resilience for vehicular cps. IEEE Access 6, 60570–60585 (2018)

    Article  Google Scholar 

  55. Y. Zhou et al., A secure control learning framework for cyber-physical systems under sensor attacks, in IEEE ACC (2019), pp. 4280–4285

    Google Scholar 

  56. J. Shen et al., A game-theoretic method for cross-layer stochastic resilient control design in cps. Int. J. Syst. Sci. 49(4), 677–691 (2018)

    Article  MathSciNet  MATH  Google Scholar 

  57. S.R. Chhetri et al., Fix the leak!: an information leakage aware secured cyber-physical manufacturing system, in IEEE DATE (2017), pp. 1412–1417

    Google Scholar 

  58. S.R. Chhetri et al., Information leakage-aware computer-aided cyber-physical manufacturing. IEEE Trans. Inf. Forensics Secur. 13(9), 2333–2344 (2018)

    Article  Google Scholar 

  59. J.-S. Wang et al., Data-driven methods for stealthy attacks on TCP/IP-based networked control systems equipped with attack detectors. IEEE Trans. Cybern. 49(8), 3020–3031 (2018)

    Article  Google Scholar 

  60. O. Al Ibrahim et al., Cyber-physical security using system-level PUFs, in IEEE Wireless Communications and Mobile Computing Conference (2011), pp. 1672–1676

    Google Scholar 

  61. C. Liu et al., Securing cyber-physical systems from hardware Trojan collusion. IEEE Trans. Emerg. Top. Comput. (2017)

    Google Scholar 

  62. J.S. Mertoguno et al., A physics-based strategy for cyber resilience of cps, in Autonomous Systems: Sensors, Processing, and Security for Vehicles and Infrastructure, vol. 11009 (2019), p. 110090E

    Google Scholar 

  63. A.A. Cardenas et al., Secure control: towards survivable cyber-physical systems, in IEEE Conference on Distributed Computing Systems Workshops (2008), pp. 495–500

    Google Scholar 

  64. B. Satchidanandan et al., On minimal tests of sensor veracity for dynamic watermarking-based defense of cyber-physical systems, in IEEE COMSNETS (2017), pp. 23–30

    Google Scholar 

  65. J. Siegel et al., A cognitive protection system for the internet of things. IEEE Secur. Priv. 17(3), 40–48 (2019)

    Article  Google Scholar 

  66. A. Petrovski et al., Designing a context-aware cyber physical system for detecting security threats in motor vehicles, in ACM CSIN (2015), pp. 267–270

    Google Scholar 

  67. F. Khalid et al., Simcom: statistical sniffing of inter-module communications for run-time hardware trojan detection (2018). Preprint. arXiv:1901.07299

    Google Scholar 

  68. F.K. Lodhi et al., Power profiling of microcontroller’s instruction set for runtime hardware trojans detection without golden circuit models, in IEEE DATE (2017), pp. 294–297

    Google Scholar 

  69. F. Khalid et al., Behavior profiling of power distribution networks for runtime hardware trojan detection, in IEEE MWSCAS (2017), pp. 1316–1319

    Google Scholar 

  70. F.K. Lodhi et al., A self-learning framework to detect the intruded integrated circuits, in 2016 IEEE ISCAS (2016), pp. 1702–1705

    Google Scholar 

  71. F. Khalid et al., Runtime hardware trojan monitors through modeling burst mode communication using formal verification. Integr. VLSI 61, 62–76 (2018)

    Article  Google Scholar 

  72. F. Khalid et al., Forasec: formal analysis of security vulnerabilities in sequential circuits (2018). Preprint. arXiv:1812.05446

    Google Scholar 

  73. F.K. Lodhi et al., Formal analysis of macro synchronous micro asychronous pipeline for hardware trojan detection, in IEEE NORCAS: NORCHIP (2015), pp. 1–4

    Google Scholar 

  74. I.H. Abbassi et al., Using gate-level side channel parameters for formally analyzing vulnerabilities in integrated circuits. Sci. Comput. Program. 171, 42–66 (2019)

    Article  Google Scholar 

  75. M. Shafique et al., An overview of next-generation architectures for machine learning: roadmap, opportunities and challenges in the iot era, in IEEE DATE (2018), pp. 827–832

    Google Scholar 

  76. M.A. Hanif et al., Robust machine learning systems: reliability and security for deep neural networks, in 2018 IEEE 24th International Symposium on On-Line Testing and Robust System Design (IOLTS) (IEEE, Piscataway, 2018), pp. 257–260

    Google Scholar 

  77. J.J. Zhang et al., Building robust machine learning systems: current progress, research challenges, and opportunities, in ACM/IEEE DAC (2019), pp. 1–4

    Google Scholar 

  78. F. Khalid et al., Security for machine learning-based systems: attacks and challenges during training and inference, in IEEE FIT (2018), pp. 327–332

