{"title":"用于关键基础设施保护的可信计算体系结构","authors":"M. Burmester","doi":"10.1109/IISA.2013.6623706","DOIUrl":null,"url":null,"abstract":"Most critical infrastructures can be modeled as cyber-physical systems whose cyber components control underlying physical processes so as to optimize system objectives based on physical properties/constraints and the current and estimated state of the system. Such systems usually require performance guarantees and support for security: wrongly received or missed commands can render the entire system unstable. Yet, securing cyber-physical systems with heterogeneous components is still an open and challenging problem. In this paper we propose a trusted computing architecture for critical infrastructure protection based on the trusted computing paradigm. We discuss the threat model, the vulnerabilities, real-time availability, run-time integrity and show how to get resilience against intentional and unintentional faults by using trusted computing enabled components and an access control structure that enforces need-to-get-now (availability) policies. We conclude by showing how this approach can be used to secure substation automation systems of an IEC/TR 61850-90-5-compliant electricity grid.","PeriodicalId":261368,"journal":{"name":"IISA 2013","volume":"69 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"A trusted computing architecture for critical infrastructure protection\",\"authors\":\"M. Burmester\",\"doi\":\"10.1109/IISA.2013.6623706\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Most critical infrastructures can be modeled as cyber-physical systems whose cyber components control underlying physical processes so as to optimize system objectives based on physical properties/constraints and the current and estimated state of the system. Such systems usually require performance guarantees and support for security: wrongly received or missed commands can render the entire system unstable. Yet, securing cyber-physical systems with heterogeneous components is still an open and challenging problem. In this paper we propose a trusted computing architecture for critical infrastructure protection based on the trusted computing paradigm. We discuss the threat model, the vulnerabilities, real-time availability, run-time integrity and show how to get resilience against intentional and unintentional faults by using trusted computing enabled components and an access control structure that enforces need-to-get-now (availability) policies. We conclude by showing how this approach can be used to secure substation automation systems of an IEC/TR 61850-90-5-compliant electricity grid.\",\"PeriodicalId\":261368,\"journal\":{\"name\":\"IISA 2013\",\"volume\":\"69 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-07-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IISA 2013\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IISA.2013.6623706\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IISA 2013","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IISA.2013.6623706","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A trusted computing architecture for critical infrastructure protection
Most critical infrastructures can be modeled as cyber-physical systems whose cyber components control underlying physical processes so as to optimize system objectives based on physical properties/constraints and the current and estimated state of the system. Such systems usually require performance guarantees and support for security: wrongly received or missed commands can render the entire system unstable. Yet, securing cyber-physical systems with heterogeneous components is still an open and challenging problem. In this paper we propose a trusted computing architecture for critical infrastructure protection based on the trusted computing paradigm. We discuss the threat model, the vulnerabilities, real-time availability, run-time integrity and show how to get resilience against intentional and unintentional faults by using trusted computing enabled components and an access control structure that enforces need-to-get-now (availability) policies. We conclude by showing how this approach can be used to secure substation automation systems of an IEC/TR 61850-90-5-compliant electricity grid.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
