Application of a model for detecting cyberattacks on cyber-physical systems of critical infrastructure nuclear facilities

2021 ◽  
Vol 4 ◽  
pp. 60-65
Author(s):  
V.O. Popov ◽  
◽  
A.A. Chechulin
Keyword(s):  
Critical Infrastructure ◽  
Cyber Physical Systems ◽  
Nuclear Facilities ◽  
Generalized Model ◽  
Physical Systems ◽  
Proposed Model

In this part of the article, the application of the approach to the classification proposed in the first part is presented. As a result of the application of the proposed classification using the generalized model, it is supposed to determine the attack vector within the framework of the proposed model and draw conclusions on the main areas of cyber-physical systems that are vulnerable to attacks by malefactors.

A model of detecting cyberattacks on cyber-physical systems of critical infrastructure nuclear facilities

2021 ◽  
pp. 128-133
Author(s):  
A.A. Chechulin ◽  
V.O. Popova
Keyword(s):  
Critical Infrastructure ◽  
Cyber Physical Systems ◽  
Nuclear Facilities ◽  
Physical Systems

The article presents an approach to classification that will help to identify specific areas of possible cyberattacks and significantly narrow the range of targets vulnerable to attackers. Criteria are considered that allow one to classify cyber-physical systems (attack targets) that are part of nuclear facilities. It is proposed to enter into the basis of the classification such concepts as an object, an attacking and attacking action. The novelty in this work lies in the development of a classification that can be used most effectively to assess the vulnerabilities of systems of critical infrastructure facilities.

scholarly journals A Combined Model of Secure Cyber-Physical Systems for their Design and Verification

2019 ◽  
Vol 5 (4) ◽  
pp. 114-123
Author(s):  
D. Levshun ◽  
A. Chechulin ◽  
I. Kotenko
Keyword(s):  
Cyber Physical Systems ◽  
Emergent Properties ◽  
Cyber Physical System ◽  
Combined Model ◽  
Physical Systems ◽  
Main Challenge ◽  
Proposed Model ◽  
Access Control System ◽  
Single Approach ◽  
Significant Data

In this paper a combined model of secure cyber-physical systems for their design and verification is proposed. Within the framework of this model, a cyber-physical system is represented as a set of blocks with various properties and relationships between them. The main challenge in such model construction is to combine various approaches to the modeling of cyber-physical systems (or their elements) within a single approach. The main goal of the proposed modeling approach is to provide the ability to convert various models into each other without losing significant data about the elements of the system, as well as taking into account the emergent properties that arise in the process of their interaction. The correctness of the proposed model is validated by the example of its use for design and verification of access control system.

scholarly journals VERDICT: A Language and Framework for Engineering Cyber Resilient and Safe System

Systems ◽  
2021 ◽  
Vol 9 (1) ◽  
pp. 18
Author(s):  
Baoluo Meng ◽  
Daniel Larraz ◽  
Kit Siu ◽  
Abha Moitra ◽  
John Interrante ◽  
...  
Keyword(s):  
Critical Infrastructure ◽  
Cyber Physical Systems ◽  
Design Model ◽  
Physical Systems ◽  
Architectural Analysis ◽  
Analysis And Design ◽  
Safety Requirements ◽  
Analysis And Synthesis ◽  
The Face ◽  
Implementation Costs

The ever-increasing complexity of cyber-physical systems is driving the need for assurance of critical infrastructure and embedded systems. However, traditional methods to secure cyber-physical systems—e.g., using cyber best practices, adapting mechanisms from information technology systems, and penetration testing followed by patching—are becoming ineffective. This paper describes, in detail, Verification Evidence and Resilient Design In anticipation of Cybersecurity Threats (VERDICT), a language and framework to address cyber resiliency. When we use the term resiliency, we mean hardening a system such that it anticipates and withstands attacks. VERDICT analyzes a system in the face of cyber threats and recommends design improvements that can be applied early in the system engineering process. This is done in two steps: (1) Analyzing at the system architectural level, with respect to cyber and safety requirements and (2) by analyzing at the component behavioral level, with respect to a set of cyber-resiliency properties. The framework consists of three parts: (1) Model-Based Architectural Analysis and Synthesis (MBAAS); (2) Assurance Case Fragments Generation (ACFG); and (3) Cyber Resiliency Verifier (CRV). The VERDICT language is an Architecture Analysis and Design Language (AADL) annex for modeling the safety and security aspects of a system’s architecture. MBAAS performs probabilistic analyses, suggests defenses to mitigate attacks, and generates attack-defense trees and fault trees as evidence of resiliency and safety. It can also synthesize optimal defense solutions—with respect to implementation costs. In addition, ACFG assembles MBAAS evidence into goal structuring notation for certification purposes. CRV analyzes behavioral aspects of the system (i.e., the design model)—modeled using the Assume-Guarantee Reasoning Environment (AGREE) annex and checked against cyber resiliency properties using the Kind 2 model checker. When a property is proved or disproved, a minimal set of vital system components responsible for the proof/disproof are identified. CRV also provides rich and localized diagnostics so the user can quickly identify problems and fix the design model. This paper describes the VERDICT language and each part of the framework in detail and includes a case study to demonstrate the effectiveness of VERDICT—in this case, a delivery drone.

