System Assurance in the Design of Resilient Cyber-Physical Systems

System assurance is the justified confidence that a system functions as intended and is free of exploitable vulnerabilities, either intentionally or unintentionally designed or inserted as part of the system at any time during the life cycle. The computation and communication backbone of cyber-physical systems (CPS), coupled with readily available technological advances, makes them vulnerable to classes of threats previously not relevant for many physical control and computational systems. The design of resilient CPS encompasses not only the increasingly new ways in which these systems are vulnerable to adversarial disruption (security) but also how these systems behave in an operational environment and with each other given increasing levels of autonomy and self-learning (function), as well as increasing interdependencies (net-centric connectedness). As CPS are interconnected, the concept of system trust reflects the extent to which one system’s assurance is dependent on another system’s assurance; in other words, the acceptance of that dependence implies trust between the two. System assurance can be met only through a comprehensive and aggressive systems engineering approach that encompasses the following three critical dimensions: (1) the structure of systems, including architecture and accounting for various kinds of dynamism for the purpose of resiliency and autonomy, (2) the process and engineering activities by which systems are constructed, evolved, and sustained, including mechanisms for measurement of critical attributes and management of alternatives and commitments, and (3) the supporting models and techniques through which evidence can be created to support assurance judgments.

[1]  Gabor Karsai,et al.  On the Use of Graph Transformation in the Formal Specification of Model Interpreters , 2003, J. Univers. Comput. Sci..

[2]  Simon Szykman,et al.  EVOLVING A FUNCTIONAL BASIS FOR ENGINEERING DESIGN , 2001 .

[3]  Mark E. J. Newman,et al.  Structure and Dynamics of Networks , 2009 .

[4]  A. Platzer,et al.  ModelPlex: verified runtime validation of verified cyber-physical system models , 2016, Formal Methods Syst. Des..

[5]  Nancy G. Leveson,et al.  Engineering a Safer World: Systems Thinking Applied to Safety , 2012 .

[6]  Barry Boehm,et al.  An Initial Ontology for System Qualities , 2015 .

[7]  B. Abramson,et al.  A guide to engineering workstations: using workstations efficiently , 1991, IEEE Spectrum.

[8]  Jean-Pierre Talpin,et al.  Cyber-Physical System Design from an Architecture Analysis Viewpoint , 2017 .

[9]  Sanford Friedenthal,et al.  A Practical Guide to SysML: The Systems Modeling Language , 2008 .

[10]  Ichiro Hasuo Metamathematics for Systems Design , 2017, New Generation Computing.

[11]  Nancy R. Mead,et al.  Software Assurance Competency Model , 2013 .

[12]  Arquimedes Canedo,et al.  Security-aware functional modeling of Cyber-Physical Systems , 2015, 2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA).

[13]  Arquimedes Canedo,et al.  Cyber–Physical Codesign at the Functional Level for Multidomain Automotive Systems , 2017, IEEE Systems Journal.

[14]  Ludwig Benner,et al.  ACCIDENT INVESTIGATIONS: MULTILINEAR EVENTS SEQUENCING METHODS , 1975 .

[15]  Luciano Baresi,et al.  Tutorial Introduction to Graph Transformation: A Software Engineering Perspective , 2002, ICGT.

[16]  Christophe Bérenguer,et al.  RELIABILITY STUDY OF AN INTELLIGENT TRANSMITTER , 2009 .

[17]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[18]  Hartmut Ehrig,et al.  Handbook of graph grammars and computing by graph transformation: vol. 3: concurrency, parallelism, and distribution , 1999 .

[19]  Lun Li,et al.  Topologies of Complex Networks: Functions and Structures , 2007 .

[20]  Martin Eigner,et al.  Systematic Comparison of Functional Models in SysML for Design Library Evaluation , 2014 .

[21]  Hartmut Ehrig,et al.  Handbook of graph grammars and computing by graph transformation: vol. 2: applications, languages, and tools , 1999 .

[22]  Tim Weilkiens,et al.  Systems engineering with SysML / UML - modeling, analysis, design , 2007 .

[23]  Simon Szykman,et al.  A functional basis for engineering design: Reconciling and evolving previous efforts , 2002 .

[24]  Joseph Sifakis,et al.  Rigorous design of cyber-physical systems , 2012, 2012 International Conference on Embedded Computer Systems (SAMOS).

[25]  Nirwan Ansari,et al.  A Hierarchical Detection and Response System to Enhance Security Against Lethal Cyber-Attacks in UAV Networks , 2018, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[26]  Marko C. J. D. van Eekelen,et al.  Functional Programming and Parallel Graph Rewriting , 1993 .

[27]  Ludovic Apvrille,et al.  SysML-Sec Attack Graphs: Compact Representations for Complex Attacks , 2015, GraMSec@CSF.

[28]  Tyson T. Brooks Cyber-Assurance for the Internet of Things , 2016 .

[29]  Sridhar Adepu,et al.  Integrating Six-Step Model with Information Flow Diagrams for Comprehensive Analysis of Cyber-Physical System Safety and Security , 2017, 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE).

[30]  Bruce M. McMillin,et al.  Analysis of information flow security in cyber-physical systems , 2010, Int. J. Crit. Infrastructure Prot..

[31]  Mohammad Modarres,et al.  Function-centered modeling of engineering systems using the goal tree–success tree technique and functional primitives , 1999 .

[32]  Marilyn Wolf,et al.  Safety and Security in Cyber-Physical Systems and Internet-of-Things Systems , 2018, Proceedings of the IEEE.

[33]  Nancy G. Leveson,et al.  Systems thinking for safety and security , 2013, ACSAC.

[34]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[35]  Arquimedes Canedo,et al.  Functional Model-Based Design Methodology for Automotive Cyber-Physical Systems , 2017, IEEE Systems Journal.

[36]  Arquimedes Canedo,et al.  Modeling and simulation of cyberattacks for resilient cyber-physical systems , 2017, 2017 13th IEEE Conference on Automation Science and Engineering (CASE).