TY - GEN
T1 - Developing models for physical atacks in cyber-physical systems
AU - Cheh, Carmen
AU - Keefe, Ken
AU - Feddersen, Brett
AU - Chen, Binbin
AU - Temple, William G.
AU - Sanders, William H.
N1 - Funding Information:
This work was supported in part by the National Research Foundation (NRF), Prime Minister’s Oice, Singapore, under its National Cybersecurity R&D Programme (Award No. NRF2014NCR-NCR001-31) and administered by the National Cybersecurity R&D Directorate, and supported in part by the research grant for the Human-Centered Cyber-physical Systems Programme at the Advanced Digital Sciences Center from Singapore’s Agency for Science, Technology and Research (A*STAR). This work was partly done when Carmen Cheh was a research intern at ADSC. We also want to thank the experts from SMRT Trains LTD for providing us data and domain knowledge. We thank Atul Bohara, Jenny Applequist, and the anonymous reviewers for their feedback on the paper.
PY - 2017/11/3
Y1 - 2017/11/3
N2 - In this paper, we analyze the security of cyber-physical systems using the ADversary VIew Security Evaluation (ADVISE) meta modeling approach, taking into consideration the efects of physical attacks. To build our model of the system, we construct an ontology that describes the system components and the relationships among them. The ontology also deines attack steps that represent cyber and physical actions that afect the system entities. We apply the ADVISE meta modeling approach, which admits as input our deined ontology, to a railway system use case to obtain insights regarding the system's security. The ADVISE Meta tool takes in a system model of a railway station and generates an attack execution graph that shows the actions that adversaries may take to reach their goal. We consider several adversary proiles, ranging from outsiders to insider staf members, and compare their attack paths in terms of targeted assets, time to achieve the goal, and probability of detection. The generated results show that even adversaries with access to noncritical assets can afect system service by intelligently crafting their attacks to trigger a physical sequence of efects. We also identify the physical devices and user actions that require more in-depth monitoring to reinforce the system's security.
AB - In this paper, we analyze the security of cyber-physical systems using the ADversary VIew Security Evaluation (ADVISE) meta modeling approach, taking into consideration the efects of physical attacks. To build our model of the system, we construct an ontology that describes the system components and the relationships among them. The ontology also deines attack steps that represent cyber and physical actions that afect the system entities. We apply the ADVISE meta modeling approach, which admits as input our deined ontology, to a railway system use case to obtain insights regarding the system's security. The ADVISE Meta tool takes in a system model of a railway station and generates an attack execution graph that shows the actions that adversaries may take to reach their goal. We consider several adversary proiles, ranging from outsiders to insider staf members, and compare their attack paths in terms of targeted assets, time to achieve the goal, and probability of detection. The generated results show that even adversaries with access to noncritical assets can afect system service by intelligently crafting their attacks to trigger a physical sequence of efects. We also identify the physical devices and user actions that require more in-depth monitoring to reinforce the system's security.
KW - Attack graph
KW - Cyber-physical systems
KW - Ontology
KW - Physical attack
UR - http://www.scopus.com/inward/record.url?scp=85037118051&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85037118051&partnerID=8YFLogxK
U2 - 10.1145/3140241.3140249
DO - 10.1145/3140241.3140249
M3 - Conference contribution
AN - SCOPUS:85037118051
T3 - CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017
SP - 49
EP - 55
BT - CPS-SPC 2017 - Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, co-located with CCS 2017
PB - Association for Computing Machinery, Inc
T2 - 3rd ACM Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC 2017
Y2 - 3 November 2017
ER -