Skip to main content
SpringerLink
Log in

Trustworthy Inter-connected Cyber-Physical Systems

  • Conference paper
  • First Online:
Critical Information Infrastructures Security (CRITIS 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12332))

Abstract

In this paper we identify some of the particular challenges that are encountered when trying to secure cyber-physical systems. We describe three of our current activities: the architecture of a system for monitoring cyber-physical systems; a new approach to modelling dependencies in such systems which leads to a measurement of the security of the system – interpreted as the least effort that an attacker has to expend to compromise the operation; and an approach to optimising the diversity of products used in a system with a view to slowing the propagation of malware. We conclude by discussing how these different threads of work contribute to meeting the challenges and identify possible avenues for future development, as well as providing some pointers to other work.

Partially supported by EPSRC award EP/R022844/1 (RITICS) and EU Horizon 2020 grant 739551 (KIOS Centre of Excellence).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 49.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 64.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    See https://ritics.org.

  2. 2.

    This is debatable; for example, whilst a cryptographic algorithm may be insecure, it might require so much computational resource to break that it is still safe to use it – although emerging technologies such as quantum computation may change this argument.

  3. 3.

    https://www.cisa.gov/national-cybersecurity-communications-integration-center.

  4. 4.

    https://maxsat-evaluations.github.io/2019/.

  5. 5.

    https://ritics.org.

  6. 6.

    https://www.kios.ucy.ac.cy.

References

  1. Barrère, M., et al.: CPS-MT: a real-time cyber-physical system monitoring tool for security research. In: 24th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications, pp. 240–241. IEEE Computer Society (2018). https://doi.org/10.1109/RTCSA.2018.00040

  2. Redis. https://redis.io/. Accessed July 2020

  3. RFC 6455 - The WebSocket Protocol. https://tools.ietf.org/html/rfc6455. Accessed July 2020

  4. D3.js - Data Driven Documents. https://d3js.org/. Accessed July 2020

  5. Antonioli, D., Tippenhauer, N.O.: MiniCPS: a toolkit for security research on CPS networks. In: Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy, CPS-SPC 2015 (2015)

    Google Scholar 

  6. Mininet. http://mininet.org/. Accessed July 2020

  7. Barrère, M., Hankin, C., Nicolaou, N., Eliades, D.G., Parisini, T.: Measuring cyber-physical security in industrial control systems via minimum-effort attack strategies. J. Inf. Secur. Appl. 52 (2020). https://doi.org/10.1016/j.jisa.2020.102471

  8. Barrère, M.: META4ICS - Metric Analyser for Industrial Control Systems, May 2019. https://github.com/mbarrere/meta4ics

  9. Barrère, M., Hankin, C., Nicolaou, N., Eliades, D.G., Parisini, T.: MaxSAT evaluation 2019 - benchmark: identifying security-critical cyber-physical components in weighted AND/OR graphs. In: MaxSAT Evaluation 2019 (MSE 2019) (2019). https://arxiv.org/abs/1911.00516

  10. Baudry, B., Monperrus, M.: The multiple facets of software diversity: recent developments in year 2000 and beyond. ACM Comput. Surv. 48(1), 1–26 (2015)

    Article  Google Scholar 

  11. O’Donnell, A.J., Sethu, H.: On achieving software diversity for improved network security using distributed coloring algorithms. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 121–131. ACM, New York (2004)

    Google Scholar 

  12. Li, T., Feng, C., Hankin, C.: Improving ICS cyber resilience through optimal diversification of network resources. CoRR, abs/1811.00142 (2018). To appear at DSN 2020. http://arxiv.org/abs/1811.00142

  13. Moreels, P.-J., Dulaunoy, A.: CVE-SEARCH, GitHub repository at https://github.com/cve-search/cve-search. Accessed 2020

  14. Zhang, M., Wang, L., Jajodia, S., Singhal, A., Albanese, M.: Network diversity: a security metric for evaluating the resilience of networks against zero-day attacks. IEEE Trans. Inf. Forensics Secur. 11(5), 1071–1086 (2016)

    Article  Google Scholar 

  15. Fielder, A., Panaousis, E.A., Malacaria, P., Hankin, C., Smeraldi, F.: Decision support approaches for cyber security investment. Decis. Support Syst. 86, 13–23 (2016). https://doi.org/10.1016/j.dss.2016.02.012

    Article  Google Scholar 

  16. Franz, M.: Making multivariant programming practical and inexpensive. IEEE Secur. Priv. 16, 90–94 (2018). https://doi.org/10.1109/MSP.2018.2701161

    Article  Google Scholar 

  17. Zizzo, G., Hankin, C., Maffeis, S., Jones, K.: Adversarial machine learning beyond the image domain. In: Proceedings of the 56th Annual Design Automation Conference 2019, p. 176. ACM Press (2019). https://doi.org/10.1145/3316781.3323470

  18. Zizzo, G., Hankin, C., Maffeis, S., Jones, K.: Intrusion detection for industrial control systems: evaluation analysis and adversarial attacks. CoRR, abs/1911.04278 (2019). http://arxiv.org/abs/1911.04278

  19. Michalec, A., Van Der Linden, D., Milyaeva, S., Rashid, A.: Industry responses to the European directive on security of network and information systems (NIS): understanding policy implementation practices across critical infrastructures. https://research-information.bris.ac.uk/en/publications/industry-responses-to-the-european-directive-on-security-of-netwo. Accessed July 2020

Download references

Author information

Authors and Affiliations

  1. Institute for Security Science and Technology, Imperial College London, London, UK

    Chris Hankin & Martín Barrère

Authors
  1. Chris Hankin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Martín Barrère
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chris Hankin .

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Bristol, Bristol, UK

    Awais Rashid

  2. Department of Computer Science, City, University of London, London, UK

    Peter Popov

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Hankin, C., Barrère, M. (2020). Trustworthy Inter-connected Cyber-Physical Systems. In: Rashid, A., Popov, P. (eds) Critical Information Infrastructures Security. CRITIS 2020. Lecture Notes in Computer Science(), vol 12332. Springer, Cham. https://doi.org/10.1007/978-3-030-58295-1_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-58295-1_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-58294-4

  • Online ISBN: 978-3-030-58295-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation