Skip to main content
SpringerLink
Log in

Trust Establishment in Cooperating Cyber-Physical Systems

  • Conference paper
  • First Online:
Security of Industrial Control Systems and Cyber Physical Systems (CyberICS 2015, WOS-CPS 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9588))

Abstract

Cooperating systems are systems of systems that collaborate for a common purpose. Cooperating cyber-physical systems often base important decisions on data gathered from external sensors and use external actuators to enforce safety critical actions. Using the example of a hydroelectric power plant control system, this paper analyzes security threats for networked cooperating systems, where sensors providing decision critical data are placed in non-protected areas and thus are exposed to various kinds of attacks. We propose a concept for trust establishment in cyber-physical cooperating systems. Using trusted event reporting for critical event sources, the authenticity of the security related events can be verified. Based on measurements obtained with a prototypical realisation, we evaluate and analyze the amount of overhead data transmission between event source and data verification system needed for trust establishment. We propose an efficient synchronisation scheme for system integrity data, reducing network traffic as well as verification effort.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Alcaraz, C., Lopez, J., Zhou, J., Roman, R.: Secure SCADA framework for the protection of energy control systems. Concur. Comput. Pract. Exp. 23(12), 1431–1442 (2011)

    Article  Google Scholar 

  2. Bodeau, D.J.: System-of-systems security engineering. In: Proceedings of the 10th Annual Computer Security Applications Conference, Orlando, Florida, pp. 228–235. IEEE Computer Society (1994)

    Google Scholar 

  3. Bohli, J.M., Langendörfer, P., Skarmeta, A.F.: Security and privacy challenge in data aggregation for the IoT in smart cities. In: Internet of Things: Converging Technologies for Smart Environments and Integrated Ecosystems, pp. 225–244. River Publishers (2013)

    Google Scholar 

  4. Choi, J., Shin, I., Seo, J., Lee, C.: An efficient message authentication for non-repudiation of the smart metering service. In: ACIS/JNU International Conference on Computers, Networks, Systems and Industrial Engineering, pp. 331–333 (2011)

    Google Scholar 

  5. Coppolino, L., D’Antonio, S., Romano, L., Spagnuolo, G.: An intrusion detection system for critical information infrastructures using wireless sensor network technologies. In: 2010 5th International Conference on Critical Infrastructure (CRIS), pp. 1–8 (sept 2010)

    Google Scholar 

  6. Coppolino, L., D’Antonio, S., Romano, L.: Dependability and resilience of computer networks (SCADA cybersecurity). In: Critical Infrastructure Security: Assessment, Prevention, Detection, Response. WIT press (in press)

    Google Scholar 

  7. Coppolino, L., Jäger, M., Kuntze, N., Rieke, R.: A trusted information agent for security information and event management. In: ICONS 2012, The Seventh International Conference on Systems, February 29 - March 5, 2012, Reunion Island, pp. 6–12. IARIA (2012)

    Google Scholar 

  8. Dan, G., Sandberg, H., Ekstedt, M., Björkman, G.: Challenges in power system information security. IEEE Secur. Priv. 10(4), 62–70 (2012)

    Article  Google Scholar 

  9. Derler, P., Lee, E.A., Sangiovanni-Vincentelli, A.: Modeling cyber-physical systems. Proc. IEEE (Spec. Issue CPS) 100(1), 13–28 (2012)

    Google Scholar 

  10. Gao, J., Xiao, Y., Liu, J., Liang, W., Chen, C.L.P.: A survey of communication/networking in smart grids. Future Gener. Comp. Syst. 28(2), 391–404 (2012)

    Article  Google Scholar 

  11. Gerlach, M.: Trusted network on wheels. ERCIM News, pp. 32–33, October 2005

    Google Scholar 

  12. Gladyshev, P., Patel, A.: Formalising event time bounding in digital investigations. Int. J. Digital Evid. 4, 1–14 (2005)

    Google Scholar 

  13. Hauser, C.H., Bakken, D.E., Dionysiou, I., Gjermundrød, K.H., Irava, V.S., Helkey, J., Bose, A.: Security, trust, and qos in next-generation control and communication for large power systems. IJCIS 4(1/2), 3–16 (2008)

    Article  Google Scholar 

  14. Hawley, M., Howard, P., Koelle, R., Saxton, P.: Collaborative security management: Developing ideas in security management for air traffic control. In: Proceedings of 2013 International Conference on Availability, Reliability and Security, ARES 2013, pp. 808–806. IEEE Computer Society (2013)

