Design and verification of a mobile robot based on the integrated model of cyber-Physical systems

https://doi.org/10.1016/j.simpat.2020.102151Get rights and content

Highlights

  • The key part of the proposed design and verification methodology is the integrated model.

  • The proposed model represents cyber-physical systems as a set of building blocks.

  • The model has a strong focus on security and allows direct and reverse transformations.

  • We used the model for design and verification of a robot for perimeter monitoring.

  • In the experiments we worked with SPASS theorem prover, the Maude system and daTac.

Abstract

The paper describes the new model, which is a key element of the design and verification methodology for secure cyber-physical systems. The proposed model represents cyber-physical systems as a set of building blocks with properties and connections between them, while each building block is the projection of the integrated model. The models of attacker and attack actions are an external models that are connected with an integrated model: attack actions impact is modelled through changes in the properties of the system or its elements while the number of possible attack actions is reduced according to the attacker possibilities. The novelty of the proposed model lies in the strong focus on security and possibilities of direct (from the projections to the integrated model) and reverse (from the integrated model to the projections) transformations. Verification process is an integral part of the proposed solution. Verification provides the formal check of the system creation possibility in accordance with the requirements and limitations as well as that designed system is secured against an attacker of certain level of knowledge which is connected from certain access point and has certain amount of resources. During the experiments SPASS theorem prover, the Maude system and daTac were used. As an example of the proposed model application, firstly, an access control system was considered. This system contains Arduino microcontrollers, software agents, web-servers and different sensors. To provide an additional example an use case about mobile robot for perimeter monitoring was also presented. For the experiments, it was decided to use the LEGO 9797 Mindstorms NXT.

Introduction

We live in the world where the interaction of various devices with each other allows one to improve the quality of our life. Such concepts as smart home, smart city and smart industry have turned from theoretical and futuristic concepts into specific technical solutions. Cyber-physical systems now are an integral part of any sphere of our vital activity. They can be distributed, decentralized, self-organized and also may contain a variety of microcontroller-based devices. Such systems are used in electric power industry, production industry, transport systems, medicine, trade, in our homes. This fact determines the critical importance of ensuring the security of cyber-physical systems, as well as the high cost of exploiting vulnerabilities in them. The vulnerabilities can occur due to various factors: the implementation and design errors, the absence of standards and the use of the systems in unusual environments.

Vulnerabilities that occur due to errors at the design stage are the most dangerous because after implementation the system improvement can be a challenging task. Especially when the improvement implies changes in the components of individual devices, manufacturers of which no longer exist. The prevalence of such vulnerabilities is related to the fact that usually systems are designed without the participation of security experts using insecure data transfer protocols and untested code.

The solving of this problem is an important task, that is why various design techniques have been developed and embedded into the practice. Some of them are focused on software, some on hardware, and some on highly specialized areas of the application (automobiles, railway transport, robotics). The key issue of such solutions is in focusing on the certain aspects of security, ensuring their inapplicability to provide the security of cyber-physical systems in general. At the same time, integration of standalone solutions within a single approach is a difficult task due to their incompatibility. This is because each design methodology is based on its own system model, presented in an internal format. It means that in most cases it is difficult or even impossible to transform one particular model into another without significant losses due to the lack of necessary data.

Currently we are investigating and developing the methodology for design and verification of secure cyber-physical systems [31]. The key part of this methodology is the integrated model, which was presented during the 13th International Symposium on Intelligent Distributed Computing [32]. This paper is an extension and improvement of the given work. The related work analysis were extended and detailed, the experiments were improved and their results were used for a new experiment. As a new example of the integrated model application, in this paper it was applied for a mobile robot for perimeter monitoring use case. The paper is starting from formalizing of requirements to such robot according to its tasks moving to design and verification processes.

The proposed integrated model represents cyber-physical systems as a set of building blocks with properties and connections between them, while each building block is the projection of the integrated model. The novelty of the model is in strong focus on security and possibility of direct (from the projections to the integrated model) and reverse (from the integrated model to the projections) transformations. Focus on the security allows one to model attack actions impact through changes in the properties of the building blocks or connections between them, what in its turn allows one to evaluate the impact on the system as a whole. Verification process is an integral part of the proposed solution. Verification provides the formal check of the system creation possibility in accordance with the requirements and limitations as well as that designed system is secured against an attacker of certain knowledge level which is connected from a specific access point and has a certain amount of resources.

The paper is organized as follows. In Section 2 the state of the art in the area of modeling of cyber-physical systems for their design and verification respectively is considered. In Section 3 a new approach to model secure cyber-physical systems is proposed. Section 4 contains obtained experimental results in design and verification of a mobile robot based on the proposed model. Section 5 contains main conclusions and future work directions.

Section snippets

Related work

In [27] it is mentioned that the main goal of design and verification of cyber-physical systems is to develop a resilent system. According to the authors, cyber-physical system is resilient when it is designed with 3S features: stability, security and systematicness. This is achievable through solving of five main challenges: dependability, consistency, reliability, cyber-physical mismatch and cyber-physical coupling security. Authors also mentioned that such systems are about tight coupling of

The integrated model

The current state of the art analysis showed that there are a lot of tools and approaches that can help to model different aspects of cyber-physical systems: physical processes, software elements, hardware elements, platforms, network, timings, performance, computations, load balance, interactions, system behavior, topological relationships, interoperability, system boundaries, system hierarchy, workflows, business processes and others. The drawback is that most of such approaches are focused

The mobile robot use case

Design and verification methodology that we are currently investigating, could be divided into two main cycles: design of the cyber-physical system model and development of the cyber-physical system prototype. Requirements and limitations to the system are formed based on stakeholders wishes and first cycle works with them as an input data. This cycle consists of seven stages that are connected to design of the integrated model elements (P,IL; HW,SW,Lbb; B,Lcps) as well as their

Conclusion

As were mentioned before, vulnerabilities that occur due to errors at the design stage are the most dangerous because after implementation the system improvement can be a challenging task. The prevalence of such vulnerabilities is related to the fact that usually systems are designed without the participation of security experts using insecure data transfer protocols and untested code. The solving of this problem is an important task, that is why various design techniques have been developed

Acknowledgement

The reported study was funded by RFBR project 19-37-90082, by the budget project 0073-2019-0002 and by Government of Russian Federation (Grant 08-08).

