Determining Tolerable Attack Surfaces that Preserves Safety of Cyber-Physical Systems

被引：5

作者：

Cheh, Carmen ^{[1
]}

Fawaz, Ahmed ^{[2
]}

Noureddine, Mohammad A. ^{[1
]}

Chen, Binbin ^{[4
]}

Temple, William G. ^{[4
]}

Sanders, William H. ^{[3
]}

机构：

[1] Univ Illinois, Dept Comp Sci, 1304 W Springfield Ave, Urbana, IL 61801 USA

[2] Univ Illinois, Informat Trust Inst, Urbana, IL 61801 USA

[3] Univ Illinois, Dept Elect & Comp Engn, 1406 W Green St, Urbana, IL 61801 USA

[4] Adv Digital Sci Ctr, Singapore, Singapore

来源：

2018 IEEE 23RD PACIFIC RIM INTERNATIONAL SYMPOSIUM ON DEPENDABLE COMPUTING (PRDC) | 2018年

基金：

新加坡国家研究基金会;

关键词：

cyber-physical system; safety analysis; formal verification; attacker model; timed automata; SECURITY;

D O I：

10.1109/PRDC.2018.00023

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

As safety-critical systems become increasingly interconnected, a system's operations depend on the reliability and security of the computing components and the interconnections among them. Therefore, a growing body of research seeks to tie safety analysis to security analysis. Specifically, it is important to analyze system safety under different attacker models. In this paper, we develop generic parameterizable state automaton templates to model the effects of an attack. Then, given an attacker model, we generate a state automaton that represents the system operation under the threat of the attacker model. We use a railway signaling system as our case study and consider threats to the communication protocol and the commands issued to physical devices. Our results show that while less skilled attackers are not able to violate system safety, more dedicated and skilled attackers can affect system safety. We also consider several countermeasures and show how well they can deter attacks.

引用

页码：125 / 134

页数：10

共 30 条

[1] Baker G., 2008, SCHOOLBOY HACKS CITY
[2] The Risk Assessment of ERTMS-Based Railway Systems from a Cyber Security Perspective: Methodology and Lessons Learned
Bloomfield, Robin
Bendele, Marcus
Bishop, Peter
Stroud, Robert
Tonks, Simon
[J]. RELIABILITY, SAFETY, AND SECURITY OF RAILWAY SYSTEMS: MODELLING, ANALYSIS, VERIFICATION, AND CERTIFICATION, RSSRAIL 2016, 2016, 9707 : 3 - 19
[3] Boralv A, 1997, LECT NOTES COMPUT SC, V1254, P7
[4] Verification of railway interlocking systems
Busard, Simon
Cappart, Quentin
Limbree, Christophe
Pecheur, Charles
Schaus, Pierre
[J]. ELECTRONIC PROCEEDINGS IN THEORETICAL COMPUTER SCIENCE, 2015, (184): : 19 - 31
[5] Verification of Interlocking Systems Using Statistical Model Checking
Cappart, Quentin
Limbree, Christophe
Schaus, Pierre
Quilbeuf, Jean
Traonouez, Louis-Marie
Legay, Axel
[J]. 2017 IEEE 18TH INTERNATIONAL SYMPOSIUM ON HIGH ASSURANCE SYSTEMS ENGINEERING (HASE 2017), 2017, : 61 - 68
[6] Jamming with Power Boost: Leaky Waveguide Vulnerability in Train Systems
Chang, Sang-Yoon
Tran, Bao Anh N.
Hu, Yih-Chun
Jones, Douglas L.
[J]. 2015 IEEE 21ST INTERNATIONAL CONFERENCE ON PARALLEL AND DISTRIBUTED SYSTEMS (ICPADS), 2015, : 37 - 43
[7] Chen B., 2017, COMPUTER SAFETY RELI, P87, DOI [10.1007/978-3-319-66284-8, DOI 10.1007/978-3-319-66284-8]
[8] Chen B., 2014, INT C COMP SAF REL S, P277
[9] An Attack Against Message Authentication in the ERTMS Train to Trackside Communication Protocols
Chothia, Tom
Ordean, Mihai
de Ruiter, Joeri
Thomas, Richard J.
[J]. PROCEEDINGS OF THE 2017 ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (ASIA CCS'17), 2017, : 743 - 756
[10] UPPAAL SMC tutorial
David, Alexandre
Larsen, Kim G.
Legay, Axel
Mikuionis, Marius
Poulsen, Danny Bogsted
[J]. INTERNATIONAL JOURNAL ON SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER, 2015, 17 (04) : 397 - 415

← 1 2 3 →