A systematic security analysis of real-time cyber-physical systems

机译：实时网络物理系统的系统安全性分析

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Security in Cyber-Physical Systems (CPS) has become a serious concern owing to the rapid adoption of technologies such as plug-and-play connectivity, robotics and remote coordination and control. It is well understood that the performance overhead incurred due to security considerations is rather high, which needs to be captured holistically for a real-time CPS with strict timing budget and hard deadlines. Additionally, attacks in real-time CPS may only alter the timing behaviour of system components without any changes in functionality, resulting in serious consequences due to missed deadlines. To address this challenging issue, it is necessary to understand the role of diverse components in a real-time CPS and how those expose the system to a malicious attacker. In this paper, we propose a systematic security analysis flow, using a novel Attack Sequence Diagram (ASD), which links the sources, intermediate components and final manifestations of an attack, thereby clearly delineating the attack surfaces of a complex real-time CPS. Based on the ASD, it is possible to evaluate the complexity of an attack, performance overhead of a countermeasure and explore different design trade-offs for a realtime CPS. With the help of real-world and synthetic examples, we demonstrate that ASD seamlessly enables one to map the existing vulnerabilities and uncover new attack possibilities.

机译：由于快速采用了即插即用连接，机器人技术以及远程协调和控制之类的技术，网络物理系统（CPS）的安全性已成为严重关注的问题。众所周知，出于安全考虑而产生的性能开销相当高，对于具有严格时间预算和严格期限的实时CPS，需要从整体上捕获该开销。此外，实时CPS攻击可能只会更改系统组件的计时行为，而功能不会发生任何变化，由于错过截止日期而导致严重后果。为了解决这个具有挑战性的问题，有必要了解实时CPS中各种组件的作用以及这些组件如何将系统暴露给恶意攻击者。在本文中，我们提出了一种使用新颖的攻击序列图（ASD）的系统安全分析流程，该流程将攻击的来源，中间组件和最终表现形式链接在一起，从而清楚地描绘出了复杂的实时CPS的攻击面。基于ASD，可以评估攻击的复杂性，对策的性能开销，并为实时CPS探索不同的设计折衷方案。借助实际示例和综合示例，我们演示了ASD无缝地使人们能够映射现有漏洞并发现新的攻击可能性。

著录项

来源
《Asia and South Pacific Design Automation Conference》|2017年|206-213|共8页
会议地点
作者
Arvind Easwaran; Anupam Chattopadhyay; Shivam Bhasin;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Real-time systems; Security; Hardware; Timing; Protocols; Aerospace electronics; Kernel;

机译：实时系统;安全性;硬件;计时;协议;航空航天电子;内核;

相似文献

外文文献
中文文献
专利

1. A systematic literature review of model-driven security engineering for cyber-physical systems [J] . Johannes Geismann, Eric Bodden The Journal of Systems and Software . 2020,第Nova期

机译：网络 - 物理系统模型驱动安全工程系统文献综述
2. Model-based security engineering for cyber-physical systems: A systematic mapping study [J] . Nguyen Phu H., Ali Shaukat, Yue Tao Information and software technology . 2017,第MARa期

机译：网络物理系统基于模型的安全工程：系统映射研究
3. Systematic Assessment of Cyber-Physical Security of Energy Management System for Connected and Automated Electric Vehicles [J] . Guo Lulu, Yang Bowen, Ye Jin, IEEE transactions on industrial informatics . 2021,第5期

机译：有关连接和自动化电动汽车能源管理系统的网络 - 物理安全系统的系统性评价
4. A systematic security analysis of real-time cyber-physical systems [C] . Arvind Easwaran, Anupam Chattopadhyay, Shivam Bhasin Asia and South Pacific Design Automation Conference . 2017

机译：实时网络系统的系统安全分析
5. Efficient Scheduling and Analysis Techniques for Supporting Real-time Cyber-physical Applications and Systems [D] . Dong, Zheng. 2019

机译：用于支持实时网络物理应用和系统的高效调度和分析技术
6. Bio-Inspired Approaches to Safety and Security in IoT-Enabled Cyber-Physical Systems [O] . Anju P. Johnson, Hussain Al-Aqrabi, Richard Hill 2020

机译：基于物联网的网络物理系统中基于生物启发的安全与保障方法
7. Making (Implicit) Security Requirements Explicit for Cyber-Physical Systems: A Maritime Use Case Security Analysis [O] . Tope Omitola, Abdolbaghi Rezazadeh, Michael Butler 2019

机译：用于网络 - 物理系统的明确制作（隐式）安全要求：海事用例安全分析

A systematic security analysis of real-time cyber-physical systems

摘要

著录项

相似文献

相关主题

期刊订阅