TY - GEN
T1 - A formal security model for networked control systems
AU - Montanari, Mirko
AU - Li, Mingyan
AU - Sampigethaya, Krishna
AU - Campbell, Roy H.
PY - 2009
Y1 - 2009
N2 - Networked control systems (NCS) are at the base of many important processes in the aerospace domain. The increasing requirements of efficiency are pushing designers to re- move the traditional 'air gaps' placed between control system networks and the rest of the interconnected world. Features such as remote administration and integration with business procedures are becoming commonplace. However, these changes are also opening the possibility that malicious remote users could compromise the system. The tight connection with a physical process typical of NCS makes difficult the direct application of traditional techniques for the evaluation of system security. In this paper, we present a security assessment methodology suited for use in the networked control system domain. Using this methodology, system designers and maintenance personnel can create and keep up-to-date models of the system expressed in terms of their areas of expertise (either control system design or network design). An automated analysis allows the determination of a set of critical components ranked according to the effects that their potential compromise would cause on the system. Also, the analysis identifies properties of the control system, such as the presence of single points of failure and the containment of faults within each subsystem. This information can be used to target security efforts to the most critical elements of the system. The applicability of the methodology is demonstrated with its application to a case study of a smart building automation system.
AB - Networked control systems (NCS) are at the base of many important processes in the aerospace domain. The increasing requirements of efficiency are pushing designers to re- move the traditional 'air gaps' placed between control system networks and the rest of the interconnected world. Features such as remote administration and integration with business procedures are becoming commonplace. However, these changes are also opening the possibility that malicious remote users could compromise the system. The tight connection with a physical process typical of NCS makes difficult the direct application of traditional techniques for the evaluation of system security. In this paper, we present a security assessment methodology suited for use in the networked control system domain. Using this methodology, system designers and maintenance personnel can create and keep up-to-date models of the system expressed in terms of their areas of expertise (either control system design or network design). An automated analysis allows the determination of a set of critical components ranked according to the effects that their potential compromise would cause on the system. Also, the analysis identifies properties of the control system, such as the presence of single points of failure and the containment of faults within each subsystem. This information can be used to target security efforts to the most critical elements of the system. The applicability of the methodology is demonstrated with its application to a case study of a smart building automation system.
UR - http://www.scopus.com/inward/record.url?scp=77958498591&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=77958498591&partnerID=8YFLogxK
U2 - 10.2514/6.2009-1877
DO - 10.2514/6.2009-1877
M3 - Conference contribution
AN - SCOPUS:77958498591
SN - 9781563479717
T3 - AIAA Infotech at Aerospace Conference and Exhibit and AIAA Unmanned...Unlimited Conference
BT - AIAA Infotech at Aerospace Conference and Exhibit and AIAA Unmanned...Unlimited Conference
PB - American Institute of Aeronautics and Astronautics Inc.
ER -