Information Technology Reference
In-Depth Information
SECURITY FOR CYBER
PHYSICAL SYSTEMS
•
Information Detail and Sensitivity
: CPS as
a system is privy to detailed and often sen-
sitive information about a critical physical
process. If this information is available to
malicious entities, it can be exploited lead-
ing to loss of privacy, abuse and discrimi-
nation. For example, unauthorized knowl-
edge of the electricity consumption of a
neighborhood from a power-management
CPS, in the wrong hands, have resulted
in socket-bombing attacks on households
perceived to be using excessive electricity.
•
Ability to Actuate
: CPSs have the ability
to actuate changes to the environment they
are a part of. Allowing unauthorized parties
to actuate untimely changes to the physi-
cal process can cause harm to the process
itself. For example, malicious entities can
easily shut-down a CPS controlling an au-
tomobile leading to issues ranging from in-
efficient fuel consumption to break-failure.
Further, it can be seen that CPSs are ex-
pected to perform diverse set of operations
not just directed toward modifying the
physical process but also to change its own
behavior as well. Therefore, security with
CPS has take into account both the cyber
and physical elements simultaneously.
•
Pervasiveness
: In a world where we are
becoming increasingly dependent upon
CPSs to provide us with automated, ef-
ficient management of essential services,
care has to be taken to ensure that they are
protected.
•
Heterogeneity
: The recent trend toward
open design and reduced costs has lead
to the use of diverse completely-off-the-
shelf (COTS) components and their inter-
connections with existing insecure global
communication infrastructure such as; the
Internet is a cause for concern.
Security for CPS is a relatively new area and not
much work has been done in this realm. As with
any new field most of the effort seems to be focused
on mapping solutions from existing domains such
as sensor networks which share the networked
operation and low capability characteristics with
CPS. However, as these solutions were not de-
signed for CPSs, they are not particularly efficient.
For example, establishing secure communication
channel between two nodes in a sensor network
assumes manual pre-deployment of keys at the
nodes, as it saves energy during the pivotal key
distribution phase. This however is very ineffi-
cient for CPS and disrupts their work-flow, given
their deeply embedded nature. In this section we
begin by describing the need for securing CPS,
the requirements to be considered while secur-
ing a typical CPS, followed by the challenges in
meeting the requirements.
Need for CPS Security
The need for security in CPS is many-fold. Here,
we present some of the main factors:
•
Mission Critical Nature
: CPS, given their
environmental coupling, diverse capabili-
ties and lack of isolation are often used in
mission critical applications. Therefore,
any security compromise of either the cy-
ber or physical element of a CPS can have
profound consequences. This also makes
them more likely targets for attacks. A case
in point is the attack on pacemakers which
not only forced them to reveal a patient's
electrocardiogram (EKG) data but also ac-
tuate an untimely shock (Halperin, et al.,
2008).
Search WWH ::
Custom Search