Abstract
Cyber-physical systems (CPS) are interconnected architectures that employ analog and digital components as well as communication and computational resources for their operation and interaction with the physical environment. CPS constitute the backbone of enterprise (e.g., smart cities), industrial (e.g., smart manufacturing), and critical infrastructure (e.g., energy systems). Thus, their vital importance, interoperability, and plurality of computing devices make them prominent targets for malicious attacks aiming to disrupt their operations. Attacks targeting cyber-physical energy systems (CPES), given their mission-critical nature within the power grid infrastructure, can lead to disastrous consequences. The security of CPES can be enhanced by leveraging testbed capabilities in order to replicate and understand power systems operating conditions, discover vulnerabilities, develop security countermeasures, and evaluate grid operation under fault-induced or maliciously constructed scenarios. Adequately modeling and reproducing the behavior of CPS could be a challenging task. In this paper, we provide a comprehensive overview of the CPS security landscape with an emphasis on CPES. Specifically, we demonstrate a threat modeling methodology to accurately represent the CPS elements, their interdependencies, as well as the possible attack entry points and system vulnerabilities. Leveraging the threat model formulation, we present a CPS framework designed to delineate the hardware, software, and modeling resources required to simulate the CPS and construct high-fidelity models that can be used to evaluate the system's performance under adverse scenarios. The system performance is assessed using scenario-specific metrics, while risk assessment enables the system vulnerability prioritization factoring the impact on the system operation. The overarching framework for modeling, simulating, assessing, and mitigating attacks in a CPS is illustrated using four representative attack scenarios targeting CPES. The key objective of this paper is to demonstrate a step-by-step process that can be used to enact in-depth cybersecurity analyses, thus leading to more resilient and secure CPS.
Highlights
IntroductionAccording to the National Institute of Standards and Technology (NIST) [1], cyber-physical systems (CPS) refer to architectures that incorporate digital, analog, and physical components
Different techniques from game theory, graph theory, and probabilistic modeling have been utilized to assess the capability of cyber-physical energy systems (CPES) when supporting critical loads after they have been compromised or the system has suffered unexpected disturbances
In the developed threat modeling methodology, we evaluate threats and prioritize them based on the degradation that they can potentially inflict on the cyber-physical systems (CPS)
Summary
According to the National Institute of Standards and Technology (NIST) [1], cyber-physical systems (CPS) refer to architectures that incorporate digital, analog, and physical components. The interaction of these components is determined by the dynamics of the system and the rules which orchestrate its operation. Time-delay attacks (TDA) are a type of DAAs where attackers aim to destabilize the operation of a compromised control system by delaying measurements and/or control commands of sensors and actuators This type of attack does not require a massive amount of attacker resources.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.