Developing models for physical atacks in cyber-physical systems

Carmen Cheh; Ken Keefe; Brett Feddersen; Binbin Chen; William G. Temple; William H. Sanders

doi:10.1145/3140241.3140249

Developing models for physical atacks in cyber-physical systems

Carmen Cheh, Ken Keefe, Brett Feddersen, Binbin Chen, William G. Temple, William H. Sanders

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

In this paper, we analyze the security of cyber-physical systems using the ADversary VIew Security Evaluation (ADVISE) meta modeling approach, taking into consideration the efects of physical attacks. To build our model of the system, we construct an ontology that describes the system components and the relationships among them. The ontology also deines attack steps that represent cyber and physical actions that afect the system entities. We apply the ADVISE meta modeling approach, which admits as input our deined ontology, to a railway system use case to obtain insights regarding the system's security. The ADVISE Meta tool takes in a system model of a railway station and generates an attack execution graph that shows the actions that adversaries may take to reach their goal. We consider several adversary proiles, ranging from outsiders to insider staf members, and compare their attack paths in terms of targeted assets, time to achieve the goal, and probability of detection. The generated results show that even adversaries with access to noncritical assets can afect system service by intelligently crafting their attacks to trigger a physical sequence of efects. We also identify the physical devices and user actions that require more in-depth monitoring to reinforce the system's security.

Original language	English (US)
Title of host publication	CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017
Publisher	Association for Computing Machinery, Inc
Pages	49-55
Number of pages	7
ISBN (Electronic)	9781450353946
DOIs	https://doi.org/10.1145/3140241.3140249
State	Published - Nov 3 2017
Event	3rd ACM Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC 2017 - Dallas, United States Duration: Nov 3 2017 → …

Publication series

Name	CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017

Other

Other	3rd ACM Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC 2017
Country/Territory	United States
City	Dallas
Period	11/3/17 → …

Keywords

Attack graph
Cyber-physical systems
Ontology
Physical attack

ASJC Scopus subject areas

Computer Science Applications
Software
Computer Networks and Communications

Online availability

10.1145/3140241.3140249

Library availability

Discover UIUC Full Text

Cite this

Cheh, C., Keefe, K., Feddersen, B., Chen, B., Temple, W. G., & Sanders, W. H. (2017). Developing models for physical atacks in cyber-physical systems. In CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017 (pp. 49-55). (CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017). Association for Computing Machinery, Inc. https://doi.org/10.1145/3140241.3140249

Developing models for physical atacks in cyber-physical systems. / Cheh, Carmen; Keefe, Ken; Feddersen, Brett et al.

CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017. Association for Computing Machinery, Inc, 2017. p. 49-55 (CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Cheh, C, Keefe, K, Feddersen, B, Chen, B, Temple, WG & Sanders, WH 2017, Developing models for physical atacks in cyber-physical systems. in CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017. CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017, Association for Computing Machinery, Inc, pp. 49-55, 3rd ACM Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC 2017, Dallas, United States, 11/3/17. https://doi.org/10.1145/3140241.3140249

Cheh C, Keefe K, Feddersen B, Chen B, Temple WG, Sanders WH. Developing models for physical atacks in cyber-physical systems. In CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017. Association for Computing Machinery, Inc. 2017. p. 49-55. (CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017). doi: 10.1145/3140241.3140249

Cheh, Carmen ; Keefe, Ken ; Feddersen, Brett et al. / Developing models for physical atacks in cyber-physical systems. CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017. Association for Computing Machinery, Inc, 2017. pp. 49-55 (CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017).

@inproceedings{3ef684d72cae4d53a58feafa47848aca,

title = "Developing models for physical atacks in cyber-physical systems",

abstract = "In this paper, we analyze the security of cyber-physical systems using the ADversary VIew Security Evaluation (ADVISE) meta modeling approach, taking into consideration the efects of physical attacks. To build our model of the system, we construct an ontology that describes the system components and the relationships among them. The ontology also deines attack steps that represent cyber and physical actions that afect the system entities. We apply the ADVISE meta modeling approach, which admits as input our deined ontology, to a railway system use case to obtain insights regarding the system's security. The ADVISE Meta tool takes in a system model of a railway station and generates an attack execution graph that shows the actions that adversaries may take to reach their goal. We consider several adversary proiles, ranging from outsiders to insider staf members, and compare their attack paths in terms of targeted assets, time to achieve the goal, and probability of detection. The generated results show that even adversaries with access to noncritical assets can afect system service by intelligently crafting their attacks to trigger a physical sequence of efects. We also identify the physical devices and user actions that require more in-depth monitoring to reinforce the system's security.",

