Visible to the public Investigating Attack Propagation in a SoS via a Service Decomposition

TitleInvestigating Attack Propagation in a SoS via a Service Decomposition
Publication TypeConference Paper
Year of Publication2019
AuthorsLisova, Elena, El Hachem, Jamal, Causevic, Aida
Conference Name2019 IEEE World Congress on Services (SERVICES)
Date Published8-13 July 2019
PublisherIEEE
ISBN Number978-1-7281-3851-0
Keywordsattack propagation, attack propagation problem, autonomous quarry, Autonomous vehicles, communication as a service, Complexity theory, compositionality, connected systems, cyber physical systems, decomposition, independent systems, malicious adversaries, Metrics, pubcrawl, risk management, Safety, security, security of data, Sensors, Service, service decomposition, service levels, service-guarantees, SoS design, SoS development life cycle, SoS risk assessment, SoS structure, system decomposition, system of systems, systems of systems
Abstract

A term systems of systems (SoS) refers to a setup in which a number of independent systems collaborate to create a value that each of them is unable to achieve independently. Complexity of a SoS structure is higher compared to its constitute systems that brings challenges in analyzing its critical properties such as security. An SoS can be seen as a set of connected systems or services that needs to be adequately protected. Communication between such systems or services can be considered as a service itself, and it is the paramount for establishment of a SoS as it enables connections, dependencies, and a cooperation. Given that reliable and predictable communication contributes directly to a correct functioning of an SoS, communication as a service is one of the main assets to consider. Protecting it from malicious adversaries should be one of the highest priorities within SoS design and operation. This study aims to investigate the attack propagation problem in terms of service-guarantees through the decomposition into sub-services enriched with preconditions and postconditions at the service levels. Such analysis is required as a prerequisite for an efficient SoS risk assessment at the design stage of the SoS development life cycle to protect it from possibly high impact attacks capable of affecting safety of systems and humans using the system.

URLhttps://ieeexplore.ieee.org/document/8817189
DOI10.1109/SERVICES.2019.00017
Citation Keylisova_investigating_2019