Determining Tolerable Attack Surfaces that Preserves Safety of Cyber-Physical Systems
| Title | Determining Tolerable Attack Surfaces that Preserves Safety of Cyber-Physical Systems |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | C. Cheh, A. Fawaz, M. A. Noureddine, B. Chen, W. G. Temple, W. H. Sanders |
| Conference Name | 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC) |
| Date Published | Dec |
| Keywords | attacker model, Automata, Communication system signaling, cyber-physical system, cyber-physical system safety, Cyber-physical systems, formal verification, Human Behavior, Monitoring, Fusion, and Response for Cyber Resilience, parameterizable state automaton templates, Policy-Governed Secure Collaboration, Rail transportation, railway signaling system, Resilient Architectures, Safety, safety analysis, safety-critical software, safety-critical systems, security, security analysis, Servers, software fault tolerance, timed automata, Tracking, UIUC |
| Abstract | As safety-critical systems become increasingly interconnected, a system's operations depend on the reliability and security of the computing components and the interconnections among them. Therefore, a growing body of research seeks to tie safety analysis to security analysis. Specifically, it is important to analyze system safety under different attacker models. In this paper, we develop generic parameterizable state automaton templates to model the effects of an attack. Then, given an attacker model, we generate a state automaton that represents the system operation under the threat of the attacker model. We use a railway signaling system as our case study and consider threats to the communication protocol and the commands issued to physical devices. Our results show that while less skilled attackers are not able to violate system safety, more dedicated and skilled attackers can affect system safety. We also consider several countermeasures and show how well they can deter attacks. |
| DOI | 10.1109/PRDC.2018.00023 |
| Citation Key | 8639695 |
| Attachment | Size |
|---|---|
| bytes |
- Rail transportation
- timed automata
- attacker model
- safety analysis
- cyber-physical system
- tracking
- Communication system signaling
- security
- automata
- Servers
- cyber-physical systems
- Safety
- parameterizable state automaton templates
- cyber-physical system safety
- railway signaling system
- Security analysis
- Safety-Critical Systems
- software fault tolerance
- safety-critical software
- formal verification
- Human Behavior
- Policy-Governed Secure Collaboration
- Resilient Architectures
- UIUC
- Monitoring, Fusion, and Response for Cyber Resilience