SURE: A Modeling and Simulation Integration Platform for Evaluation of Secure and Resilient Cyber–Physical Systems

The exponential growth of information and communication technologies have caused a profound shift in the way humans engineer systems leading to the emergence of closed-loop systems involving strong integration and coordination of physical and cyber components, often referred to as cyber–physical systems (CPSs). Because of these disruptive changes, physical systems can now be attacked through cyberspace and cyberspace can be attacked through physical means. The paper considers security and resilience as system properties emerging from the intersection of system dynamics and the computing architecture. A modeling and simulation integration platform for experimentation and evaluation of resilient CPSs is presented using smart transportation systems as the application domain. Evaluation of resilience is based on attacker–defender games using simulations of sufficient fidelity. The platform integrates 1) realistic models of cyber and physical components and their interactions; 2) cyber attack models that focus on the impact of attacks to CPS behavior and operation; and 3) operational scenarios that can be used for evaluation of cybersecurity risks. Three case studies are presented to demonstrate the advantages of the platform: 1) vulnerability analysis of transportation networks to traffic signal tampering; 2) resilient sensor selection for forecasting traffic flow; and 3) resilient traffic signal control in the presence of denial-of-service attacks.

[1]  Gabor Karsai,et al.  Smart Dust: communicating with a cubic-millimeter computer , 2001 .

[2]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[3]  C. Daganzo THE CELL TRANSMISSION MODEL.. , 1994 .

[4]  Insup Lee,et al.  Design and Implementation of Attack-Resilient Cyberphysical Systems: With a Focus on Attack-Resilient State Estimators , 2017, IEEE Control Systems.

[5]  Quanyan Zhu,et al.  Robust and resilient control design for cyber-physical systems with an application to power systems , 2011, IEEE Conference on Decision and Control and European Control Conference.

[6]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[7]  M. R. Shaebani,et al.  Intelligent Controlling Simulation of Traffic Flow in a Small City Network , 2004, physics/0511141.

[8]  E. Long,et al.  Increasing Productivity at Saturn , 1998, Computer.

[9]  Paulo Tabuada,et al.  SMT-Based Observer Design for Cyber-Physical Systems under Sensor Attacks , 2016, 2016 ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS).

[10]  Henrik Sandberg,et al.  Limiting the Impact of Stealthy Attacks on Industrial Control Systems , 2016, CCS.

[11]  Yevgeniy Vorobeychik,et al.  Decentralization and security in dynamic traffic light control , 2016, HotSoS.

[12]  Ming Zhong,et al.  Genetically-Designed Time Delay Neural Networks for Multiple-interval Urban Freeway Traffic Flow Forecasting , 2006 .

[13]  Christian Jacob,et al.  Evolutionary swarm traffic: if ant roads had traffic lights , 2002, Proceedings of the 2002 Congress on Evolutionary Computation. CEC'02 (Cat. No.02TH8600).

[14]  Hamid Bagheri,et al.  Monarch: model-based development of software architectures , 2010, MODELS'10.

[15]  Carlos Gershenson,et al.  Self-organizing traffic lights at multiple-street intersections , 2011, Complex..

[16]  J. Alex Halderman,et al.  Green Lights Forever: Analyzing the Security of Traffic Infrastructure , 2014, WOOT.

[17]  Gabor Karsai,et al.  SURE: an experimentation and evaluation testbed for CPS security and resilience: demo abstract , 2016, ICCPS 2016.

[18]  Shreyas Sundaram,et al.  Resilient Asymptotic Consensus in Robust Networks , 2013, IEEE Journal on Selected Areas in Communications.

[19]  Srdjan Capkun,et al.  The security and privacy of smart vehicles , 2004, IEEE Security & Privacy Magazine.

[20]  S. Shankar Sastry,et al.  Secure Control: Towards Survivable Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[21]  Helen Gill,et al.  Cyber-Physical Systems , 2019, 2019 IEEE International Conference on Mechatronics (ICM).

[22]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[23]  Naif Alajlan,et al.  Improved Estimation of Water Chlorophyll Concentration With Semisupervised Gaussian Process Regression , 2012, IEEE Transactions on Geoscience and Remote Sensing.

[24]  Yukinori Kakazu,et al.  Genetic reinforcement learning for cooperative traffic signal control , 1994, Proceedings of the First IEEE Conference on Evolutionary Computation. IEEE World Congress on Computational Intelligence.

[25]  Siddharth Sridhar,et al.  Cyber–Physical System Security for the Electric Power Grid , 2012, Proceedings of the IEEE.

[26]  Daniel Krajzewicz,et al.  SUMO - Simulation of Urban MObility An Overview , 2011 .

[27]  Hui Xiong,et al.  Enhancing Security and Privacy in Traffic-Monitoring Systems , 2006, IEEE Pervasive Computing.

[28]  T.J. Overbye,et al.  SCADA Cyber Security Testbed Development , 2006, 2006 38th North American Power Symposium.

[29]  T. Kropp System threats and vulnerabilities [power system protection] , 2006, IEEE Power and Energy Magazine.

[30]  Daniel Krajzewicz,et al.  Recent Development and Applications of SUMO - Simulation of Urban MObility , 2012 .

[31]  Kevin Fu,et al.  Security and Privacy for Implantable Medical Devices , 2008, IEEE Pervasive Comput..

[32]  Sonia Martínez,et al.  Attack-resilient distributed formation control via online adaptation , 2011, IEEE Conference on Decision and Control and European Control Conference.

[33]  Dirk Helbing,et al.  Self-Organized Network Flows , 2007 .

[34]  Saurabh Amin,et al.  In quest of benchmarking security risks to cyber-physical systems , 2013, IEEE Network.