    Google Scholar 

  15. IBM: A strategic approach to protecting scada and process control systems. Technical report, IBM Corporation (2007). http://www.iss.net/documents/whitepapers/SCADA.pdf. Accessed13 May 2015

  16. Kuntze, N., Rudolph, C., Cupelli, M., Liu, J., Monti, A.: Trust infrastructures for future energy networks. In: Power and Energy Society General Meeting - Power Systems Engineering in Challenging Times (2010)

    Google Scholar 

  17. Kuntze, N., Mähler, D., Schmidt, A.U.: Employing Trusted Computing for the forward pricing of pseudonyms in reputation systems. In: Axmedis 2006, Proceedings of the 2nd International Conference on Automated Production of Cross Media Content for Multi-Channel Distribution, Volume for Workshops, Industrial, and Application Sessions (2006)

    Google Scholar 

  18. Kuntze, N., Rudolph, C.: Secure digital chains of evidence. In: Sixth International Workshop on Systematic Approaches to Digital Forensic Engeneering (2011)

    Google Scholar 

  19. LeMay, M., Gunter, C.A.: Cumulative attestation kernels for embedded systems. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 655–670. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  20. Liu, J., Yu, F., Lung, C.-H., Tang, H.: Optimal combined intrusion detection and biometric-based continuous authentication in high security mobile Ad Hoc networks. IEEE Trans. Wirel. Commun. 8(2), 806–815 (2009)

    Article  Google Scholar 

  21. Mitchell, C.: Trusted Computing. Institution of Electrical Engineers (2005)

    Google Scholar 

  22. Myers, B.K., Dutson, G.C., Sherman, T.: Utilizing automated monitoring for the franzen reservoir dam safety program. In: 25th USSD Annual Meeting and Conference Proceedings (2005)

    Google Scholar 

  23. Neves, N., Kuntze, N., Sarno, C.D., Vianello, V., et al.: Resilient SIEM framework architecture, services and protocols. Deliverable D5.1.4, FP7-257475 MASSIF European project, September 2013

    Google Scholar 

  24. Nicolett, M., Kavanagh, K.M.: Magic Quadrant for Security Information and Event Management. Gartner Reasearch, May 2010

    Google Scholar 

  25. Oberle, A., Rein, A., Kuntze, N., Rudolph, C., Paatero, J., Lunn, A., Racz, P.: Integrating trust establishment into routing protocols of today’s MANETs. In: Wireless Communications and Networking Conference (WCNC), 2013 IEEE, pp. 2369–2374. IEEE (2013)

    Google Scholar 

  26. Parekh, M., Stone, K., Delborne, J.: Coordinating intelligent and continuous performance monitoring with dam and levee safety management policy. In: Association of State Dam Safety Officials, Proceedings of Dam Safety Conference 2010 (2010)

    Google Scholar 

  27. Pollitt, M.: Report on digital evidence. In: 13th INTERPOL Forensic Science Symposium. Citeseer (2001)

    Google Scholar 

  28. Reith, M., Carr, C., Gunsch, G.: An examination of digital forensic models. Int. J. Digital Evid. 1(3), 1–12 (2002)

    Google Scholar 

  29. Richter, J., Kuntze, N., Rudolph, C.: Security digital evidence. In: 2010 Fifth International Workshop on Systematic Approaches to Digital Forensic Engineering, pp. 119–130. IEEE (2010)

    Google Scholar 

  30. Rieke, R., Coppolino, L., Hutchison, A., Prieto, E., Gaber, C.: Security and reliability requirements for advanced security event management. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2012. LNCS, vol. 7531, pp. 171–180. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  31. Rieke, R., Prieto, E., Diaz, R., Debar, H., Hutchison, A.: Challenges for advanced security monitoring – The MASSIF project. In: Fischer-Hübner, S., Katsikas, S., Quirchmayr, G. (eds.) TrustBus 2012. LNCS, vol. 7449, pp. 222–223. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  32. Rieke, R., Repp, J., Zhdanova, M., Eichler, J.: Monitoring security compliance of critical processes. In: 2014 22th Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP), pp. 525–560. IEEE Computer Society, February 2014

    Google Scholar 

  33. Rieke, R., Zhdanova, M., Repp, J.: Security compliance tracking of processes in networked cooperating systems. J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl. (JoWUA) 6(2), 21–40 (2015)

