SIMON: Semantic Inference Model for Security in Cyber Physical Systems using Ontologies

—Cyber Physical Systems (CPS) are an integration of computational and physical processes, where embedded cyber systems monitor and control physical processes. Cyber attacks largely target components in the cyber domain with the intention of disrupting the functionality of the components in the physical domain. In this paper, we present SIMON, an Ontological design and verification framework that captures the intricate relationship(s) between cyber and physical components in CPS by leveraging standard specification Ontologies and extending the NIST CPS framework. We demonstrate the capabilities of SIMON using two vehicle to infrastructure (V2I) safety appli- cations. In addition, we also investigate introducing resiliency measures that will ensure compliance of physical systems with their design specifications.

[1]  Ricardo Jardim-Gonçalves,et al.  An Ontology-Based Cybersecurity Framework for the Internet of Things , 2018, Sensors.

[2]  Armin Haller,et al.  SOSA: A Lightweight Ontology for Sensors, Observations, Samples, and Actuators , 2018, J. Web Semant..

[3]  Denny Stephens,et al.  Vehicle-to-infrastructure (V2I) safety applications performance requirements, vol. 3, red light violation warning (RLVW). , 2015 .

[4]  Denny Stephens,et al.  Vehicle-to-infrastructure (V2I) safety applications performance requirements, vol. 4, reduced speed zone warning with lane closure (RSZW/LC). , 2015 .

[5]  Anoop Singhal,et al.  VULCAN: Vulnerability Assessment Framework for Cloud Computing , 2013, 2013 IEEE 7th International Conference on Software Security and Reliability.

[6]  Antonio Cerone,et al.  Enhancing ontology-based antipattern detection using Bayesian networks , 2012, Expert Syst. Appl..

[7]  Stefan Fenz,et al.  An ontology- and Bayesian-based approach for determining threat probabilities , 2011, ASIACCS '11.

[8]  K. Kavi,et al.  An Ontology-Driven Framework for Security and Resiliency in Cyber Physical Systems , 2018 .

[9]  Mahadevan Gomathisankaran,et al.  Nemesis : Automated Architecture for Threat Modeling and Risk Assessment for Cloud Computing , 2014 .

[10]  Воробьев Антон Александрович Анализ уязвимостей вычислительных систем на основе алгебраических структур и потоков данных National Vulnerability Database , 2013 .

[11]  Common Attack Pattern Enumeration and Classification — CAPEC TM A Community Knowledge Resource for Building Secure Software , 2013 .