scholarly journals Security Certification of Cyber Physical Systems for Critical Infrastructure based on the Compositional MILS Architecture

2021 ◽  
Author(s):  
Andreas Hohenegger ◽  
Gerald Krummeck ◽  
Janie Banos ◽  
Alvaro Ortega ◽  
Michal Hager ◽  
...  
Keyword(s):  
Critical Infrastructure ◽  
Cyber Physical Systems ◽  
Physical Systems

scholarly journals DIGITAL TRANSFORMATION OF THE MANAGEMENT ORGANIZATIONAL STRUCTURE OF A PRODUCTION ENTERPRISE

2021 ◽  
Vol 23 (2) ◽  
pp. 46-50
Author(s):  
A.V. Ivaschenko ◽  
◽  
T.V. Nikiforova ◽  
Keyword(s):  
Artificial Intelligence ◽  
Intelligent Systems ◽  
New Technologies ◽  
Cyber Physical Systems ◽  
Information Environment ◽  
Organizational System ◽  
Physical Systems ◽  
Optimal Replacement ◽  
Proposed Model ◽  
Digital Enterprise

The article discusses the problem of finding a rational share of artificial intelligence in the organizational system of a manufacturing enterprise. An original formal-logical model of a mixed integrated information environment of a digital enterprise is proposed, which differs from analogues in the possibility of an ontological description of the processes of interaction between personnel and artificial intelligence systems. On the basis of the proposed model, a technique has been developed for the optimal replacement of staffing for cyber-physical systems with artificial intelligence components, which allows balancing the load of human resources and intelligent systems. The proposed developments can be applied in the organization of the production process of enterprises for planning and management, as well as the introduction of new technologies and artificial intelligence. Research results are recommended under the framework of implementation of the concept of Industry 4.0 for modern enterprises of industrial engineering.

A Survey on Network Intrusion Detection Using Deep Generative Networks for Cyber-Physical Systems

2021 ◽  
pp. 137-159
Author(s):  
Srikanth Yadav M. ◽  
Kalpana R.
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Critical Infrastructure ◽  
Cyber Physical Systems ◽  
Industrial Applications ◽  
Network Intrusion Detection ◽  
Primary Concern ◽  
Physical Systems ◽  
Detection Systems ◽  
Network Intrusion

In the present computing world, network intrusion detection systems are playing a vital part in detecting malicious activities, and enormous attention has been given to deep learning from several years. During the past few years, cyber-physical systems (CPSs) have become ubiquitous in modern critical infrastructure and industrial applications. Safety is therefore a primary concern. Because of the success of deep learning (DL) in several domains, DL-based CPS security applications have been developed in the last few years. However, despite the wide range of efforts to use DL to ensure safety for CPSs. The major challenges in front of the research community are developing an efficient and reliable ID that is capable of handling a large amount of data, in analyzing the changing behavioral patterns of attacks in real-time. The work presented in this manuscript reviews the various deep learning generative methodologies and their performance in detecting anomalies in CPSs. The metrics accuracy, precision, recall, and F1-score are used to measure the performance.

scholarly journals False Sequential Command Attack of Large-Scale Cyber-Physical Systems

