scholarly journals VERCASM-CPS: Vulnerability Analysis and Cyber Risk Assessment for Cyber-Physical Systems

Information ◽  
2021 ◽  
Vol 12 (10) ◽  
pp. 408
Author(s):  
Bradley Northern ◽  
Trey Burks ◽  
Marlana Hatcher ◽  
Michael Rogers ◽  
Denis Ulybyshev
Keyword(s):  
Cyber Physical Systems ◽  
Cyber Attacks ◽  
Risk Scores ◽  
Critical Infrastructures ◽  
Moving Target ◽  
Public Database ◽  
Physical Systems ◽  
Automatic Mode ◽  
System Configurations ◽  
Cyber Risk

Since Cyber-Physical Systems (CPS) are widely used in critical infrastructures, it is essential to protect their assets from cyber attacks to increase the level of security, safety and trustworthiness, prevent failure developments, and minimize losses. It is necessary to analyze the CPS configuration in an automatic mode to detect the most vulnerable CPS components and reconfigure or replace them promptly. In this paper, we present a methodology to determine the most secure CPS configuration by using a public database of cyber vulnerabilities to identify the most secure CPS components. We also integrate the CPS cyber risk analysis with a Controlled Moving Target Defense, which either replaces the vulnerable CPS components or re-configures the CPS to harden it, while the vulnerable components are being replaced. Our solution helps to design a more secure CPS by updating the configuration of existing CPS to make them more resilient against cyber attacks. In this paper, we will compare cyber risk scores for different CPS configurations and show that the Windows® 10 build 20H2 operating system is more secure than Linux Ubuntu® 20.04, while Red Hat® Enterprise® Linux is the most secure in some system configurations.

scholarly journals Managing Cyber Security Risks of the Cyber-Enabled Ship

2020 ◽  
Vol 8 (10) ◽  
pp. 768
Author(s):  
Georgios Kavallieratos ◽  
Sokratis Katsikas
Keyword(s):  
Cyber Security ◽  
Cyber Physical Systems ◽  
Transformation Process ◽  
Cyber Attacks ◽  
Security Requirements ◽  
Shipping Industry ◽  
Security Risks ◽  
Industrial Control Systems ◽  
Physical Systems ◽  
Cyber Risk

One aspect of the digital transformation process in the shipping industry, a process often referred to as Shipping 4.0, is the increased digitization of on board systems that goes along with increased automation in and autonomy of the vessel. This is happening by integrating Information Technology with Operation Technology systems that results in Cyber Physical Systems on which the safe operations and sailing of contemporary and future vessels depend. Unavoidably, such highly interconnected and interdependent systems increase the exposure of the vessel’s digital infrastructure to cyber attacks and cyber security risks. In this paper, we leverage the STRIDE and DREAD methodologies to qualitatively and quantitatively assess the cyber risk of Cyber Physical Systems on board digitalized contemporary and future ships. Further, we propose appropriate cyber security baseline controls to mitigate such risks, by applying a systematic approach using a set of criteria that take into account the security requirements; the cyber risks; the possible attacks; and the possibly already existing controls, to select from the list of controls provided in the Industrial Control Systems (ICS) overlay of the NIST Guide to ICS Security. The results are expected to support the decision-making and the design of a security architecture for the cyber-enabled ship.

Toward Detection and Attribution of Cyber-Attacks in IoT-enabled Cyber-physical Systems

2021 ◽  
pp. 1-1
Author(s):  
Amir Namavar Jahromi ◽  
Hadis Karimipour ◽  
Ali Dehghantanha ◽  
Kim-Kwang Raymond Choo
Keyword(s):  
Cyber Physical Systems ◽  
Cyber Attacks ◽  
Physical Systems ◽  
Detection And Attribution

scholarly journals Nonfragile Integral-Based Event-Triggered Control of Uncertain Cyber-Physical Systems under Cyber‐Attacks

Complexity ◽  
2019 ◽  
Vol 2019 ◽  
pp. 1-14 ◽  
Author(s):  
Shen Yan ◽  
Sing Kiong Nguang ◽  
Liruo Zhang
Keyword(s):  
Sufficient Conditions ◽  
Cyber Physical Systems ◽  
Cyber Attacks ◽  
Linear Matrix ◽  
Time Interval ◽  
System State ◽  
Network Resources ◽  
Physical Systems ◽  
Mean Square Stability ◽  
Event Triggered

This article studies the problem of nonfragile integral-based event-triggered control for uncertain cyber-physical systems under cyber-attacks. An integral-based event-triggered scheme is proposed to reduce the data transmissions and save the limited network resources. The triggering condition is related to the mean of system state over a finite time interval instead of instant system state. Random cyber-attacks in a communication channel are taken into account and described by a stochastic variable subject to Bernoulli distribution. A novel Lyapunov–Krasovskii functional based on Legendre polynomials is constructed, and the Bessel–Legendre inequality technique is employed to handle the integral term induced by the integral-based event-triggered scheme. Resorting to these treatments, sufficient conditions are established via a set of linear matrix inequalities to guarantee the asymptotic mean-square stability of the closed-loop system. Finally, a numerical example shows that the presented method is effective.

Sign in / Sign up

Export Citation Format

Share Document