TY - GEN
T1 - Toward a cyber-physical topology language
T2 - 2013 1st ACM Workshop on Smart Energy Grid Security, SEGS 2013, Held in Conjunction with the 20th ACM Conference on Computer and Communications Security, CCS 2013
AU - Weaver, Gabriel A.
AU - Cheh, Carmen
AU - Rogers, Edmond J.
AU - Sanders, William H.
AU - Gammel, Dennis
N1 - Copyright:
Copyright 2013 Elsevier B.V., All rights reserved.
PY - 2013
Y1 - 2013
N2 - Our Cyber-Physical Topology Language (CPTL) provides a language that utilities can use to programmatically analyze current and future cyber-physical architectures. The motivation for our research emerged from the importance and limitations of several audit scenarios: account management, vulnerability assessment, and configuration management. Those scenarios occur in the context of the North American Electric Reliability Corporation's Critical Infrastructure Protection (NERC CIP) audits. The NERC CIP standards define security controls by which utilities must be audited. Although the standards were designed to make power control networks less vulnerable to cyber attack and to decrease the chance of outages, the audit process is manual and costly. In order to save utilities and auditors time and money, we used the limitations of those audit scenarios in formally specifying and implementing CPTL, which consists of both a representation of cyber-physical assets and operations upon that representation. First, CPTL uses graph theory to represent a network of cyber-physical assets; we currently implement this representation in GraphML. Second, CPTL defines operations upon that representation. In this paper, we introduce operators to process attributes by expanding and contracting components of a network, and implement these operations using the Boost Graph Library (BGL). In order to demonstrate the potential for CPTL to save auditors and utilities time and money, we provide a detailed example of how CPTL could help with vulnerability assessment and discuss additional applications beyond the audit scenarios mentioned above. We describe current approaches to those scenarios and argue that CPTL improves upon both the state-of-the-art and current practice. In fact, we intend CPTL to enable a broad range of new research on realistic cyber-physical architectures by giving utilities, auditors, managers, and researchers a common language with which to communicate and analyze those architectures.
AB - Our Cyber-Physical Topology Language (CPTL) provides a language that utilities can use to programmatically analyze current and future cyber-physical architectures. The motivation for our research emerged from the importance and limitations of several audit scenarios: account management, vulnerability assessment, and configuration management. Those scenarios occur in the context of the North American Electric Reliability Corporation's Critical Infrastructure Protection (NERC CIP) audits. The NERC CIP standards define security controls by which utilities must be audited. Although the standards were designed to make power control networks less vulnerable to cyber attack and to decrease the chance of outages, the audit process is manual and costly. In order to save utilities and auditors time and money, we used the limitations of those audit scenarios in formally specifying and implementing CPTL, which consists of both a representation of cyber-physical assets and operations upon that representation. First, CPTL uses graph theory to represent a network of cyber-physical assets; we currently implement this representation in GraphML. Second, CPTL defines operations upon that representation. In this paper, we introduce operators to process attributes by expanding and contracting components of a network, and implement these operations using the Boost Graph Library (BGL). In order to demonstrate the potential for CPTL to save auditors and utilities time and money, we provide a detailed example of how CPTL could help with vulnerability assessment and discuss additional applications beyond the audit scenarios mentioned above. We describe current approaches to those scenarios and argue that CPTL improves upon both the state-of-the-art and current practice. In fact, we intend CPTL to enable a broad range of new research on realistic cyber-physical architectures by giving utilities, auditors, managers, and researchers a common language with which to communicate and analyze those architectures.
KW - NERC CIP
KW - audit
KW - graph theory
UR - http://www.scopus.com/inward/record.url?scp=84889035509&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84889035509&partnerID=8YFLogxK
U2 - 10.1145/2516930.2516934
DO - 10.1145/2516930.2516934
M3 - Conference contribution
AN - SCOPUS:84889035509
SN - 9781450324922
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 93
EP - 104
BT - SEGS 2013 - Proceedings of the 2013 ACM Workshop on Smart Energy Grid Security, Co-located with CCS 2013
Y2 - 8 November 2013 through 8 November 2013
ER -