Electronics ◽  
2018 ◽  
Vol 7 (9) ◽  
pp. 176 ◽  
Author(s):  
Yinqiao Xiong ◽  
Ziyu Yang ◽  
Baoyao Wang ◽  
Peng Xun ◽  
Tiantian Deng
Keyword(s):  
Physical Process ◽  
Large Scale ◽  
Cyber Physical Systems ◽  
Physical Systems ◽  
Attack Model ◽  
Command Sequence ◽  
Proposed Model ◽  
Feedback Data ◽  
Bad Data

Previous studies have demonstrated that false commands can cause severe damage to large-scale cyber-physical systems (CPSs). We focus on a kind of threat called false sequential command attack, with which attackers can generate false sequential commands, resulting in the illegal control of the physical process. We present a feasible attack model. Attackers delay the disaggregation of former commands by manipulating maliciously sub-controllers. Simultaneously, bad feedback data is injected to defeat the controller to issue latter commands. Thus, false command sequence is executed and the disruption of physical process can be obtained. It is also difficult for the detector to identify such attacks as injecting bad data. We also discuss other possible attack paths and analyze the corresponding disadvantages. Compared with other paths, the proposed model is more feasible and has more difficulties to be detected. A case study is given to validate the feasibility and effectiveness of proposed false sequential command attack model. Finally, we discuss the possible countermeasure.

scholarly journals Real-Time Control of Urban Water Cycle under Cyber-Physical Systems Framework

Water ◽  
2020 ◽  
Vol 12 (2) ◽  
pp. 406 ◽  
Author(s):  
Congcong Sun ◽  
Vicenç Puig ◽  
Gabriela Cembrano
Keyword(s):  
Critical Infrastructure ◽  
Water Cycle ◽  
Drainage System ◽  
Cyber Physical Systems ◽  
Urban Water ◽  
Critical Systems ◽  
Real Time Control ◽  
Physical Systems ◽  
Water Users ◽  
Urban Water Cycle

The urban water cycle (UWC), which is composed of the water supply system (WSS) and urban drainage system (UDS), is a critical infrastructure required for the functioning of urban society. Considering the growing pollution and subsequent water scarcity caused by increasing urbanization and climate change, efficient UWC management is required to maintain resource sustainability and environmental protection. Cyber-physical systems (CPSs) provide a technological suite for the efficient management of critical systems. To exploit advantages of CPS for UWC, this paper proposes a CPS-based management framework enabling supervision, subsystem interoperability, and integrated optimization of UWC: (1) Firstly, clear definitions are provided to demonstrate that UWC systems can be considered as CPSs. (2) A multi-layer CPS-based supervision framework is presented afterwards, conceptually dividing the physical UWC and its digital counterpart into Supervision&Control, Scheduling, Digital Twin, and Water Users and Environment four layers. (3) The information flows that interact with each layer, as well as a key aspect of CSP operation, namely the interoperability among subsystems in the context of UWC, are also addressed. (4) To demonstrate advantages of supervision and interoperability of subsystems under the CPS framework, an integrated optimizer based on model predictive control (MPC) is applied and compared against the individual control of each system. A real case study of the WSS and UDS in Barcelona UWC is applied in order to validate the proposed approaches through virtual reality simulations based on MATLAB/SIMULIN and EPA-SWMM.

Cyber-Physical Security

2020 ◽  
pp. 93-131
Author(s):  
Laura DeNardis
Keyword(s):  
Internet Of Things ◽  
Critical Infrastructure ◽  
Cyber Physical Systems ◽  
Digital Economy ◽  
Physical Security ◽  
Product Introduction ◽  
Market Incentives ◽  
Physical Systems ◽  
Software Vulnerabilities ◽  
Consumer Safety

This chapter explains how cybersecurity increasingly connects to consumer safety and critical industrial infrastructure, as well as the digital economy and systems of democracy. Thus, the stakes of cyber-physical security have never been higher. From attacks on the energy sector to the attacks on the consumer Internet of things and democracy, cybersecurity governance is an existential concern in society. Regrettably, security is woefully inadequate. Market incentives privilege rapid product introduction rather than strong security. The chapter then suggests baseline recommendations, across all stakeholders, necessary for improving the cyber-physical ecosystem. It also looks at how cyber-physical systems complicate and increasingly shape already-difficult global cybersecurity governance questions such as when governments choose to stockpile knowledge of software vulnerabilities for cyber offense, rather than disclose them to secure critical infrastructure.

Sign in / Sign up

Export Citation Format

Share Document