Biblio

As any other infrastructure relying on cyber-physical systems (CPS), naval CPS are highly interconnected and collect considerable data streams, on which depend multiple command and navigation decisions. Being a data-driven decision system requiring optimized supervisory control on a permanent basis, it is critical to examine the CPS vulnerability to anomalies and their propagation. This paper presents an approach to detect CPS anomalies and estimate their propagation applying a quality assessed graph, which represents the CPS physical and digital subsystems, combined with system variables dependencies and a set of data and information quality measures vectors. Following the identification of variables dependencies and high-risk nodes in the CPS, data and information quality measures reveal how system variables are modified when an anomaly is detected, also indicating its propagation path. Taking as reference the normal state of a naval propulsion management system, four anomalies in the form of cyber-attacks - port scan, programmable logical controller stop, and man in the middle to change the motor speed and operation of a tank valve - were produced. Three anomalies were properly detected and their propagation path identified. These results suggest the feasibility of anomaly detection and estimation of propagation estimation in CPS, applying data and information quality analysis to a system graph.

We present Cloud-COVER (Controls and Orderings for Vulnerabilities and ExposuRes), a cloud security threat modelling tool. Cloud-COVER takes input from a user about their deployment, requiring information about the data, instances, connections, their properties, and the importance of various security attributes. This input is used to analyse the relevant threats, and the way they propagate through the system. They are then presented to the user, ordered according to the security attributes they have prioritised, along with the best countermeasures to secure against the dangers listed.