Biblio

We study a game-theoretic model of the interactions between a Cyber-Physical System’s (CPS) operator (the defender) against an attacker who launches stepping-stone attacks to reach critical assets within the CPS. We consider that, in addition to optimally allocating its security budget to protect the assets, the defender may choose to modify the CPS through network design interventions. In particular, we propose and motivate four ways in which the defender can introduce additional nodes in the CPS: these nodes may be intended as additional safeguards, be added for functional or structural redundancies, or introduce additional functionalities in the system. We analyze the security implications of each of these design interventions, and evaluate their impacts on the security of an automotive network as our case study. We motivate the choice of the attack graph for this case study and elaborate how the parameters in the resulting security game are selected using the CVSS metrics and the ISO-26262 ASIL ratings as guidance. We then use numerical experiments to verify and evaluate how our proposed network interventions may be used to guide improvements in automotive security.

This paper explains the work-in-progress on a vehicle safety and security evaluation platform. Since the testing of cyber-attacks on an actual may be costly or dangerous, the platform enables us to evaluate the threat and the risk associated with cyber-attacks in a safe virtual environment. The goal is to integrate vehicle and powertrain models, mobility and network simulators to actual hardware running the control algorithms using CAN communication. Hardware is selected so as to allows expandability and application of wireless modules which will act as additional attack surfaces. In the current paper, the framework and ideology behind is testbed is described and current progress is shown. A simple GPS spoofing attack on a virtual test vehicle is done and some initial results are discussed.