    Google Scholar 

  79. B. Chen et al., Detecting backdoor attacks on deep neural networks by activation clustering (2018). Preprint. arXiv:1811.03728

    Google Scholar 

  80. Y. Ji et al., Backdoor attacks against learning systems, in IEEE CNS (2017), pp. 1–9

    Google Scholar 

  81. T. Gu et al., BadNets: evaluating backdooring attacks on deep neural networks. IEEE Access 7, 47230–47244 (2019)

    Article  Google Scholar 

  82. A. Marchisio et al., Capsattacks: robust and imperceptible adversarial attacks on capsule networks (2019). Preprint. arXiv:1901.09878

    Google Scholar 

  83. F. Khalid et al., Red-attack: resource efficient decision based attack for machine learning (2019). Preprint. arXiv:1901.10258

    Google Scholar 

  84. A. Marchisio et al., SNN under attack: are spiking deep belief networks vulnerable to adversarial examples? (2019). Preprint. arXiv:1902.01147

    Google Scholar 

  85. F. Khalid et al., TrISec: training data-unaware imperceptible security attacks on deep neural networks, in IEEE IOLTS (2019), pp. 188–193

    Google Scholar 

  86. T. Liu, W. Wen, Y. Jin, SIN 2: stealth infection on neural network—low-cost agile neural trojan attack methodology, in IEEE HOST (2018), pp. 227–230

    Google Scholar 

  87. Y. Liu et al., Neural trojans, in IEEE ICCD (2017), pp. 45–48

    Google Scholar 

  88. Y. Zhao et al., Memory trojan attack on neural network accelerators, in IEEE DATE (2019), pp. 1415–1420

    Google Scholar 

  89. T. Orekondy et al., Knockoff nets: stealing functionality of black-box models, in IEEE CVPR (2019), pp. 4954–4963

    Google Scholar 

  90. A. Salem et al., Updates-leak: data set inference and reconstruction attacks in online learning (2019). Preprint. arXiv:1904.01067

    Google Scholar 

  91. F. Khalid et al., QuSecNets: quantization-based defense mechanism for securing deep neural network against adversarial attacks, in IEEE IOLTS (2019), pp. 182–187

    Google Scholar 

  92. F. Khalid et al., FAdeML: understanding the impact of pre-processing noise filtering on adversarial machine learning, in IEEE DATE (2019), pp. 902–907

    Google Scholar 

  93. H. Ali et al., SSCNets: Robustifying DNNs using Secure Selective Convolutional Filters. IEEE Des. Test37(2), (2020), pp. 58–65

    Article  MathSciNet  Google Scholar 

  94. E. Raff et al., Barrage of random transforms for adversarially robust defense, in IEEE CVPR (2019), pp. 6528–6537

    Google Scholar 

  95. I. Goodfellow, Gradient masking causes clever to overestimate adversarial perturbation size (2018). Preprint. arXiv:1804.07870

    Google Scholar 

  96. F. Tramèr et al., Ensemble adversarial training: attacks and defenses (2017). Preprint. arXiv:1705.07204

    Google Scholar 

  97. X. Xu et al., Detecting AI trojans using meta neural analysis (2019). Preprint. arXiv:1910.03137

    Google Scholar 

  98. Y. Gao et al., Strip: a defence against trojan attacks on deep neural networks (2019). Preprint. arXiv:1902.06531

    Google Scholar 

  99. M. Juuti et al., Prada: protecting against DNN model stealing attacks, in IEEE EuroS&P (2019), pp. 512–527

    Google Scholar 

Download references

Acknowledgements

This work is supported in parts by the Austrian Research Promotion Agency (FFG) and the Austrian Federal Ministry for Transport, Innovation, and Technology (BMVIT) under the “ICT of the Future” project, IoT4CPS: Trustworthy IoT for Cyber-Physical Systems.

Author information

Authors and Affiliations

  1. Technische Universität Wien, Vienna, Austria

    Faiq Khalid, Semeen Rehman & Muhammad Shafique

Authors
  1. Faiq Khalid
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Semeen Rehman
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Muhammad Shafique
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Faiq Khalid .

Editor information

Editors and Affiliations

  1. School of Engineering, University of Guelph, Guelph, ON, Canada

    Hadis Karimipour

  2. Lassonde School of Engineering, York University, Toronto, ON, Canada

    Pirathayini Srikantha

  3. Lassonde School of Engineering, York University, Toronto, ON, Canada

    Hany Farag

  4. College of Computer and Information Technology, Purdue University, West Lafayette, IN, USA

    Jin Wei-Kocsis

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Khalid, F., Rehman, S., Shafique, M. (2020). Overview of Security for Smart Cyber-Physical Systems. In: Karimipour, H., Srikantha, P., Farag, H., Wei-Kocsis, J. (eds) Security of Cyber-Physical Systems. Springer, Cham. https://doi.org/10.1007/978-3-030-45541-5_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-45541-5_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-45540-8

  • Online ISBN: 978-3-030-45541-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation