Information Technology Reference
In-Depth Information
•
Complexity
: Security solutions for CPS
may require integrating primitives from
multiple domains. This can potentially in-
crease the complexity of the solution. The
presence of bottleneck (low capability) en-
tities can pose can exacerbate this problem
and affect the timely execution of the secu-
rity solution as well.
deployment and management abstractions
need not be actively considered freeing the
designers to focus on functional aspects of
the system.
•
Emergence
: CYPSec solutions are de-
signed to not only provide the appropri-
ate security functions for which they are
designed for example confidentiality, in-
tegrity, availability but also demonstrate
additional “allied'' properties, such as au-
thentication, reduced complexity, non-de-
terminism tolerance and adaptivity.
•
Multi-Domain Primitives
: As CYPSec
solutions have both cyber and physical
aspect to them, enabling them usually re-
quires integration of techniques from mul-
tiple domains with security. Further, as the
solutions are used to work in tandem with
existing infrastructure, CYPSec solutions
should be implementable with well defined
computational primitives.
Approach: Cyber-Physical
Security Solutions for CPS
We believe that in designing security solutions
for such PHMS and other such CPS, one should
not only consider the characteristics of the com-
putational components involved (CPU, RAM,
ROM, data rate), but also the interaction of the
components with the physical environment. In
this work we therefore present a novel perspective
on securing CPS which takes this property into
account, called
Cyber Physical Security Solutions
(CYPSec)
. CYPSec solutions are
environmentally-
coupled security solutions
, which take traditional
security primitives along with the environment
knowledge/ information to function. The idea is to
use the monitoring capability of CPSs to provide
security. By utilizing this fundamental capability
of CPS, security provision becomes intrinsically
linked to CPS operation and not something that
is added to a functioning system to protect it from
threats. Another merit of CYPSec solutions is that
they can now harness the complex and dynamic
nature of the physical process for security pur-
poses. Some of the principal characteristics of
CYPSec solutions we propose are:
CYBER-PHYSICAL SECURITY
SOLUTION FOR PHM-CPS
To demonstrate the capability of CYPSec solu-
tions for PHM-CPS, we present two examples that
demonstrate its use in providing communication
and actuation security, respectively. The purpose
is to provide an overview of existing CYPSec
solutions, as case-studies for demonstrating its
merits. The first example deals with a usable way
of establishing a cryptographic key between two
entities within a PHM-CPS. The second is an
adaptive and proactive access control model for
emergency management in PHM-CPS. We chose
the two application domains as they are: 1) good
representations of CPS, and 2) they demonstrate
the applicability of CYPSec solutions for meeting
two diverse security requirements - communica-
tion and actuation.
•
Usability
: As CPSs are closely linked with
their environment, changes to the environ-
ment have a direct affect on the system and
this can be utilized in the security realm as
well. By using environment characteristics
as a basis for security primitives, security
Search WWH ::
Custom Search