keywords = "Attack graph, Cyber-physical systems, Ontology, Physical attack",

author = "Carmen Cheh and Ken Keefe and Brett Feddersen and Binbin Chen and Temple, {William G.} and Sanders, {William H.}",

note = "Funding Information: This work was supported in part by the National Research Foundation (NRF), Prime Minister{\textquoteright}s Oice, Singapore, under its National Cybersecurity R&D Programme (Award No. NRF2014NCR-NCR001-31) and administered by the National Cybersecurity R&D Directorate, and supported in part by the research grant for the Human-Centered Cyber-physical Systems Programme at the Advanced Digital Sciences Center from Singapore{\textquoteright}s Agency for Science, Technology and Research (A*STAR). This work was partly done when Carmen Cheh was a research intern at ADSC. We also want to thank the experts from SMRT Trains LTD for providing us data and domain knowledge. We thank Atul Bohara, Jenny Applequist, and the anonymous reviewers for their feedback on the paper.; 3rd ACM Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC 2017 ; Conference date: 03-11-2017",

year = "2017",

month = nov,

day = "3",

doi = "10.1145/3140241.3140249",

language = "English (US)",

series = "CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017",

publisher = "Association for Computing Machinery, Inc",

pages = "49--55",

booktitle = "CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017",

}

TY - GEN

T1 - Developing models for physical atacks in cyber-physical systems

AU - Cheh, Carmen

AU - Keefe, Ken

AU - Feddersen, Brett

AU - Chen, Binbin

AU - Temple, William G.

AU - Sanders, William H.

N1 - Funding Information: This work was supported in part by the National Research Foundation (NRF), Prime Minister’s Oice, Singapore, under its National Cybersecurity R&D Programme (Award No. NRF2014NCR-NCR001-31) and administered by the National Cybersecurity R&D Directorate, and supported in part by the research grant for the Human-Centered Cyber-physical Systems Programme at the Advanced Digital Sciences Center from Singapore’s Agency for Science, Technology and Research (A*STAR). This work was partly done when Carmen Cheh was a research intern at ADSC. We also want to thank the experts from SMRT Trains LTD for providing us data and domain knowledge. We thank Atul Bohara, Jenny Applequist, and the anonymous reviewers for their feedback on the paper.

PY - 2017/11/3

Y1 - 2017/11/3

N2 - In this paper, we analyze the security of cyber-physical systems using the ADversary VIew Security Evaluation (ADVISE) meta modeling approach, taking into consideration the efects of physical attacks. To build our model of the system, we construct an ontology that describes the system components and the relationships among them. The ontology also deines attack steps that represent cyber and physical actions that afect the system entities. We apply the ADVISE meta modeling approach, which admits as input our deined ontology, to a railway system use case to obtain insights regarding the system's security. The ADVISE Meta tool takes in a system model of a railway station and generates an attack execution graph that shows the actions that adversaries may take to reach their goal. We consider several adversary proiles, ranging from outsiders to insider staf members, and compare their attack paths in terms of targeted assets, time to achieve the goal, and probability of detection. The generated results show that even adversaries with access to noncritical assets can afect system service by intelligently crafting their attacks to trigger a physical sequence of efects. We also identify the physical devices and user actions that require more in-depth monitoring to reinforce the system's security.

AB - In this paper, we analyze the security of cyber-physical systems using the ADversary VIew Security Evaluation (ADVISE) meta modeling approach, taking into consideration the efects of physical attacks. To build our model of the system, we construct an ontology that describes the system components and the relationships among them. The ontology also deines attack steps that represent cyber and physical actions that afect the system entities. We apply the ADVISE meta modeling approach, which admits as input our deined ontology, to a railway system use case to obtain insights regarding the system's security. The ADVISE Meta tool takes in a system model of a railway station and generates an attack execution graph that shows the actions that adversaries may take to reach their goal. We consider several adversary proiles, ranging from outsiders to insider staf members, and compare their attack paths in terms of targeted assets, time to achieve the goal, and probability of detection. The generated results show that even adversaries with access to noncritical assets can afect system service by intelligently crafting their attacks to trigger a physical sequence of efects. We also identify the physical devices and user actions that require more in-depth monitoring to reinforce the system's security.

KW - Attack graph

KW - Cyber-physical systems

KW - Ontology

KW - Physical attack

UR - http://www.scopus.com/inward/record.url?scp=85037118051&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85037118051&partnerID=8YFLogxK

U2 - 10.1145/3140241.3140249

DO - 10.1145/3140241.3140249

M3 - Conference contribution

AN - SCOPUS:85037118051

T3 - CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017

SP - 49

EP - 55

BT - CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017

PB - Association for Computing Machinery, Inc

T2 - 3rd ACM Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC 2017

Y2 - 3 November 2017

ER -

Developing models for physical atacks in cyber-physical systems

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this