Abstract
Cyber-Physical Systems (CPS) promise advances towards smarter infrastructure systems and services, significantly enhancing their reliability, performance and safety. Current CPS Monitoring, Analysis, Sharing, and Control (MASC) technologies offer disparate and largely inadequate services for the realization of effective and efficient CPS security. Most current technologies did not consider that cyber and physical convergence would need a new paradigm that treats cyber and physical components seamlessly and pervasively. Further, information sharing was severely curtailed by enforcing parameter defense to preserve the privacy of the system to be secured, the Target-of-Security system (ToS). These limitations negatively impact the quality, reliability, survivability, and promptness of security services. In this chapter, we discuss the current challenges to CPS security, survey relebant solutions, and present a novel system, CyPhyMASC, towards realizing pervasive MASC for enhanced CPS security. CyPhyMASC is a bio-inspired intrinsically-resilient, situation-aware system utilized by Security Service Providers (SSPs) to provision MASC services to ToSs comprising numerous heterogeneous CPS components. CyPhyMASC is unique in that it acts as a generic middle layer between the SSPs and the ToSs creating a uniform interface that isolates ToS scale and heterogeneity aspects from control and management aspects. Such isolation and uniform representation facilitate interoperable security services. CyPhyMASC intelligently mixes and matches heterogeneous tools and control logic from various sources towards dynamic security missions. CyPhyMASC is also elastic where situation-driven MASC solutions can be dispatched using dynamic sets of sensor and effector software capsules circulating through the ToS rather than using pre-deployed MASC components. Such approach provides evolvable, pervasive and scalable MASC services.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Knight, J.C., Leveson, N.G.: An experimental evaluation of the assumption of independence in multiversion programming. IEEE Trans. Softw. Eng. 12(1), 96–109 (1986)
Jorstad, N., Landgrave, T.S.: Cryptographic algorithm metrics. In: 20th National Information Systems Security Conference, Baltimore (1997)
Parra, C.: Towards Dynamic Software Product Lines: Unifying Design and Runtime Adaptation. Universit Lille (2011)
Stberg, P.-O., Elmroth, E.: GJMF - A Composable Service-Oriented Grid Job Management Framework (2010). http://www.cs.umu.se/ds
Chen, X., Andersen, J., Mao, Z.M., Bailey, M., Nazario, J.: Towards an understanding of anti-virtualization and anti-debugging behavior in modern malware. In: International Conference on Dependable Systems and Networks (2008)
Sze, S., Tiong, W.: A Comparison between Heuristic and MetaHeuristic Methods for Solving the Multiple Traveling Salesman Problem. World Academy of Science, Engineering and Technology (2007)
Podgrski, W.: Artificial Intelligence Methods in Virus Detection & Recognition—Introduction to Heuristic Scanning (2012). http://podgorski.wordpress.com
Haack., J., Fink, G., Fulp, E., Maiden, W.: Cooperative infrastructure defense. In: Workshop on Visualization for Computer Security (VizSec) (2008)
Maiden, W.M.: DualTrust, A Trust Management Model for Swarm-Based Autonomic Computing Systems. Washington State University (2010)
Maiden, W.M., Dionysiou, I., Frincke, D.A., Fink, G.A., Bakken, D.E.: DualTrust: A Distributed Trust Model for Swarm-Based Autonomic Computing Systems. Data Privacy Management and Autonomous Spontaneous Security (2010)
Lee, Y.: A Pre-kernel agent platform for security assurance. In: IEEE Symposium on Intelligent Agent (IA) (2011)
Nguyen-Tuong, A., Wang, A., Hiser, J., Knight, J., Davidson, J.: On the effectiveness of the metamorphic shield. In: The Fourth European Conference on Software Architecture ECSA 10, pp. 170–174 (2010)
Abraham, A., Jain, R., Thomas, J., Han, S.Y.: D-SCIDS: distributed soft computing intrusion detection system. J. Netw. Comput. Appl. 30(1), 81–98 (2007)
Wu, S., Banzhaf, W.: The use of computational intelligence in intrusion detection systems: A review. Appl. Soft Comput. 10(1), 1–35 (2010)
Mukherjee, S.: FPGA based Network Security Architecture for High Speed Networks, MTech (2001)
Otey, M., Parthasarathy, S., Ghoting, A., Li, G., Narravula, S., Panda, D.: Towards nic based intrusion detection. In: The Ninth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 723–728 (2003)
Santos, I., Penya, Y., Devesa, J., Bringas, P.: N-Grams-based file signatures for malware detection. In: The 11 International Conference on Enterprise Information Systems (ICEIS) (2009)
Lemos, R.: White House Network Attack Highlights Need for Stronger Defenses (2012). http://www.eweek.com/security/white-house-network-attack-highlights-need-for-stronger-defenses/
Prayurachatuporn, S., Benedicenti, L.: Increasing the reliability of control systems with agent technology. ACM SIGAPP Applied Computing (2001)
Box, D.: Essential COM. Addison Wesley, Reading Mass (1998)
Knight, J.C., Davidson, J.W., Evans, D., Nguyen-Tuong, A., Wang, C.: Genesis: A Framework for Achieving Software Component Diversity. Technical Report AFRL-IF-RS-TR-2007-9, University of Virginia (2007)
Te-Shun, C., Sharon, F., Wei, Z., Jeffrey, F., Asad, D.: Intrusion aware system-on-a-chip design with uncertainty classification. In: The 2008 International Conference on Embedded Software and Systems-ICESS (2008)
Azab, M., Hassan, R., Eltoweissy, M.: ChameleonSoft: a moving target defense system. In: 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing, (CollaborateCom 11) (2011)
Spinellis, D.: Reliable identification of bounded-length viruses is NP-complete. IEEE Trans. Inf. Theory 49(1), 280–284 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Azab, M., Eltoweissy, M. (2014). Bio-inspired Evolutionary Sensory System for Cyber-Physical System Security. In: Hassanien, A., Kim, TH., Kacprzyk, J., Awad, A. (eds) Bio-inspiring Cyber Security and Cloud Services: Trends and Innovations. Intelligent Systems Reference Library, vol 70. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-43616-5_2
Download citation
DOI: https://doi.org/10.1007/978-3-662-43616-5_2
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-43615-8
Online ISBN: 978-3-662-43616-5
eBook Packages: EngineeringEngineering (R0)