Integrating Cyber-Attack Defense Techniques into Real-Time Cyber-Physical Systems

Hao, Xiaochen; Lv, Mingsong; Zheng, Jiesheng; Zhang, Zhengkui; Yi, Wang

doi:10.1109/iccd46524.2019.00037

Cited by 6 publications

(3 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The practicality of the approach is validated in a simulated testbed environment [72]. Furthermore, in [71], an instrumentationbased defense technique is presented employing a sub-optimal plan to secure CPES in real-time. Even though the discussed defense and mitigation mechanisms may not be applicable for all cyber-attack scenarios, research and development in this direction contribute towards understanding attackers' tactics and defending against them in order to secure CPES.…”

Section: ) Attack Mitigations and Defenses In Cpesmentioning

confidence: 99%

Cyber-Physical Energy Systems Security: Threat Modeling, Risk Assessment, Resources, Metrics, and Case Studies

Zografopoulos¹,

Ospina²,

Liu³

et al. 2021

Preprint

View full text Add to dashboard Cite

Cyber-physical systems (CPS) are interconnected architectures that employ analog, digital, and communication resources for their interaction with the physical environment. CPS are the backbone of enterprise, industrial, and critical infrastructure. Thus, their vital importance, makes them prominent targets for malicious attacks aiming to disrupt their operations. Attacks targeting cyber-physical energy systems (CPES), given their mission-critical nature, can have disastrous consequences. The security of CPES can be enhanced leveraging testbed capabilities to replicate power systems operation, discover vulnerabilities, develop security countermeasures, and evaluate grid operation under fault-induced or maliciously constructed scenarios. In this paper, we provide a comprehensive overview of the CPS security landscape with emphasis on CPES. Specifically, we demonstrate a threat modeling methodology to accurately represent the CPS elements, their interdependencies, as well as the possible attack entry points and system vulnerabilities. Leveraging the threat model formulation, we present a CPS framework designed to delineate the hardware, software, and modeling resources required to simulate the CPS and construct high-fidelity models which can be used to evaluate the system's performance under adverse scenarios. The system performance is assessed using scenario-specific metrics, while risk assessment enables the system vulnerability prioritization factoring the impact on the system operation. The overarching framework for modeling, simulating, assessing, and mitigating attacks in a CPS is illustrated using four representative attack scenarios targeting CPES. The key objective of this paper is to demonstrate a stepby-step process that can be used to enact in-depth cybersecurity analyses, thus leading to more resilient and secure CPS.

show abstract

Section: ) Attack Mitigations and Defenses In Cpesmentioning

confidence: 99%

Cyber-Physical Energy Systems Security: Threat Modeling, Risk Assessment, Resources, Metrics, and Case Studies

Zografopoulos¹,

Ospina²,

Liu³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…5.1.2 Trade-off security for schedulability. While RECFISH provides a schedulability study of common CFI techniques, Hao et al [43] provides a novel technique to improve the schedulability of a real-time system by trading-off security with system schedulability. They focus on defending against ROP attacks (Section 1).…”

Section: Cfi With An Rtosmentioning

confidence: 99%

Survey of Control-Flow Integrity Techniques for Embedded and Real-Time Embedded Systems

Mishra,

Chantem,

Gerdes

2021

Preprint

View full text Add to dashboard Cite

Computing systems, including real-time embedded systems, are becoming increasingly connected to allow for more advanced and safer operation. Such embedded systems are resource-constrained, such as lower processing capabilities, as compared to general purpose computing systems like desktops or servers. However, allowing external interfaces to such embedded systems increases their exposure to attackers. With an increase in attacks against embedded systems ranging from home appliances to industrial control systems operating critical equipment that have hard real-time requirements, it is imperative that defense mechanisms be created that explicitly consider such resource and real-time constraints constraints. Control-flow integrity (CFI) is a family of defense mechanisms that prevent attackers from modifying the flow of execution. We survey CFI techniques, ranging from the basic to state-of-the-art, that are built for embedded systems and real-time embedded systems and find that there is a dearth, especially for real-time embedded systems, of CFI mechanisms. We then present open challenges to the community to help drive research in this domain.

show abstract

“…Hao et al [ 10 ] developed a strategy for effectively computing an execution plan that optimizes the number of engineered code iterations to achieve maximum protection impact while ensuring the guarded task system's real-time controllability through a novel reaction time analysis. They demonstrated how to incorporate protection mechanisms into practical cases.…”

Section: Introductionmentioning

confidence: 99%

Using Advanced Analytic Techniques to Optimize Cyber-Physical Defensive Plans in Sports Infrastructures and Facilities

Wang

2022

Computational Intelligence and Neuroscience

View full text Add to dashboard Cite

The technical projects for securing a network of infrastructures and processes are designed, financed, carried out, maintained, and operated within a general infrastructure system, which can gather activities and funds of the private or public sector. The importance of such projects for modern society is enormous, and there is a positive correlation between the size of infrastructure projects and the strength of the national economy. At the same time, it falls within the critical infrastructure sector most of the time. This work, taking into account the massive importance of investments made in the field of sports and the corresponding significance of the design and implementation of robust cybersecurity systems, presents an innovative optimization system for the design, performance, and adaptation of safeguards of technical projects, which require a high level of security standards. A realistic optimization system of low computational complexity is proposed and tested, dividing the problem into a series of subproblems of one-step optimization, which can be solved with great ease and without requirements on computational resources. The great innovation of the proposed system is that the separation is done so that the solution results from the optimal individual solutions of the subproblems without affecting the final result.

show abstract

Integrating Cyber-Attack Defense Techniques into Real-Time Cyber-Physical Systems

Cited by 6 publications

References 21 publications

Cyber-Physical Energy Systems Security: Threat Modeling, Risk Assessment, Resources, Metrics, and Case Studies

Cyber-Physical Energy Systems Security: Threat Modeling, Risk Assessment, Resources, Metrics, and Case Studies

Survey of Control-Flow Integrity Techniques for Embedded and Real-Time Embedded Systems

Using Advanced Analytic Techniques to Optimize Cyber-Physical Defensive Plans in Sports Infrastructures and Facilities

Contact Info

Product

Resources

About