Integrating Six-Step Model with Information Flow Diagrams for Comprehensive Analysis of Cyber-Physical System Safety and Security

An approach for integrating Six-Step Model (SSM) with Information Flow Diagrams (IFDs) is proposed. SSM is a model for Cyber-Physical System (CPS) safety and security analysis, which incorporates six hierarchies of CPS, namely, functions, structure, failures, safety countermeasures, cyber-attacks, and security countermeasures. Relationship matrices are used in SSM to identify inter-relationships between these hierarchies and determine the effect of failures and cyber-attacks on CPSs. Although SSM is a useful tool for CPS safety and security modeling, it lacks guidance for identifying failures and attacks, and selecting adequate set of safety and security countermeasures. To address this issue, an approach for integrating SSM with IFDs is proposed and explained using the water treatment system example.

[1]  Bruce M. McMillin,et al.  Analysis of information flow security in cyber-physical systems , 2010, Int. J. Crit. Infrastructure Prot..

[2]  Mohammad Modarres,et al.  Function-centered modeling of engineering systems using the goal tree–success tree technique and functional primitives , 1999 .

[3]  Dieter Gollmann,et al.  Vulnerabilities of cyber-physical systems to stale data - Determining the optimal time to launch attacks , 2014, Int. J. Crit. Infrastructure Prot..

[4]  Leon Moonen,et al.  Analyzing and visualizing information flow in heterogeneous component-based software systems , 2016, Inf. Softw. Technol..

[5]  Andrew J. Kornecki,et al.  Studying interrelationships of safety and security for software assurance in cyber-physical systems: Approach based on bayesian belief networks , 2013, 2013 Federated Conference on Computer Science and Information Systems.

[6]  Sai Vaddi,et al.  Information flow diagram analysis of a model cyber-physical system: Conflict detection and resolution for airport surface traffic , 2013, IEEE Aerospace and Electronic Systems Magazine.

[7]  Albert Treytl,et al.  Functional safety and system security in automation systems - a life cycle model , 2008, 2008 IEEE International Conference on Emerging Technologies and Factory Automation.

[8]  Dieter Gollmann,et al.  Cyber-Physical Systems Security: Experimental Analysis of a Vinyl Acetate Monomer Plant , 2015, CPSS@ASIACSS.

[9]  Yang Li,et al.  Towards a Framework for Assuring Cyber Physical System Security , 2015 .

[10]  Sridhar Adepu,et al.  Distributed Detection of Single-Stage Multipoint Cyber Attacks in a Water Treatment Plant , 2016, AsiaCCS.

[11]  H. Marko Information theory and cybernetics , 1967, IEEE Spectrum.

[12]  Ludovic Piètre-Cambacédès,et al.  A survey of approaches combining safety and security for industrial control systems , 2015, Reliab. Eng. Syst. Saf..

[13]  Ludovic Piètre-Cambacédès,et al.  Modeling safety and security interdependencies with BDMP (Boolean logic Driven Markov Processes) , 2010, 2010 IEEE International Conference on Systems, Man and Cybernetics.

[14]  Aditya P. Mathur,et al.  Aligning Cyber-Physical System Safety and Security , 2014, CSDM Asia.

[15]  Sridhar Adepu,et al.  A Six-Step Model for Safety and Security Analysis of Cyber-Physical Systems , 2016, CRITIS.

[16]  Christophe Bérenguer,et al.  RELIABILITY STUDY OF AN INTELLIGENT TRANSMITTER , 2009 .

[17]  Ludovic Piètre-Cambacédès,et al.  Cross-fertilization between safety and security engineering , 2013, Reliab. Eng. Syst. Saf..