Abstract
Cooperating systems are systems of systems that collaborate for a common purpose. Cooperating cyber-physical systems often base important decisions on data gathered from external sensors and use external actuators to enforce safety critical actions. Using the example of a hydroelectric power plant control system, this paper analyzes security threats for networked cooperating systems, where sensors providing decision critical data are placed in non-protected areas and thus are exposed to various kinds of attacks. We propose a concept for trust establishment in cyber-physical cooperating systems. Using trusted event reporting for critical event sources, the authenticity of the security related events can be verified. Based on measurements obtained with a prototypical realisation, we evaluate and analyze the amount of overhead data transmission between event source and data verification system needed for trust establishment. We propose an efficient synchronisation scheme for system integrity data, reducing network traffic as well as verification effort.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alcaraz, C., Lopez, J., Zhou, J., Roman, R.: Secure SCADA framework for the protection of energy control systems. Concur. Comput. Pract. Exp. 23(12), 1431–1442 (2011)
Bodeau, D.J.: System-of-systems security engineering. In: Proceedings of the 10th Annual Computer Security Applications Conference, Orlando, Florida, pp. 228–235. IEEE Computer Society (1994)
Bohli, J.M., Langendörfer, P., Skarmeta, A.F.: Security and privacy challenge in data aggregation for the IoT in smart cities. In: Internet of Things: Converging Technologies for Smart Environments and Integrated Ecosystems, pp. 225–244. River Publishers (2013)
Choi, J., Shin, I., Seo, J., Lee, C.: An efficient message authentication for non-repudiation of the smart metering service. In: ACIS/JNU International Conference on Computers, Networks, Systems and Industrial Engineering, pp. 331–333 (2011)
Coppolino, L., D’Antonio, S., Romano, L., Spagnuolo, G.: An intrusion detection system for critical information infrastructures using wireless sensor network technologies. In: 2010 5th International Conference on Critical Infrastructure (CRIS), pp. 1–8 (sept 2010)
Coppolino, L., D’Antonio, S., Romano, L.: Dependability and resilience of computer networks (SCADA cybersecurity). In: Critical Infrastructure Security: Assessment, Prevention, Detection, Response. WIT press (in press)
Coppolino, L., Jäger, M., Kuntze, N., Rieke, R.: A trusted information agent for security information and event management. In: ICONS 2012, The Seventh International Conference on Systems, February 29 - March 5, 2012, Reunion Island, pp. 6–12. IARIA (2012)
Dan, G., Sandberg, H., Ekstedt, M., Björkman, G.: Challenges in power system information security. IEEE Secur. Priv. 10(4), 62–70 (2012)
Derler, P., Lee, E.A., Sangiovanni-Vincentelli, A.: Modeling cyber-physical systems. Proc. IEEE (Spec. Issue CPS) 100(1), 13–28 (2012)
Gao, J., Xiao, Y., Liu, J., Liang, W., Chen, C.L.P.: A survey of communication/networking in smart grids. Future Gener. Comp. Syst. 28(2), 391–404 (2012)
Gerlach, M.: Trusted network on wheels. ERCIM News, pp. 32–33, October 2005
Gladyshev, P., Patel, A.: Formalising event time bounding in digital investigations. Int. J. Digital Evid. 4, 1–14 (2005)
Hauser, C.H., Bakken, D.E., Dionysiou, I., Gjermundrød, K.H., Irava, V.S., Helkey, J., Bose, A.: Security, trust, and qos in next-generation control and communication for large power systems. IJCIS 4(1/2), 3–16 (2008)
Hawley, M., Howard, P., Koelle, R., Saxton, P.: Collaborative security management: Developing ideas in security management for air traffic control. In: Proceedings of 2013 International Conference on Availability, Reliability and Security, ARES 2013, pp. 808–806. IEEE Computer Society (2013)
IBM: A strategic approach to protecting scada and process control systems. Technical report, IBM Corporation (2007). http://www.iss.net/documents/whitepapers/SCADA.pdf. Accessed13 May 2015
Kuntze, N., Rudolph, C., Cupelli, M., Liu, J., Monti, A.: Trust infrastructures for future energy networks. In: Power and Energy Society General Meeting - Power Systems Engineering in Challenging Times (2010)
Kuntze, N., Mähler, D., Schmidt, A.U.: Employing Trusted Computing for the forward pricing of pseudonyms in reputation systems. In: Axmedis 2006, Proceedings of the 2nd International Conference on Automated Production of Cross Media Content for Multi-Channel Distribution, Volume for Workshops, Industrial, and Application Sessions (2006)
Kuntze, N., Rudolph, C.: Secure digital chains of evidence. In: Sixth International Workshop on Systematic Approaches to Digital Forensic Engeneering (2011)
LeMay, M., Gunter, C.A.: Cumulative attestation kernels for embedded systems. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 655–670. Springer, Heidelberg (2009)
Liu, J., Yu, F., Lung, C.-H., Tang, H.: Optimal combined intrusion detection and biometric-based continuous authentication in high security mobile Ad Hoc networks. IEEE Trans. Wirel. Commun. 8(2), 806–815 (2009)
Mitchell, C.: Trusted Computing. Institution of Electrical Engineers (2005)
