Information Technology Reference
In-Depth Information
zation. The specification of the authoriza-
tions (usually done in the form of policies)
has to be dynamic as CPSs' requirements
change over time. It is important to note
that the level of autonomy available to CPS
in managing itself has to be carefully de-
signed to prevent exploitation.
•
Feedback Security
: As a CPS has to deal
with managing a physical process, feed-
back-control loops are expected to be
an important component in their design.
Securing this feedback-loop and study-
ing the effects of attack on the estimation
and control algorithms and building the
required resiliency in them is crucial for
providing in-depth defense against CPS
(Cardenas, Amin, & Sastry, 2008).
•
Application Specific Security Requirements
:
Traditional security solutions are expected
to meet requirements such as confidential-
ity, integrity, and availability for the entire
system. These requirements are not static
and many more may be needed based on
the application. CPSs follow a similar
application-specific security requirement
property however with two fundamental
differences: (1) each function of CPS -
sensing, communication, storage, actua-
tion and feedback - has its own set of se-
curity requirements, and (2) what it means
to enable these requirements is function
dependent. For example, actuation autho-
rization in a medical monitoring CPS may
mean that delivering a particular volume of
drug delivery has been sanctioned, while
in a PHM-CPS it might mean facilitating
(not executing) a response action for an
emergency.
•
User-Centric Security:
The deployment of
CPSs is not limited to specialized systems
managed by tech-savvy people. Many of
the applications of CPSs are systems of
every-day use operated by non-technical
people - medical monitoring systems,
smart-infrastructures and so on. Therefore
security solutions for CPSs should have
a high degree of usability - plug-n-play
nature and security transparency - a char-
acteristic that today's cyber-only security
solutions do not consider.
•
Non-Determinism
: One of the primary
requirements of CPS is that they need to
be reliable, that is, the behavior of the
system is predictable under all scenarios
(Lee, Cyber Physical Systems: Design
Challenges, 2008). Security solutions for
CPS too have to adhere to this require-
ment. This however is not easy to ensure
due to the dynamic nature of the physical
process (
e.g., human body)
.
For the last two cases, one can imagine the use
of a specifically designed module that has an in-
built suspicious input detection mechanism that
ensures that the actuation or feedback instructions
are verified before application.
Challenges in Cyber-
Physical Security
Securing CPSs present many challenges which
need to be considered given their tightly CP-
coupling. Some of the fundamental challenges
that need to be addressed include:
•
Altered Threat Model
: The traditional
threat model for computational systems
has been solely focused on cyber threats.
But the environmentally-coupled nature of
CPS means that tampering with the physi-
cal environment around the CPS may re-
sult in failure of CPSs to function correctly.
As an extension, attackers need not tamper
with the environment itself, but the sensing
process which might cause the CPS and its
security apparatus to malfunction.
Search WWH ::
Custom Search