Dmitry Levshun graduated with honors from ETU LETI in 2017 as the best graduate of the Faculty of Computer Technology and Informatics. From 2015 he works as a junior researcher in the Laboratory of Computer Security Problems of the SPIIRAS. During his work in the laboratory he took part in more than 10 different projects as a researcher and developer. The results were repeatedly presented at Russian and foreign conferences, formed the basis of more than 40 publications and 10 certificates of

References (47)

  • B. Blanchet

    Automatic Verification of Security Protocols in the Symbolic Model: The Verifier Proverif

    Foundations of Security Analysis and Design VII

    (2013)
  • D. Blouin et al.

    Aadl: A Language to Specify the Architecture of Cyber-physical Systems

    Foundations of Multi-Paradigm Modelling for Cyber-Physical Systems

    (2020)
  • R. Chadha et al.

    Automated verification of equivalence properties of cryptographic protocols

    ACM Transactions on Computational Logic (TOCL)

    (2016)
  • D.K. Chaturvedi

    Modeling and simulation of systems using MATLAB and simulink

    (2017)
  • Yannick Chevalier et al.

    Towards Efficient Automated Verification of Security Protocols

    In Proceedings of the Verification Workshop (VERIFY’01) (in connection with IJCAR’01), Universit<E0> degli studi di Siena, TR DII 08/01

    (2001)
  • T. Chothia et al.

    Automatically checking commitment protocols in proverif without false attacks

    International Conference on Principles of Security and Trust

    (2015)
  • M. Clavel et al.

    Maude manual (version 3.0)

    SRI International–University of Illinois at Urbana-Champaign. URL: http://maude. cs. uiuc. edu

    (2019)
  • C. Cremers

    Symbolic security analysis using the tamarin prover

    2017 Formal Methods in Computer Aided Design (FMCAD)

    (2017)
  • W. Dai et al.

    Discrete-event-based deterministic execution semantics with timestamps for industrial cyber-physical systems

    IEEE Transactions on Systems, Man, and Cybernetics: Systems

    (2017)
  • daTac, Official website of daTac - Automatic Deduction in Associative-Commutative Theories, 2020,...
  • A. David et al.

    Uppaal smc tutorial

    Int. J. Software Tools Technol. Trans.

    (2015)
  • V. Desnitsky et al.

    Combined design technique for secure embedded devices exemplified by a perimeter protection system

    SPIIRAS Proceedings

    (2016)
  • V. Desnitsky et al.

    Configuration-based approach to embedded device security

    International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security

    (2012)

    • Cited by (9)

    View all citing articles on Scopus

    Dmitry Levshun graduated with honors from ETU LETI in 2017 as the best graduate of the Faculty of Computer Technology and Informatics. From 2015 he works as a junior researcher in the Laboratory of Computer Security Problems of the SPIIRAS. During his work in the laboratory he took part in more than 10 different projects as a researcher and developer. The results were repeatedly presented at Russian and foreign conferences, formed the basis of more than 40 publications and 10 certificates of programs and databases. Since 2017 he is a PhD student at the ITMO University in the field of Computer Science. And since 2018 he is also a PhD student in University of Toulouse III - Paul Sabatier (joint supervision).

    Yannick Chevalier is a former mathematics and computer science student of ENS Lyon. He has received a PhD from University Nancy 1 in 2003, and is since 2004 an associate professor at University Toulouse 3. He has co-authored 14 journal and 29 conference papers, and has participated in the European AVISS, AVISPA, and Avantssar Projects. His work was cited more than 2000 times according to Google Scholar.

    Igor Kotenko graduated with honors from St. Petersburg Academy of Space Engineering and St. Petersburg Signal Academy. He obtained the Ph.D. degree in 1990 and the National degree of Doctor of Engineering Science in 1999. He is Professor of Computer Science and Head of the Laboratory of Computer Security Problems of St. Petersburg Institute for Informatics and Automation. He is the author of more than 500 refereed publications, including 14 textbooks and monographs. He has a high experience in the research on computer network security and participated in several projects on developing new security technologies. For example, he was a project leader in the research projects from the US Air Force research department, via its EOARD (European Office of Aerospace Research and Development) branch, EU FP7 and FP6 Projects, HP, Intel, F-Secure, etc. His research results were tested and implemented in more than fifty Russian research and development projects.

    Andrey Chechulin received his B.S. and M.S. in Computer Science from St. Petersburg State Polytechnical University and PhD from St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences in 2013. In 2015 he was awarded the medal of the Russian Academy of Science in area of Computer Science. At the moment he holds a position of leading researcher at the Laboratory of Computer Security Problems of SPIIRAS. He is the author of more than 70 refereed publications and participated as a principal investigator in several Russian and EU projects on developing new security technologies. His primary research interests include computer network security, digital forensics, cyber-physical systems, social network analysis and security visualization.

    1

    [orcid=0000-0003-1898-6624]

    2

    [orcid=0000-0002-8617-4209]

    3

    [orcid=0000-0001-6859-7120]

    4

    [orcid=0000-0001-7056-6972]

    View full text
    © 2020 Elsevier B.V. All rights reserved.