[35]  Darren D. Cofer,et al.  Requirements and Architectures for Secure Vehicles , 2016, IEEE Software.

[36]  Abhishek Dubey,et al.  Computation and Communication Evaluation of an Authentication Mechanism for Time-Triggered Networked Control Systems , 2016, Sensors.

[37]  Heejo Lee,et al.  This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. INVITED PAPER Cyber–Physical Security of a Smart Grid Infrastructure , 2022 .

[38]  A. Varga,et al.  THE OMNET++ DISCRETE EVENT SIMULATION SYSTEM , 2003 .

[39]  Michail Maniatakos,et al.  Security and Privacy in Cyber-Physical Systems: A Survey of Surveys , 2017, IEEE Design & Test.

[40]  Sandeep Neema,et al.  Model based self adaptive behavior language for large scale real time embedded systems , 2004, Proceedings. 11th IEEE International Conference and Workshop on the Engineering of Computer-Based Systems, 2004..

[41]  Salim Hariri,et al.  A testbed for analyzing security of SCADA control systems (TASSCS) , 2011, ISGT 2011.

[42]  Alexandre M. Bayen,et al.  On Cybersecurity of Freeway Control Systems: Analysis of Coordinated Ramp Metering Attacks , 2015 .

[43]  Gabor Karsai,et al.  Demo Abstract: SURE: An Experimentation and Evaluation Testbed for CPS Security and Resilience , 2016, 2016 ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS).

[44]  Gabor Karsai,et al.  Toward a Science of Cyber–Physical System Integration , 2012, Proceedings of the IEEE.

[45]  Naira Hovakimyan,et al.  VirtualDrone: Virtual Sensing, Actuation, and Communication for Attack-Resilient Unmanned Aerial Systems , 2017, 2017 ACM/IEEE 8th International Conference on Cyber-Physical Systems (ICCPS).

[46]  Dirk Helbing,et al.  Decentralised control of material or traffic flows in networks using phase-synchronisation , 2006, physics/0603259.

[47]  Mark Tullsen,et al.  Secure Automotive Software: The Next Steps , 2017, IEEE Software.

[48]  Christopher K. I. Williams,et al.  Gaussian Processes for Machine Learning (Adaptive Computation and Machine Learning) , 2005 .

[49]  Feng Gao,et al.  Sparse online warped Gaussian process for wind power probabilistic forecasting , 2013 .

[50]  Saurabh Amin,et al.  Vulnerability of Transportation Networks to Traffic-Signal Tampering , 2016, 2016 ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS).

[51]  Ned Djilali,et al.  GridLAB-D: An Agent-Based Simulation Framework for Smart Grids , 2014, J. Appl. Math..

[52]  Yevgeniy Vorobeychik,et al.  Optimal Thresholds for Anomaly-Based Intrusion Detection in Dynamical Environments , 2016, GameSec.

[53]  Anne Miller,et al.  A Model-Integrated, Guideline-Driven, Clinical Decision-Support System , 2009, IEEE Software.

[54]  Brian Ellis,et al.  VEST: an aspect-based composition tool for real-time systems , 2003, The 9th IEEE Real-Time and Embedded Technology and Applications Symposium, 2003. Proceedings..

[55]  Ayan Banerjee,et al.  Ensuring Safety, Security, and Sustainability of Mission-Critical Cyber–Physical Systems , 2012, Proceedings of the IEEE.

[56]  Peter Bunus,et al.  A simulation and decision framework for selection of numerical solvers in scientific computing , 2006, Annual Simulation Symposium.

[57]  Aditya Ashok,et al.  Experimental evaluation of cyber attacks on Automatic Generation Control using a CPS Security Testbed , 2015, 2015 IEEE Power & Energy Society General Meeting.

[58]  Gabor Karsai,et al.  Model-Based Integration Platform for FMI Co-Simulation and Heter- ogeneous Simulations of Cyber-Physical Systems , 2014 .

[59]  Ying Sun,et al.  Gaussian Processes for Short-Term Traffic Volume Forecasting , 2010 .

[60]  Javad Haddadnia,et al.  Traffic signal control for isolated intersections based on fuzzy neural network and genetic algorithm , 2010 .

[61]  Miklós Maróti,et al.  Online Collaborative Environment for Designing Complex Computational Systems , 2014, ICCS.

[62]  Adriano Valenzano,et al.  Review of Security Issues in Industrial Networks , 2013, IEEE Transactions on Industrial Informatics.

[63]  Gaurav S. Sukhatme,et al.  Decentralized Data Fusion and Active Sensing with Mobile Sensors for Modeling and Predicting Spatiotemporal Traffic Phenomena , 2012, UAI.

[64]  Jean Bézivin,et al.  Bridging the Generic Modeling Environment ( GME ) and the Eclipse Modeling Framework ( EMF ) , 2005 .

[65]  Marco Caccamo,et al.  S3A: secure system simplex architecture for enhanced security and robustness of cyber-physical systems , 2013, HiCoNS '13.

[66]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[67]  Gabor Karsai,et al.  Rapid synthesis of high-level architecture-based heterogeneous simulation: a model-based integration approach , 2012, Simul..

[68]  Iain B. Collings,et al.  Location-aware cooperative spectrum sensing via Gaussian Processes , 2012, 2012 Australian Communications Theory Workshop (AusCTW).

[69]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[70]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[71]  Lars Michael Kristensen,et al.  Coloured Petri Nets and CPN Tools for modelling and validation of concurrent systems , 2007, International Journal on Software Tools for Technology Transfer.

[72]  Yevgeniy Vorobeychik,et al.  Resilient observation selection in adversarial settings , 2015, 2015 54th IEEE Conference on Decision and Control (CDC).