    Google Scholar 

  34. Russell, S.J., Norvig, P.: Artificial Intelligence: A Modern Approach, 2nd edn. Pearson Education, Paris (2003)

    MATH  Google Scholar 

  35. Sailer, R., Zhang, X., Jaeger, T., Van Doorn, L.: Design and implementation of a tcg-based integrity measurement architecture. In: USENIX Security Symposium, vol. 13, pp. 223–238 (2004)

    Google Scholar 

  36. Stumpf, F., Fuchs, A., Katzenbeisser, S., Eckert, C.: Improving the scalability of platform attestation. In: Proceedings of the Third ACM Workshop on Scalable Trusted Computing (ACM STC 2008), pp. 1–10. ACM Press, Fairfax, 31 October 2008

    Google Scholar 

  37. Trusted Computing Group TPM Working Group: TCG Specification Architecture Overview. (2007). http://www.trustedcomputinggroup.org/resources/

  38. Wang, W., Xu, Y., Khanna, M.: A survey on the communication architectures in smart grid. Comput. Netw. 55(15), 3604–3629 (2011)

    Article  Google Scholar 

  39. Wang, Y.: sscada: Securing SCADA infrastructure communications. CoRR abs/1207.5434 (2012). http://arxiv.org/abs/1207.5434

  40. Winkler, T., Rinner, B.: TrustCAM: security and privacy-protection for an embedded smart camera based on trusted computing. In: Proceedings of the Conference on Advanced Video and Signal-Based Surveillance (2010)

    Google Scholar 

  41. Xu, X., Bessis, N., Cao, J.: An autonomic agent trust model for iot systems. Procedia Comput. Sci. 21, 107–113 (2013). the 4th International Conference on Emerging Ubiquitous Systems and Pervasive Networks (EUSPN-2013) and the 3rd International Conference on Current and Future Trends of Information and Communication Technologies in Healthcare (ICTH)

    Article  Google Scholar 

  42. Zaldivar, J., Calafate, C.T., Cano, J.C., Manzoni, P.: Providing accident detection in vehicular networks through obd-ii devices and android-based smartphones. In: 2011 IEEE 36th Conference on Local Computer Networks (LCN), pp. 813–819. IEEE (2011)

    Google Scholar 

  43. Zhu, B., Joseph, A., Sastry, S.: A taxonomy of cyber attacks on scada systems. In: Proceedings of the 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing, ITHINGSCPSCOM 2011, pp. 380–388. IEEE Computer Society, Washington, DC (2011)

    Google Scholar 

Download references

Acknowledgements

Roland Rieke, Nicolai Kuntze, and Luigi Coppolino developed the work presented here in the context of the project MASSIF (ID 257475) being co-funded by the European Commission within FP7.

Author information

Authors and Affiliations

  1. Fraunhofer Institute SIT, Darmstadt, Germany

    Andre Rein, Roland Rieke & Nicolai Kuntze

  2. Philipps-Universität Marburg, Marburg, Germany

    Roland Rieke

  3. Technische Hochschule Mittelhessen, Giessen, Germany

    Michael Jäger

  4. Universita Degli Studi di Napoli “Parthenope”, Napoli, Italy

    Luigi Coppolino

Authors
  1. Andre Rein
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Roland Rieke
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michael Jäger
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Nicolai Kuntze
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Luigi Coppolino
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Roland Rieke .

Editor information

Editors and Affiliations

  1. Airbus Defence & Space Cybersecurity, Elancourt, France

    Adrien Bécue

  2. Télécom Bretagne, Cesson-Sévigné, France

    Nora Cuppens-Boulahia

  3. Télécom Bretagne, Cesson Sévigné, France

    Frédéric Cuppens

  4. Center for Cyber & Information Security, Norwegian Univ. of Science & Technology, Gjøvik, Norway

    Sokratis Katsikas

  5. Department of Digital Systems, University of Piraeus, Piraeus, Greece

    Costas Lambrinoudakis

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Rein, A., Rieke, R., Jäger, M., Kuntze, N., Coppolino, L. (2016). Trust Establishment in Cooperating Cyber-Physical Systems. In: Bécue, A., Cuppens-Boulahia, N., Cuppens, F., Katsikas, S., Lambrinoudakis, C. (eds) Security of Industrial Control Systems and Cyber Physical Systems. CyberICS WOS-CPS 2015 2015. Lecture Notes in Computer Science(), vol 9588. Springer, Cham. https://doi.org/10.1007/978-3-319-40385-4_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-40385-4_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-40384-7

  • Online ISBN: 978-3-319-40385-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation