A multi-layered and kill-chain based security analysis framework for cyber-physical systems

This paper introduces a novel framework for understanding cyber attacks and the related risks to cyber-physical systems. The framework consists of two elements, a three-layered logical model and reference architecture for cyber-physical systems, and a meta-model of cyber-physical system attacks that is referred to as the cyber-physical system kill-chain. The layered reference architecture provides a systematic basis for studying how the causal chain associated with cyber perturbations can be traced all the way to physical perturbations. The cyber-physical system kill-chain describes the progressive stages of attacks to illuminate the steps required for an attacker to launch a successful attack against a cyber-physical system. The proposed framework offers a novel approach for comprehensively studying the elements of cyber-physical system attacks, including the attacker objectives, cyber exploitation, control-theoretic properties and physical system properties. The framework is evaluated using a simulated unmanned aerial system and the results of the evaluation are discussed. The longer-term goal is to use the framework as a means to deduce cyber-physical system security properties and to enumerate the principles for designing systems that are resilient to cyber attacks.

[1]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2011, TSEC.

[2]  Mark Zeller,et al.  Myth or reality — Does the Aurora vulnerability pose a risk to my generator? , 2011, 2011 64th Annual Conference for Protective Relay Engineers.

[3]  Todd E. Humphreys,et al.  Drone Hack: Spoofing Attack Demonstration on a Civilian Unmanned Aerial Vehicle , 2012 .

[4]  Eric Michael Hutchins,et al.  Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains , 2010 .

[5]  Peter H. Feiler,et al.  The Architecture Analysis & Design Language (AADL): An Introduction , 2006 .

[6]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[7]  Dan Guido A Case Study of Intelligence-Driven Defense , 2011, IEEE Security & Privacy.

[8]  Nicanor Quijano,et al.  Controllability of Dynamical Systems: Threat Models and Reactive Security , 2013, GameSec.

[9]  Kevin Fu,et al.  Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[10]  Weiyi Liu,et al.  Numerical Analysis of Cyberattacks on Unmanned Aerial Systems , 2012, Infotech@Aerospace.

[11]  S. Shankar Sastry,et al.  Secure Control: Towards Survivable Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[12]  Agostino De Marco,et al.  Progress on and Usage of the Open Source Flight Dynamics Model Software Library, JSBSim , 2009 .

[13]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[14]  Niraj K. Jha,et al.  Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system , 2011, 2011 IEEE 13th International Conference on e-Health Networking, Applications and Services.