Secure cyber-physical production systems: Solid steps towards realization

Sophisticated production systems include plenty of information technology (IT) in order to gain more efficiency. However, this on-going development bears the drawback of lacking security. Cyber-physical production systems (CPPS) are likely to be struck by a cyber-launched attack; but might also be themselves the origin of an attack targeting IT infrastructures or other production systems. Far from an ideal solution, the involved engineering disciplines appear to work in parallel despite aiming for the same goal: securing the production systems. In this paper, we highlight small measures that are able to achieve large effects on CPPS security: (1) Extending interoperability testing by security testing gains robustness against intentionally malformed inputs; (2) the extension of today's models so that they enable the description of malicious actions would allow to assess system behavior in presence of an attack; and (3) a layered approach on CPPS security enables to address malicious activities at an adequate, semantic layer without the need for precarious shadow systems.

[1]  Christoph Schmittner,et al.  Combined safety and security development lifecylce , 2015, 2015 IEEE 13th International Conference on Industrial Informatics (INDIN).

[2]  Artemios G. Voyiatzis,et al.  Security challenges in embedded systems , 2013, ACM Trans. Embed. Comput. Syst..

[3]  Edgar R. Weippl,et al.  Privacy is Not an Option: Attacking the IPv6 Privacy Extension , 2015, RAID.

[4]  Edgar R. Weippl,et al.  IPv6 Security: Attacks and Countermeasures in a Nutshell , 2014, WOOT.

[5]  D. N. Serpanos,et al.  Secure network design: A layered approach , 2002, The 2nd International Workshop on Autonomous Decentralized System, 2002..

[6]  Kim-Kwang Raymond Choo,et al.  Security, Privacy, and Anonymity in Computation, Communication, and Storage , 2017, Lecture Notes in Computer Science.

[7]  Mark A. Gondree,et al.  Teaching Industrial Control System Security Using Collaborative Projects , 2015, CyberICS/WOS-CPS@ESORICS.

[8]  Nadya Bartol,et al.  Supply Chain Risk Management Practices for Federal Information Systems and Organizations , 2015 .

[9]  Richard George Why we should worry about the supply chain , 2015, Int. J. Crit. Infrastructure Prot..

[10]  Melvin Kohn A view from the front lines: implications of the Multisite Violence Prevention Project for violence prevention at state and local health departments. , 2004, American journal of preventive medicine.

[11]  Joseph G. Tront,et al.  Implementing moving target IPv6 defense to secure 6LoWPAN in the internet of things and smart grid , 2014, CISR '14.

[12]  Franz Wotawa,et al.  Attack Pattern-Based Combinatorial Testing with Constraints for Web Security Testing , 2015, 2015 IEEE International Conference on Software Quality, Reliability and Security.

[13]  Scott A. DeLoach,et al.  Towards a Theory of Moving Target Defense , 2014, MTD '14.

[14]  Andrei V. Gurtov,et al.  Security in Software Defined Networks: A Survey , 2015, IEEE Communications Surveys & Tutorials.

[15]  Angelos D. Keromytis,et al.  From the Aether to the Ethernet - Attacking the Internet using Broadcast Digital Television , 2014, USENIX Security Symposium.

[16]  Christos Emmanouilidis,et al.  Economical and technological prospects for e-maintenance , 2010, Int. J. Syst. Assur. Eng. Manag..

[17]  S. Shankar Sastry,et al.  Secure Control: Towards Survivable Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[18]  Alfonso Valdes,et al.  Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures , 2014 .