Cyber-Physical Systems Security

Gollmann, Dieter; Krotofil, Marina

doi:10.1007/978-3-662-49301-4_14

Dieter Gollmann¹⁶ &
Marina Krotofil¹⁶

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9100))

3159 Accesses
8 Citations

Abstract

We argue that cyber-physical systems cannot be protected just by protecting their IT infrastructure and that the CIA approach to security is insufficient. Rather, the IT components should be treated as a control system, inputs to that control system should be checked for veracity, and control algorithms should be designed in a way that they can handle a certain amount of adversarial actions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
https://krebsonsecurity.com/2012/09/chinese-hackers-blamed-for-intrusion-at-energy-industry-giant-telvent/, retrieved February 2015.
2.
http://www.theregister.co.uk/2012/09/28/telvent_hack/.
3.
The earliest source in the authors’ possession is a draft for ISO 7498/2 from 1985.
4.
https://www.shodan.io/, accessed February 2015.
5.
http://www.independent.co.uk/news/rail-fraud-aimed-to-help-success-of-selloff-1317413.html.

References

Anderson, R.: Security engineering. John Wiley & Sons, Hoboken (2008)
Google Scholar
Arends, R., Koch, P.: DNS for fun and profit. In: 12. DFN-CERT Workshop, 2005 (2005). https://www.dfn-cert.de/dokumente/workshop/2005/dfncert-ws2005-f7paper.pdf. Accessed February 2015
Borselius, N.: Mobile agent security. Electron. Commun. Eng. J. 14(5), 211–218 (2002)
Article Google Scholar
Clark, D.R., Wilson, D.R.: A comparison of commercial and military computer security policies. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 184–194 (1987)
Google Scholar
CPS Steering Group. Cyber-physical systems executive summary (2008). http://iccps.acm.org/2013/_doc/CPS-Executive-Summary.pdf. Accessed February 2015
Gollmann, D.: Veracity, plausibility, and reputation. In: Askoxylakis, I., Pöhls, H.C., Posegga, J. (eds.) WISTP 2012. LNCS, vol. 7322, pp. 20–28. Springer, Heidelberg (2012)
Google Scholar
Howard, S., Lorenzin, L.: Utilize open standards to protect control systems networks. RTC Magazine, pp. 28–31, February 2010
Google Scholar
Hruska, J.: Computer viruses. In: Grover, D. (ed.) The Protection of Computer Software - Its Technology and Applications, 2nd edn, pp. 183–219. Cambridge University Press, Cambridge (1992)
Google Scholar
Khalili, A., Sami, A., Azimi, M., Moshtari, S., Salehi, Z., Ghiasi, M., Safavi, A.: Employing secure coding practices into industrial applications: a case study. Empirical Software Engineering, pp. 1–13, December 2014
Google Scholar
Krotofil, M., Cárdenas, A.A., Manning, B., Jason Larsen, C.P.S.: Driving cyber-physical systems to unsafe operating conditions by timing DoS attacks on sensor signals. In Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC 2014, pp. 146–155. ACM, New York (2014)
Google Scholar
Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 3(9), 49–51 (2011)
Article Google Scholar
Langner, R.: To kill a centrifuge. Technical report, Langner Communications (2013)
Google Scholar
Lee, E.A.: Cyber-physical systems - are computing foundations adequate? NSF Workshop on Cyber-Physical Systems (2006)
Google Scholar
Leishear, R.A.: Fluid Mechanics. Dynamic Stresses, and Piping Design. ASME, Water Hammer (2013)
Google Scholar
Sherr, M., Blaze, M., Loo, B.T.: Veracity: Practical secure network coordinates via vote-based agreements. In: USENIX Annual Technical Conference (USENIX-ATC). USENIX, June 2009
Google Scholar
Tippenhauer, N.O., Pöpper, C., Rasmussen, K.B., Capkun, S.: On the requirements for successful GPS spoofing attacks. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 75–86. ACM (2011)
Google Scholar
Tippenhauer, N.O., Rasmussen, K.B., Pöpper, C., Čapkun, S.: Attacks on public WLAN-based positioning systems. In: Proceedings of the 7th International Conference on Mobile Systems, Applications, and Services, pp. 29–40. ACM (2009)
Google Scholar

Download references

Author information

Authors and Affiliations

Security in Distributed Applications, Hamburg University of Technology, Hamburg, Germany
Dieter Gollmann & Marina Krotofil

Authors

Dieter Gollmann
View author publications
You can also search for this author in PubMed Google Scholar
Marina Krotofil
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dieter Gollmann .

Editor information

Editors and Affiliations

Université du Luxembourg , Luxembourg, Luxembourg
Peter Y. A. Ryan
Ecole normale supérieure , Paris, France
David Naccache
Université Catholique de Louvain , Louvain-la-Neuve, Belgium
Jean-Jacques Quisquater

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Gollmann, D., Krotofil, M. (2016). Cyber-Physical Systems Security. In: Ryan, P., Naccache, D., Quisquater, JJ. (eds) The New Codebreakers. Lecture Notes in Computer Science(), vol 9100. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-49301-4_14

Download citation

DOI: https://doi.org/10.1007/978-3-662-49301-4_14
Published: 18 March 2016
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-49300-7
Online ISBN: 978-3-662-49301-4
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics