Abstract
How does one defend Cyber-Physical Systems (CPSs) in the face of changing security threats without continuous manual intervention? These systems form a critical part of national infrastructure and exist within an ever changing dynamic threat environment. The static security policies programmed into systems cannot react quickly to changing threats. We describe how a MAPE-K-based threat-centered dynamic policy framework could reconfigure CPSs in the face of attack. The framework encodes threats, their mitigations, and a threat posture as a mechanism for deciding how best to react. We describe our framework, a prototype implementation and show how it be integrated within a testbed CPS demonstrator. Threat centered dynamic policies allow us to harden a system as the threat assessment evolves, reconfiguring a system and how on the basis of policy and perceived threat.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
One of the earliest known cyber attacks is on Maroochy Water Services in Australia which led to sewage spilling over a large area causing disruption and environmental damage.
- 2.
More accurately a physical key would have to be turned to put the PLC into programming mode and allow any remote loading of logic into the PLC (e.g., in the Triton attack [22]).
- 3.
Modbus is a standard PLC communication protocol.
- 4.
- 5.
Remote Terminal Unit: the interface between sensors and a SCADA system.
- 6.
Human Machine Interface: local controls for an engineer.
References
Abadi, M.: Logic in access control. In: Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science, 2003. pp. 228–233. IEEE, IEEE, Ottawa, Canada (2003)
Ahmed, M.S., Al-Shaer, E., Taibah, M.M., Abedin, M., Khan, L.: Towards autonomic risk-aware security configuration. In: IEEE Network Operations and Management Symposium. pp. 722–725. IEEE, IEEE, Piscataway, NJ (2008)
Arcaini, P., Riccobenne, E., Scandurra, P.: Formal design and verification of self-adaptive systems with decentralized control. ACM Trans. Auton. Adapt. Syst. 11(4), 25:1–25:35 (2017)
Barbosa, D.M., de Moura Lima, R.G., Maia, P.H.M., Junior, E.C.: Lotus@Runtime: a tool for runtime monitoring and verification of self-adaptive systems. In: IEEE/ACM 12th International Symposium on Software Engineering for Adaptive and Self-Managing Systems. pp. 24–30. IEEE, Buenos Aires, Argentina (2017)
Becker, M.Y., Fournet, C., Gordon, A.D.: SecPAL: Design and semantics of a decentralized authorization language. J. Comput. Secur. 18(4), 619–665 (2010)
Cervini, J., Rubin, A., Watkins, L.: Don’t drink the cyber: Extrapolating the possibilities of oldsmar’s water treatment cyberattack. In: Proceedings of the 17th International Conference on Information Warfare and Security (2022)
Cheng, P.C., Rohatgi, P., Keser, C.: Fuzzy MLS: An experiment on quantified risk-adaptive access control. In: IEEE Symposium on Security and Privacy. pp. 222–230 (2007)
Cherdantseva, Y., et al.: A review of cyber security risk assessment methods for SCADA systems. Comput. secur. 56, 1–27 (2016)
Chromik, J.J., Remke, A., Haverkort, B.R.: Bro in SCADA: dynamic intrusion detection policies based on a system model. In: 5th International Symposium for ICS & SCADA Cyber Security, ICS-CSR 2018. pp. 112–121. British Computer Society, Hamburg, Germany (2018)
DiMase, D., Collier, Z.A., Heffner, K., Linkov, I.: Systems engineering framework for cyber physical security and resilience. Environ. Syst. Decisions 35(2), 291–300 (2015). https://doi.org/10.1007/s10669-015-9540-y
Elkhodary, A., Whittle, J.: A survey of approaches to adaptive application security. In: Software Engineering for Adaptive and Self-Managing Systems, 2007. ICSE Workshops SEAMS’07. International Workshop on. pp. 16–16. IEEE (2007)
Falliere, N., Murchu, L.O., Chien, E.: W32.Stuxnet dossier. Tech. rep., Symantec Security Response (2011)
Fitzgerald, W.M., Neville, U., Foley, S.N.: MASON: Mobile autonomic security for network access controls. J. Inf. Secur. Appl. 18(1), 14–29 (2013)
Foley, S.N., Fitzgerald, W.M.: An Approach to Security Policy Configuration Using Semantic Threat Graphs. In: Gudes, E., Vaidya, J. (eds.) DBSec 2009. LNCS, vol. 5645, pp. 33–48. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03007-9_3
Foley, S.N., Fitzgerald, W.M.: Management of Security Policy Configuration using a semantic threat graph approach. J. Comput. Secur. 3(19), 567–605 (2011)
Foley, S.N., Moss, H.: A risk-metric framework for enterprise risk management. IBM J. Res. Dev. 54(3), 3 (2010). https://doi.org/10.1147/JRD.2010.2043403
Furnell, S.M., Warren, M.J.: Computer hacking and cyber terrorism: the real threats in the new millennium? Comput. Secur. 18(1), 28–34 (1999)
Gao, Y., Xie, X., Parekh, M., Bajramovic, E.: SIEM: policy-based monitoring of SCADA systems. In: Informatik 2016. pp. 559–570. Gesellschaft für Informatik eV, Bremen, Germany (2016)
