Abstract
In this paper we identify some of the particular challenges that are encountered when trying to secure cyber-physical systems. We describe three of our current activities: the architecture of a system for monitoring cyber-physical systems; a new approach to modelling dependencies in such systems which leads to a measurement of the security of the system – interpreted as the least effort that an attacker has to expend to compromise the operation; and an approach to optimising the diversity of products used in a system with a view to slowing the propagation of malware. We conclude by discussing how these different threads of work contribute to meeting the challenges and identify possible avenues for future development, as well as providing some pointers to other work.
Partially supported by EPSRC award EP/R022844/1 (RITICS) and EU Horizon 2020 grant 739551 (KIOS Centre of Excellence).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
See https://ritics.org.
- 2.
This is debatable; for example, whilst a cryptographic algorithm may be insecure, it might require so much computational resource to break that it is still safe to use it – although emerging technologies such as quantum computation may change this argument.
- 3.
- 4.
- 5.
- 6.
References
Barrère, M., et al.: CPS-MT: a real-time cyber-physical system monitoring tool for security research. In: 24th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications, pp. 240–241. IEEE Computer Society (2018). https://doi.org/10.1109/RTCSA.2018.00040
Redis. https://redis.io/. Accessed July 2020
RFC 6455 - The WebSocket Protocol. https://tools.ietf.org/html/rfc6455. Accessed July 2020
D3.js - Data Driven Documents. https://d3js.org/. Accessed July 2020
Antonioli, D., Tippenhauer, N.O.: MiniCPS: a toolkit for security research on CPS networks. In: Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy, CPS-SPC 2015 (2015)
Mininet. http://mininet.org/. Accessed July 2020
Barrère, M., Hankin, C., Nicolaou, N., Eliades, D.G., Parisini, T.: Measuring cyber-physical security in industrial control systems via minimum-effort attack strategies. J. Inf. Secur. Appl. 52 (2020). https://doi.org/10.1016/j.jisa.2020.102471
Barrère, M.: META4ICS - Metric Analyser for Industrial Control Systems, May 2019. https://github.com/mbarrere/meta4ics
Barrère, M., Hankin, C., Nicolaou, N., Eliades, D.G., Parisini, T.: MaxSAT evaluation 2019 - benchmark: identifying security-critical cyber-physical components in weighted AND/OR graphs. In: MaxSAT Evaluation 2019 (MSE 2019) (2019). https://arxiv.org/abs/1911.00516
Baudry, B., Monperrus, M.: The multiple facets of software diversity: recent developments in year 2000 and beyond. ACM Comput. Surv. 48(1), 1–26 (2015)
O’Donnell, A.J., Sethu, H.: On achieving software diversity for improved network security using distributed coloring algorithms. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 121–131. ACM, New York (2004)
Li, T., Feng, C., Hankin, C.: Improving ICS cyber resilience through optimal diversification of network resources. CoRR, abs/1811.00142 (2018). To appear at DSN 2020. http://arxiv.org/abs/1811.00142
Moreels, P.-J., Dulaunoy, A.: CVE-SEARCH, GitHub repository at https://github.com/cve-search/cve-search. Accessed 2020
Zhang, M., Wang, L., Jajodia, S., Singhal, A., Albanese, M.: Network diversity: a security metric for evaluating the resilience of networks against zero-day attacks. IEEE Trans. Inf. Forensics Secur. 11(5), 1071–1086 (2016)
Fielder, A., Panaousis, E.A., Malacaria, P., Hankin, C., Smeraldi, F.: Decision support approaches for cyber security investment. Decis. Support Syst. 86, 13–23 (2016). https://doi.org/10.1016/j.dss.2016.02.012
Franz, M.: Making multivariant programming practical and inexpensive. IEEE Secur. Priv. 16, 90–94 (2018). https://doi.org/10.1109/MSP.2018.2701161
Zizzo, G., Hankin, C., Maffeis, S., Jones, K.: Adversarial machine learning beyond the image domain. In: Proceedings of the 56th Annual Design Automation Conference 2019, p. 176. ACM Press (2019). https://doi.org/10.1145/3316781.3323470
Zizzo, G., Hankin, C., Maffeis, S., Jones, K.: Intrusion detection for industrial control systems: evaluation analysis and adversarial attacks. CoRR, abs/1911.04278 (2019). http://arxiv.org/abs/1911.04278
Michalec, A., Van Der Linden, D., Milyaeva, S., Rashid, A.: Industry responses to the European directive on security of network and information systems (NIS): understanding policy implementation practices across critical infrastructures. https://research-information.bris.ac.uk/en/publications/industry-responses-to-the-european-directive-on-security-of-netwo. Accessed July 2020
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Hankin, C., Barrère, M. (2020). Trustworthy Inter-connected Cyber-Physical Systems. In: Rashid, A., Popov, P. (eds) Critical Information Infrastructures Security. CRITIS 2020. Lecture Notes in Computer Science(), vol 12332. Springer, Cham. https://doi.org/10.1007/978-3-030-58295-1_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-58295-1_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-58294-4
Online ISBN: 978-3-030-58295-1
eBook Packages: Computer ScienceComputer Science (R0)