Developing models for physical atacks in cyber-physical systems

Carmen Cheh, Ken Keefe, Brett Feddersen, Binbin Chen, William G. Temple, William H. Sanders

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In this paper, we analyze the security of cyber-physical systems using the ADversary VIew Security Evaluation (ADVISE) meta modeling approach, taking into consideration the efects of physical attacks. To build our model of the system, we construct an ontology that describes the system components and the relationships among them. The ontology also deines attack steps that represent cyber and physical actions that afect the system entities. We apply the ADVISE meta modeling approach, which admits as input our deined ontology, to a railway system use case to obtain insights regarding the system's security. The ADVISE Meta tool takes in a system model of a railway station and generates an attack execution graph that shows the actions that adversaries may take to reach their goal. We consider several adversary proiles, ranging from outsiders to insider staf members, and compare their attack paths in terms of targeted assets, time to achieve the goal, and probability of detection. The generated results show that even adversaries with access to noncritical assets can afect system service by intelligently crafting their attacks to trigger a physical sequence of efects. We also identify the physical devices and user actions that require more in-depth monitoring to reinforce the system's security.

Original languageEnglish (US)
Title of host publicationCPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017
PublisherAssociation for Computing Machinery, Inc
Pages49-55
Number of pages7
ISBN (Electronic)9781450353946
DOIs
StatePublished - Nov 3 2017
Event3rd ACM Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC 2017 - Dallas, United States
Duration: Nov 3 2017 → …

Publication series

NameCPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017

Other

Other3rd ACM Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC 2017
CountryUnited States
CityDallas
Period11/3/17 → …

Keywords

  • Attack graph
  • Cyber-physical systems
  • Ontology
  • Physical attack

ASJC Scopus subject areas

  • Computer Science Applications
  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Developing models for physical atacks in cyber-physical systems'. Together they form a unique fingerprint.

  • Cite this

    Cheh, C., Keefe, K., Feddersen, B., Chen, B., Temple, W. G., & Sanders, W. H. (2017). Developing models for physical atacks in cyber-physical systems. In CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017 (pp. 49-55). (CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017). Association for Computing Machinery, Inc. https://doi.org/10.1145/3140241.3140249