Gardiner, J., Craggs, B., Green, B., Rashid, A.: Oops i did it again: Further adventures in the land of ics security testbeds. In: Proceedings of the ACM Workshop on Cyber-Physical Systems Security & Privacy. pp. 75–86. CPS-SPC’19, ACM, New York, NY, USA (2019). https://doi.org/10.1145/3338499.3357355
Gibbs, S.: Triton: hackers take out safety systems in ’watershed’ attack on energy plant. The Guardian (December 2017), https://www.theguardian.com/technology/2017/dec/15/triton-hackers-malware-attack-safety-systems-energy-plant
Giraldo, J., Sarkar, E., Cardenas, A.A., Maniatakos, M., Kantarcioglu, M.: Security and privacy in cyber-physical systems: a survey of surveys. IEEE Des. Test 34(4), 7–17 (2017)
Higgins, K.J.: Schneider Electric: TRITON/TRISIS attack used 0-day flaw in its safety controller system, and a RAT (2018)
Kephart, J.O., Chess, D.M.: The vision of autonomic computing. IEEE Comput. 36, 41–50 (2003)
Knowles, W., Prince, D., Hutchinson, D., Ferdinand, J., Disso, P., Jones, K.: Towards real-time assessment of industrial control systems (ICSs): A framework for future research. In: Proceedings of the 1st International Symposium for ICS & SCADA Cyber Security Research. pp. 106–109. Leicester, UK (2013)
Kushner, D.: The real story of stuxnet. IEEE Spectrum 50(3), 48–53 (2013)
Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Privacy 9(3), 49–51 (2011)
Lee, R.M., Assante, M.J., Conway, T.: German steel mill cyber attack. SANS, Technical Report 2014 https://ics.sans.org/media/ICS-CPPE-case-Study-2-German-Steelworks_Facility.pdf(2014)
McCarthy, D., Umeshwar, D.: The architecture of an active database management system. ACM Sigmod Record 18(2), 215–224 (1989)
Miller, B., Rowe, D.: A survey SCADA of and critical infrastructure incidents. In: Proceedings of the 1st Annual conference on Research in information technology. pp. 51–56. ACM (2012)
Montemaggio, A., Iannucci, S., Bhowmik, T., Hamilton, J.: Designing a methodological framework for the empirical evaluation of self-protecting systems. In: 2020 IEEE International Conference on Autonomic Computing and Self-Organizing Systems Companion (ACSOS-C). pp. 218–223. IEEE (2020)
New York Independent System Operator, Inc: 2018 load & capacity data “gold book”. Tech. rep., ISO (2018)
Pandey, A., Ruchkin, I., Schmerl, B., Cámara, J.: Towards a formal framework for hybrid planning in self-adaptation. In: IEEE/ACM 12th International Symposium on Software Engineering for Adaptive and Self-Managing Systems. pp. 109–115. IEEE (2017)
Petit, J., Shladover, S.E.: Potential cyberattacks on automated vehicles. IEEE Trans. Intell. Trans. Syst. 16(2), 546–556 (2015)
Radmand, P., Talevski, A., Petersen, S., Carlsen, S.: Taxonomy of wireless sensor network cyber security attacks in the oil and gas industries. In: 2010 24th IEEE International Conference on Advanced Information Networking and Applications. pp. 949–957. IEEE (2010)
Rashid, A., Gardiner, J., Green, B., Craggs, B.: Everything Is Awesome! or Is It? Cyber Security Risks in Critical Infrastructure. In: Nadjm-Tehrani, S. (ed.) CRITIS 2019. LNCS, vol. 11777, pp. 3–17. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-37670-3_1
da Silva, C.E., da Silva, J.D.S., Paterson, C., Calinescu, R.: Self-adaptive role-based access control for business processes. In: IEEE/ACM 12th International Symposium on Software Engineering for Adaptive and Self-Managing Systems. pp. 193–203. Buenos Aires, Argentina (2017)
of Sponsoring Organizations of the Treadway Commission (COSO), C.: Enterprise Risk Management-Integrated Framework. Jersey City, NJ (2004)
Tsuchida, S., Nakagawa, H., Tramontana, E., Fornaia, A., Tsuchiya, T.: A framework for updating functionalities based on the MAPE loop mechanism. In: 42nd IEEE International Conference on Computer Software & Applications. pp. 38–47 (2018)
Waltermire, D., Quinn, S., Scarfone, K., Halbardier, A.: The Technical Specification for the Security Content Automation Protocol: SCAP Version 1.2. Recommendations of the National Institute of Standards and Technology, NIST-800-126 (2011)
Acknowledgement
CHIST-ERA project: DYPOSIT (EPSRC grants EP/N021657/1, EP/N021657/2).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Hallett, J. et al. (2023). Threat-Driven Dynamic Security Policies for Cyber-Physical Infrastructures. In: Hämmerli, B., Helmbrecht, U., Hommel, W., Kunczik, L., Pickl, S. (eds) Critical Information Infrastructures Security. CRITIS 2022. Lecture Notes in Computer Science, vol 13723. Springer, Cham. https://doi.org/10.1007/978-3-031-35190-7_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-35190-7_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-35189-1
Online ISBN: 978-3-031-35190-7
eBook Packages: Computer ScienceComputer Science (R0)