Incremental Security Enforcement for Cyber-Physical Systems

Cyber-Physical attacks (CP-attacks) are launched either from the cyber-space or from the physical-space to take control of a Cyber-Physical System (CPS). Unlike conventional cyber-attacks, which are prevented through new security patches as new attacks emerge, there are no known mechanisms for incre...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:IEEE access Ročník 11; s. 1
Hlavní autori: Panda, Abhinandan, Baird, Alex, Pinisetty, Srinivas, Roop, Partha
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: Piscataway IEEE 01.01.2023
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Predmet:
Bidirectional control
Cyber-physical systems
Cyberattack
Cybersecurity
Drones
Monitoring
Policies
Runtime
Runtime Enforcement
Security
Synchronous Programming
ISSN:2169-3536, 2169-3536
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:Cyber-Physical attacks (CP-attacks) are launched either from the cyber-space or from the physical-space to take control of a Cyber-Physical System (CPS). Unlike conventional cyber-attacks, which are prevented through new security patches as new attacks emerge, there are no known mechanisms for incrementally patching CPS in the event of new attacks. To this end, we develop a novel approach based on recent advances in mitigating CP-attacks using run-time enforcement (RE). RE-methods have been developed for CPS, such as industrial processes and pacemakers. However, the proposed solutions are not developed considering the need for future patching as new attacks emerge. To this end, we develop the first compositional RE framework, which is specifically developed to be able to add new security patches as new security policies are added. We illustrate our approach using the case study of a drone swarm. The experimental results show that the proposed compositional/incremental approach does not suffer from the state space explosion, unlike the monolithic composition. We demonstrate a linear relationship between compile time, compile size, and execution time as the number of policies increases in the proposed compositional scheme.
Bibliografia:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2023.3246121