Embedded Systems Security for Cyber-Physical Systems

Ali, Saqib; Balushi, Taiseera Al; Nadir, Zia; Hussain, Omar Khadeer

doi:10.1007/978-3-319-75880-0_6

Cited by 5 publications

(4 citation statements)

References 81 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The use of fault trees might give rise to overlook runtime faults in the system. The papers in our set of 312 shows that most of the work done in terms of the techniques proposed for risk identification, assessment, mitigation, and management is specific to smart grids. The focus of the aforementioned techniques was on safety, security, and risk management standards specific to smart grids as in previous works 62,104,105 . In one way, this is not a limitation for professionals working on smart grids; however, it opens up avenues for researchers to explore other domains also.…”

Section: Findings Of Our Reviewmentioning

confidence: 99%

“…Since trust, system reliability, and resilience against security threats in CPS are mainly based on data confidentiality, integrity, authenticity, and system's authorized access, 104 some papers have considered them along with availability, fault‐tolerance, and self‐healing to be a crucial factor being integrated in CPS 5 . In our selected set of papers, the most frequently covered security requirements are integrity (in 184 papers), confidentiality (170 papers), and authentication (165), while the most studied dependability attributes consisted of availability (177 papers), reliability (157 papers), and trust (108 papers).…”

Section: Findings Of Our Reviewmentioning

confidence: 99%

See 1 more Smart Citation

Security risks in cyber physical systems—A systematic mapping study

Zahid

Inayat

Daneva

et al. 2021

J Software Evolu Process

View full text Add to dashboard Cite

The increased need for constant connectivity and complete automation of existing systems fuels the popularity of Cyber Physical Systems (CPS) worldwide. Increasingly more, these systems are subjected to cyber attacks. In recent years, many major cyber‐attack incidents on CPS have been recorded and, in turn, have been raising concerns in their users' minds. Unlike in traditional IT systems, the complex architecture of CPS consisting of embedded systems integrated with the Internet of Things (IoT) requires rather extensive planning, implementation, and monitoring of security requirements. One crucial step to planning, implementing, and monitoring of these requirements in CPS is the integration of the risk management process in the CPS development life cycle. Existing studies do not clearly portray the extent of damage that the unattended security issues in CPS can cause or have caused, in the incidents recorded. An overview of the possible risk management techniques that could be integrated into the development and maintenance of CPS contributing to improving its security level in its actual environment is missing. In this paper, we are set out to highlight the security requirements and issues specific to CPS that are discussed in scientific literature and to identify the state‐of‐the‐art risk management processes adopted to identify, monitor, and control those security issues in CPS. For that, we conducted a systematic mapping study on the data collected from 312 papers published between 2000 and 2020, focused on the security requirements, challenges, and the risk management processes of CPS. Our work aims to form an overview of the security requirements and risks in CPS today and of those published contributions that have been made until now, towards improving the reliability of CPS. The results of this mapping study reveal (i) integrity authentication and confidentiality as the most targeted security attributes in CPS, (ii) model‐based techniques as the most used risk identification and assessment and management techniques in CPS, (iii) cyber‐security as the most common security risk in CPS, (iv) the notion of “mitigation measures” based on the type of system and the underline internationally recognized standard being the most used risk mitigation technique in CPS, (v) smart grids being the most targeted systems by cyber‐attacks and thus being the most explored domain in CPS literature, and (vi) one of the major limitations, according to the selected literature, concerns the use of the fault trees for fault representation, where there is a possibility of runtime system faults not being accounted for. Finally, the mapping study draws implications for practitioners and researchers based on the findings.

show abstract

Section: Findings Of Our Reviewmentioning

confidence: 99%

Section: Findings Of Our Reviewmentioning

confidence: 99%

Security risks in cyber physical systems—A systematic mapping study

Zahid

Inayat

Daneva

et al. 2021

J Software Evolu Process

View full text Add to dashboard Cite

show abstract

“…f) Man-in-the-middle attack: In CPSs, when an attacker tries to eavesdrop on communication between a system and a server, a man-in-the-middle (MITM) attack may occur [35]. The attacker sends forged information to the server, and the server performs unnecessary operations based on the received information, which may lead to some undesirable consequences [75]. The attack process is shown in Fig.…”

Section: Jamming Noisementioning

confidence: 99%

A Survey on Cyber–Physical Systems Security

Gao

Cong

et al. 2023

IEEE Internet Things J.

View full text Add to dashboard Cite

show abstract

“…1) Vulnerabilities in the embedded systems: In [60], [61], a number of vulnerabilities in the embedded hardware have been reported in SG metering systems, e.g., lack of tamper protection, weak encryption module and algorithm, hardware design flaws, etc. In addition, numbers of embedded software flaws have been discussed in the smart metering systems, such as bugs in [67], [68], malware and lack of software update in [69]. Utilizing these software vulnerabilities, an attacker can pose huge impacts on the smart metering network, and on the consumers, e.g., a black out in home.…”

Section: A2 Vulnerabilities In Sg Metering Networkmentioning

confidence: 99%

Smart Grid Metering Networks: A Survey on Security, Privacy and Open Research Issues

Kumar

Lin

Bai

et al. 2019

IEEE Commun. Surv. Tutorials

262

115

View full text Add to dashboard Cite

Smart grid (SG) networks are newly upgraded networks of connected objects that greatly improve reliability, efficiency and sustainability of the traditional energy infrastructure. In this respect, the smart metering infrastructure (SMI) plays an important role in controlling, monitoring and managing multiple domains in the SG. Despite the salient features of SMI, security and privacy issues have been under debate because of the large number of heterogeneous devices that are anticipated to be coordinated through public communication networks. This survey paper shows a brief overview of real cyber attack incidents in traditional energy networks and those targeting the smart metering network. Specifically, we present a threat taxonomy considering: (i) threats in system-level security, (ii) threats and/or theft of services, and (iii) threats to privacy. Based on the presented threats, we derive a set of security and privacy requirements for SG metering networks. Furthermore, we discuss various schemes that have been proposed to address these threats, considering the pros and cons of each. Finally, we investigate the open research issues to shed new light on future research directions in smart grid metering networks.

show abstract

Embedded Systems Security for Cyber-Physical Systems

Cited by 5 publications

References 81 publications

Security risks in cyber physical systems—A systematic mapping study

Security risks in cyber physical systems—A systematic mapping study

A Survey on Cyber–Physical Systems Security

Smart Grid Metering Networks: A Survey on Security, Privacy and Open Research Issues

Contact Info

Product

Resources

About