Trust Establishment in Cooperating Cyber-Physical Systems

Cooperating systems are systems of systems that collaborate for a common purpose. Cooperating cyber-physical systems often base important decisions on data gathered from external sensors and use external actuators to enforce safety critical actions. Using the example of a hydroelectric power plant control system, this paper analyzes security threats for networked cooperating systems, where sensors providing decision critical data are placed in non-protected areas and thus are exposed to various kinds of attacks. We propose a concept for trust establishment in cyber-physical cooperating systems. Using trusted event reporting for critical event sources, the authenticity of the security related events can be verified. Based on measurements obtained with a prototypical realisation, we evaluate and analyze the amount of overhead data transmission between event source and data verification system needed for trust establishment. We propose an efficient synchronisation scheme for system integrity data, reducing network traffic as well as verification effort.

[1]  Trent Jaeger,et al.  Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[2]  Kelly M. Kavanagh,et al.  Magic Quadrant for Security Information and Event Management , 2011 .

[3]  Luigi Coppolino,et al.  A Trusted Information Agent for Security Information and Event Management , 2012, ICONS 2012.

[4]  Nik Bessis,et al.  An Autonomic Agent Trust Model for IoT systems , 2013, EUSPN/ICTH.

[5]  Hervé Debar,et al.  Challenges for Advanced Security Monitoring - The MASSIF Project , 2012, TrustBus.

[6]  Carsten Rudolph,et al.  Secure Digital Chains of Evidence , 2011, 2011 Sixth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering.

[7]  Deborah J. Bodeau System-of-systems security engineering , 1994, Tenth Annual Computer Security Applications Conference.

[8]  Jie Liu,et al.  Optimal combined intrusion detection and biometric-based continuous authentication in high security mobile ad hoc networks , 2009, IEEE Transactions on Wireless Communications.

[9]  Carl A. Gunter,et al.  Cumulative Attestation Kernels for Embedded Systems , 2009, ESORICS.

[10]  Stefan Katzenbeisser,et al.  Improving the scalability of platform attestation , 2008, STC '08.

[11]  Carsten Rudolph,et al.  Integrating trust establishment into routing protocols of today's MANETs , 2013, 2013 IEEE Wireless Communications and Networking Conference (WCNC).

[12]  Yang Xiao,et al.  A survey of communication/networking in Smart Grids , 2012, Future Gener. Comput. Syst..

[13]  Maria Zhdanova,et al.  Monitoring Security Compliance of Critical Processes , 2014, 2014 22nd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing.

[14]  Henrik Sandberg,et al.  Challenges in Power System Information Security , 2012, IEEE Security & Privacy.

[15]  Peter Norvig,et al.  Artificial Intelligence: A Modern Approach , 1995 .

[16]  Gregg H. Gunsch,et al.  An Examination of Digital Forensic Models , 2002, Int. J. Digit. EVid..

[17]  Luigi Coppolino,et al.  Security and Reliability Requirements for Advanced Security Event Management , 2012, MMM-ACNS.

[18]  Carl H. Hauser,et al.  Security, trust, and QoS in next-generation control and communication for large power systems , 2008, Int. J. Crit. Infrastructures.

[19]  Ahmad-Reza Sadeghi,et al.  Trusted Computing , 2010, Handbook of Financial Cryptography and Security.

[20]  Nicolai Kuntze,et al.  Employing Trusted Computing for the forward pricing of pseudonyms in reputation systems , 2006, ArXiv.

[21]  Incheol Shin,et al.  An Efficient Message Authentication for Non-repudiation of the Smart Metering Service , 2011, 2011 First ACIS/JNU International Conference on Computers, Networks, Systems and Industrial Engineering.

[22]  Luigi Coppolino,et al.  An Intrusion Detection System for Critical Information Infrastructures using Wireless Sensor Network technologies , 2010, 2010 5th International Conference on Critical Infrastructure (CRIS).

[23]  A. Monti,et al.  Trust infrastructures for future energy networks , 2010, IEEE PES General Meeting.

[24]  Yongge Wang,et al.  sSCADA: securing SCADA infrastructure communications , 2011, Int. J. Commun. Networks Distributed Syst..

[25]  Carsten Rudolph,et al.  Security Digital Evidence , 2010, 2010 Fifth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering.

[26]  S. Shankar Sastry,et al.  A Taxonomy of Cyber Attacks on SCADA Systems , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[27]  Maria Zhdanova,et al.  Security Compliance Tracking of Processes in Networked Cooperating Systems , 2015, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[28]  Edward A. Lee,et al.  Modeling Cyber–Physical Systems , 2012, Proceedings of the IEEE.

[29]  Aaron Weiss Trusted computing , 2006, NTWK.

[30]  C. Alcaraz,et al.  Secure SCADA framework for the protection of energy control systems , 2011, Concurr. Comput. Pract. Exp..

[31]  Yi Xu,et al.  A survey on the communication architectures in smart grid , 2011, Comput. Networks.

[32]  Juan-Carlos Cano,et al.  Providing accident detection in vehicular networks through OBD-II devices and Android-based smartphones , 2011, 2011 IEEE 36th Conference on Local Computer Networks.

[33]  Bernhard Rinner,et al.  TrustCAM: Security and Privacy-Protection for an Embedded Smart Camera Based on Trusted Computing , 2010, 2010 7th IEEE International Conference on Advanced Video and Signal Based Surveillance.

[34]  Ahmed Patel,et al.  Formalising Event Time Bounding in Digital Investigations , 2005, Int. J. Digit. EVid..

[35]  Rainer Koelle,et al.  Collaborative Security Management: Developing Ideas in Security Management for Air Traffic Control , 2013, 2013 International Conference on Availability, Reliability and Security.

[36]  S. Russel and P. Norvig,et al.  “Artificial Intelligence – A Modern Approach”, Second Edition, Pearson Education, 2003. , 2015 .