Security challenges and methods for protecting critical infrastructure cyber-physical systems

Cyber-Physical Systems (CPS) represent a fundamental link between information technology (IT) systems and the devices that control industrial production and maintain critical infrastructure services that support our modern world. Increasingly, the interconnections among CPS and IT systems have created exploitable security vulnerabilities due to a number of factors, including a legacy of weak information security applications on CPS and the tendency of CPS operators to prioritize operational availability at the expense of integrity and confidentiality. As a result, CPS are subject to a number of threats from cyber attackers and cyber-physical attackers, including denial of service and even attacks against the integrity of the data in the system. The effects of these attacks extend beyond mere loss of data or the inability to access information system services. Attacks against CPS can cause physical damage in the real world. This paper reviews the challenges of providing information assurance services for CPS that operate critical infrastructure systems and industrial control systems. These methods are thorough measures to close integrity and confidentiality gaps in CPS and processes to highlight the security risks that remain. This paper also outlines approaches to reduce the overhead and complexity for security methods, as well as examine novel approaches, including covert communications channels, to increase CPS security.

[1]  Hamid Sharif,et al.  Automated Covert Channel Modeling over a real network platform , 2014, 2014 International Wireless Communications and Mobile Computing Conference (IWCMC).

[2]  Naixue Xiong,et al.  Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information , 2015, Symmetry.

[3]  Ashutosh Tiwari,et al.  The security challenges in the IoT enabled cyber-physical systems and opportunities for evolutionary computing & other computational intelligence , 2016, 2016 IEEE Congress on Evolutionary Computation (CEC).

[4]  Jian Sun,et al.  Optimal data integrity attack on actuators in Cyber-Physical Systems , 2016, 2016 American Control Conference (ACC).

[5]  Bruno Sinopoli,et al.  Challenges for Securing Cyber Physical Systems , 2009 .

[6]  S. Shankar Sastry,et al.  Safe and Secure Networked Control Systems under Denial-of-Service Attacks , 2009, HSCC.

[7]  R.S.H. Piggin,et al.  Safety and security - a story of interdependence , 2015 .

[8]  Khalil El-Khatib,et al.  Securing modbus transactions using hash-based message authentication codes and stream transmission control protocol , 2013, 2013 Third International Conference on Communications and Information Technology (ICCIT).

[9]  Hamid Sharif,et al.  Achieving robustness and capacity gains in covert timing channels , 2014, 2014 IEEE International Conference on Communications (ICC).

[10]  Bruce Schneier,et al.  Schneier on security , 2008 .

[11]  Bruno Sinopoli,et al.  Secure control against replay attacks , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[12]  Guofei Jiang,et al.  Modeling and analytics for cyber-physical systems in the age of big data , 2014, PERV.

[13]  Richard Kissel,et al.  Glossary of Key Information Security Terms , 2014 .

[14]  Bruno Sinopoli,et al.  Integrity attacks on cyber-physical systems , 2012, HiCoNS '12.

[15]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[16]  Liviu Miclea,et al.  A framework for verifying the integrity of the components of a secure cyber-physical system , 2014, 2014 18th International Conference on System Theory, Control and Computing (ICSTCC).

[17]  Joaquín García,et al.  Revisiting a Watermark-Based Detection Scheme to Handle Cyber-Physical Attacks , 2016, 2016 11th International Conference on Availability, Reliability and Security (ARES).

[18]  E. Byres,et al.  The Use of Attack Trees in Assessing Vulnerabilities in SCADA Systems , 2004 .

[19]  Robert K. Abercrombie,et al.  Security Analysis of Smart Grid Cyber Physical Infrastructures Using Game Theoretic Simulation , 2015, 2015 IEEE Symposium Series on Computational Intelligence.