Myers, B.K., Dutson, G.C., Sherman, T.: Utilizing automated monitoring for the franzen reservoir dam safety program. In: 25th USSD Annual Meeting and Conference Proceedings (2005)
Neves, N., Kuntze, N., Sarno, C.D., Vianello, V., et al.: Resilient SIEM framework architecture, services and protocols. Deliverable D5.1.4, FP7-257475 MASSIF European project, September 2013
Nicolett, M., Kavanagh, K.M.: Magic Quadrant for Security Information and Event Management. Gartner Reasearch, May 2010
Oberle, A., Rein, A., Kuntze, N., Rudolph, C., Paatero, J., Lunn, A., Racz, P.: Integrating trust establishment into routing protocols of today’s MANETs. In: Wireless Communications and Networking Conference (WCNC), 2013 IEEE, pp. 2369–2374. IEEE (2013)
Parekh, M., Stone, K., Delborne, J.: Coordinating intelligent and continuous performance monitoring with dam and levee safety management policy. In: Association of State Dam Safety Officials, Proceedings of Dam Safety Conference 2010 (2010)
Pollitt, M.: Report on digital evidence. In: 13th INTERPOL Forensic Science Symposium. Citeseer (2001)
Reith, M., Carr, C., Gunsch, G.: An examination of digital forensic models. Int. J. Digital Evid. 1(3), 1–12 (2002)
Richter, J., Kuntze, N., Rudolph, C.: Security digital evidence. In: 2010 Fifth International Workshop on Systematic Approaches to Digital Forensic Engineering, pp. 119–130. IEEE (2010)
Rieke, R., Coppolino, L., Hutchison, A., Prieto, E., Gaber, C.: Security and reliability requirements for advanced security event management. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2012. LNCS, vol. 7531, pp. 171–180. Springer, Heidelberg (2012)
Rieke, R., Prieto, E., Diaz, R., Debar, H., Hutchison, A.: Challenges for advanced security monitoring – The MASSIF project. In: Fischer-Hübner, S., Katsikas, S., Quirchmayr, G. (eds.) TrustBus 2012. LNCS, vol. 7449, pp. 222–223. Springer, Heidelberg (2012)
Rieke, R., Repp, J., Zhdanova, M., Eichler, J.: Monitoring security compliance of critical processes. In: 2014 22th Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP), pp. 525–560. IEEE Computer Society, February 2014
Rieke, R., Zhdanova, M., Repp, J.: Security compliance tracking of processes in networked cooperating systems. J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl. (JoWUA) 6(2), 21–40 (2015)
Russell, S.J., Norvig, P.: Artificial Intelligence: A Modern Approach, 2nd edn. Pearson Education, Paris (2003)
Sailer, R., Zhang, X., Jaeger, T., Van Doorn, L.: Design and implementation of a tcg-based integrity measurement architecture. In: USENIX Security Symposium, vol. 13, pp. 223–238 (2004)
Stumpf, F., Fuchs, A., Katzenbeisser, S., Eckert, C.: Improving the scalability of platform attestation. In: Proceedings of the Third ACM Workshop on Scalable Trusted Computing (ACM STC 2008), pp. 1–10. ACM Press, Fairfax, 31 October 2008
Trusted Computing Group TPM Working Group: TCG Specification Architecture Overview. (2007). http://www.trustedcomputinggroup.org/resources/
Wang, W., Xu, Y., Khanna, M.: A survey on the communication architectures in smart grid. Comput. Netw. 55(15), 3604–3629 (2011)
Wang, Y.: sscada: Securing SCADA infrastructure communications. CoRR abs/1207.5434 (2012). http://arxiv.org/abs/1207.5434
Winkler, T., Rinner, B.: TrustCAM: security and privacy-protection for an embedded smart camera based on trusted computing. In: Proceedings of the Conference on Advanced Video and Signal-Based Surveillance (2010)
Xu, X., Bessis, N., Cao, J.: An autonomic agent trust model for iot systems. Procedia Comput. Sci. 21, 107–113 (2013). the 4th International Conference on Emerging Ubiquitous Systems and Pervasive Networks (EUSPN-2013) and the 3rd International Conference on Current and Future Trends of Information and Communication Technologies in Healthcare (ICTH)
Zaldivar, J., Calafate, C.T., Cano, J.C., Manzoni, P.: Providing accident detection in vehicular networks through obd-ii devices and android-based smartphones. In: 2011 IEEE 36th Conference on Local Computer Networks (LCN), pp. 813–819. IEEE (2011)
Zhu, B., Joseph, A., Sastry, S.: A taxonomy of cyber attacks on scada systems. In: Proceedings of the 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing, ITHINGSCPSCOM 2011, pp. 380–388. IEEE Computer Society, Washington, DC (2011)
Acknowledgements
Roland Rieke, Nicolai Kuntze, and Luigi Coppolino developed the work presented here in the context of the project MASSIF (ID 257475) being co-funded by the European Commission within FP7.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Rein, A., Rieke, R., Jäger, M., Kuntze, N., Coppolino, L. (2016). Trust Establishment in Cooperating Cyber-Physical Systems. In: Bécue, A., Cuppens-Boulahia, N., Cuppens, F., Katsikas, S., Lambrinoudakis, C. (eds) Security of Industrial Control Systems and Cyber Physical Systems. CyberICS WOS-CPS 2015 2015. Lecture Notes in Computer Science(), vol 9588. Springer, Cham. https://doi.org/10.1007/978-3-319-40385-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-40385-4_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-40384-7
Online ISBN: 978-3-319-40385-4
eBook Packages: Computer ScienceComputer Science (R0)