Determining Tolerable Attack Surfaces that Preserves Safety of Cyber-Physical Systems

2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC) Pub Date : 2018-12-01 DOI:10.1109/PRDC.2018.00023

C. Cheh, Ahmed M. Fawaz, Mohammad A. Noureddine, Binbin Chen, W. G. Temple, W. Sanders

{"title":"Determining Tolerable Attack Surfaces that Preserves Safety of Cyber-Physical Systems","authors":"C. Cheh, Ahmed M. Fawaz, Mohammad A. Noureddine, Binbin Chen, W. G. Temple, W. Sanders","doi":"10.1109/PRDC.2018.00023","DOIUrl":null,"url":null,"abstract":"As safety-critical systems become increasingly interconnected, a system's operations depend on the reliability and security of the computing components and the interconnections among them. Therefore, a growing body of research seeks to tie safety analysis to security analysis. Specifically, it is important to analyze system safety under different attacker models. In this paper, we develop generic parameterizable state automaton templates to model the effects of an attack. Then, given an attacker model, we generate a state automaton that represents the system operation under the threat of the attacker model. We use a railway signaling system as our case study and consider threats to the communication protocol and the commands issued to physical devices. Our results show that while less skilled attackers are not able to violate system safety, more dedicated and skilled attackers can affect system safety. We also consider several countermeasures and show how well they can deter attacks.","PeriodicalId":409301,"journal":{"name":"2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PRDC.2018.00023","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

As safety-critical systems become increasingly interconnected, a system's operations depend on the reliability and security of the computing components and the interconnections among them. Therefore, a growing body of research seeks to tie safety analysis to security analysis. Specifically, it is important to analyze system safety under different attacker models. In this paper, we develop generic parameterizable state automaton templates to model the effects of an attack. Then, given an attacker model, we generate a state automaton that represents the system operation under the threat of the attacker model. We use a railway signaling system as our case study and consider threats to the communication protocol and the commands issued to physical devices. Our results show that while less skilled attackers are not able to violate system safety, more dedicated and skilled attackers can affect system safety. We also consider several countermeasures and show how well they can deter attacks.

查看原文本刊更多论文

确定保护网络物理系统安全的可容忍攻击面

随着对安全至关重要的系统变得越来越互联，系统的运行依赖于计算组件的可靠性和安全性以及它们之间的互联。因此，越来越多的研究机构试图将安全分析与安全分析联系起来。具体来说，分析不同攻击模型下的系统安全性是非常重要的。在本文中，我们开发了通用的可参数状态自动机模板来模拟攻击的影响。然后，给定一个攻击者模型，我们生成一个状态自动机，该状态自动机表示在攻击者模型威胁下的系统操作。我们使用铁路信号系统作为案例研究，并考虑对通信协议的威胁和向物理设备发出的命令。我们的结果表明，虽然技能较差的攻击者无法违反系统安全，但更专注和熟练的攻击者可以影响系统安全。我们还考虑了几种对策，并展示了它们如何有效地阻止攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)

自引率

0.00%

发文量