Retracted Chapter: Cyber-Physical System Security Controls: A Review

Security and Privacy Aspects in Cyber Physical Systems

The rapid development of advanced information technologies, for example, the Internet of Things and Big Data techniques, has made the energy internet achieve a deep integration of physical systems and cyber systems and realize an effective combination of energy flow and information flow among various networks. However, with increasing automation of the energy internet, the scale of physical networks, the size of cyber networks and the numbers of smart sensors and decision-making units have greatly increased, resulting in complex external or internal factors directly or indirectly impacting the control and decisions of networks through various approaches. The interaction mechanisms between cyber networks and physical networks are becoming increasingly complex in the energy internet, resulting in the security and reliability analysis of cyber-physical systems becoming more complicated. In this chapter, the security of components in cyber-physical systems is first introduced. Multiple uncertainties in cyber-physical system operation are also developed, including different types of cyber attacks and corresponding mitigation strategies as well as the volatility of energy sources and stochastic energy consumption. Moreover, the correlation and cascading failures in cyber-physical systems are analysed to demonstrate the coupling between cyber systems and physical systems. Furthermore, challenges in the security of cyber-physical systems are provided. This chapter mainly analyses cyber-physical system security in the energy internet considering various uncertainties, which can provide technical support for the planning and operation of the energy internet.

Think about someone taking control of your car while you're driving. Or, someone hacking into a drone and taking control. Both of these things have been done, and both are attacks against cyber-physical systems (CPS). Securing Cyber-Physical Systems explores the cybersecurity needed for CPS, with a focus on results of research and real-world deployment experiences. It addresses CPS across multiple sectors of industry. CPS emerged from traditional engineered systems in the areas of power and energy, automotive, healthcare, and aerospace. By introducing pervasive communication support in those systems, CPS made the systems more flexible, high-performing, and responsive. In general, these systems are mission-criticaltheir availability and correct operation is essential. This book focuses on the security of such mission-critical systems. Securing Cyber-Physical Systems brings together engineering and IT experts who have been dealing separately with these issues. The contributed chapters in this book cover a broad range of CPS security topics, including: Securing modern electrical power systems Using moving target defense (MTD) techniques to secure CPS Securing wireless sensor networks (WSNs) used for critical infrastructures Mechanisms to improve cybersecurity and privacy in transportation CPS Anticipated cyberattacks and defense approaches for next-generation autonomous vehicles Security issues, vulnerabilities, and challenges in the Internet of Things Machine-to-machine (M2M) communication security Security of industrial control systems Designing trojan-resilient integrated circuits While CPS security techniques are constantly evolving, this book captures the latest advancements from many different fields. It should be a valuable resource for both professionals and students working in network, web, computer, or embedded system security.

It is our great pleasure to welcome you to the 2013 2nd ACM International Conference on High Confidence Networked Systems (HiCoNS'13) as part of CPSWeek 2013. HiCoNS aims to foster collaborations between researchers from the fields of control and systems theory, embedded systems, game theory, software verification, formal methods, and computer security who are addressing various aspects of resilience of cyber-physical systems (CPS). HiCoNS continues after growing interest and enthusiasm that was created by the First Workshop on Secure Control Systems (SCS) at CPSWeek 2010, the Workshop on the Foundations of Dependable and Secure Cyber-Physical Systems (FDSCPS) at CPSWeek 2011, and the 1st ACM International Conference on High Confidence Networked Systems (HiCoNS'12) as part of CPSWeek 2012. This year's conference aimed to present novel research, development, and experimentation addressing the security, robustness, and reliability of cyber-physical systems that govern the operation of critical infrastructures such as power transmission, water distribution, transportation, healthcare, building automation, and many more. The use of Internet-connected devices and commodity IT solutions and the malicious intents of hackers and cybercriminals have made these technologies more vulnerable. Despite attempts to develop guidelines for the design and operation of systems via security policies, much remains to be done to achieve a principled, science-based approach to enhance security, trustworthiness, and dependability of networked cyber-physical systems. The technical program of HiCoNS'13 will present theories and methodologies from such areas as fault-tolerant and networked control systems, game theory for multi-agent dynamics in uncertain environments, and learning and verification theory for secure and trustworthy cyber-physical systems. The technical program includes sessions focused on Resilient Networks, Security Games, Attack Diagnosis, and Security Experimentation. During these sessions, oral presentations will cover both recent research results as well as new directions for future research and development. In addition, the program includes invited talks and panel discussions on emerging topics in resilience of CPS.

It is our great pleasure to welcome you to the 2012 1st ACM International Conference on High Confidence Networked Systems (HiCoNS'12) as part of CPSWeek 2012. HiCoNS aims to foster collaborations between researchers from the fields of control and systems theory, embedded systems, game theory, software verification, formal methods, and computer security who are addressing various aspects of resilience of cyber-physical systems (CPS). HiCoNS was established after growing interest and enthusiasm that was created by the First Workshop on Secure Control Systems (SCS) at CPSWeek 2010 and the Workshop on the Foundations of Dependable and Secure Cyber-Physical Systems (FDSCPS) at CPSWeek 2011. This year's conference aimed to present novel research, development, and experimentation addressing the security, robustness, and reliability of cyber-physical systems that govern the operation of critical infrastructures such as power transmission, water distribution, transportation, healthcare, building automation, and many more. The use of Internet-connected devices and commodity IT solutions and the malicious intents of hackers and cybercriminals have made these technologies more vulnerable. Despite attempts to develop guidelines for the design and operation of systems via security policies, much remains to be done to achieve a principled, science-based approach to enhance security, trustworthiness, and dependability of networked cyber-physical systems. The technical program of HiCoNS'12 will present theories and methodologies from such areas as fault-tolerant and networked control systems, game theory for multi-agent dynamics in uncertain environments, and learning and verification theory for secure and trustworthy cyber-physical systems. The technical program includes sessions focused on Resilient Networks, Security Games, Attack Diagnosis, and Security Experimentation. During these sessions, oral presentations will cover both recent research results as well as new directions for future research and development. In addition, the program includes invited talks and panel discussions on emerging topics in resilience of CPS.

Cyber-physical systems (CPSs) empower the integration of physical processes and cyber infrastructure with the aid of ubiquitous computation resources and communication capabilities. CPSs have permeated modern society and found extensive applications in a wide variety of areas, including energy, transportation, advanced manufacturing, and medical health. The security of CPSs against cyberattacks has been regarded as a long-standing concern. However, CPSs suffer from extendable vulnerabilities that are beyond classical networked systems due to the tight integration of cyber and physical components. Sophisticated and malicious cyberattacks continue to emerge to adversely impact CPS operation, resulting in performance degradation, service interruption, and system failure. Secure state estimation and control technologies play a vital role in warranting reliable monitoring and operation of safety-critical CPSs. This article provides a review of the state-of-the-art results for secure state estimation and control of CPSs. Specifically, the latest development of secure state estimation is summarized in light of different performance indicators and defense strategies. Then, the recent results on secure control are discussed and classified into three categories: 1) centralized secure control; 2) distributed secure control; and 3) resource-aware secure control. Furthermore, two specific application examples of water supply distribution systems and wide-area power systems are presented to demonstrate the applicability of secure state estimation and control approaches. Finally, several challenging issues are discussed to direct future research.

It is our great pleasure to welcome you to the 2014 3rd ACM International Conference on High Confidence Networked Systems (HiCoNS'14) as part of CPSWeek 2014. HiCoNS aims to foster collaborations between researchers from the fields of control and systems theory, embedded systems, game theory, software verification, formal methods, and computer security who are addressing various aspects of resilience of cyber-physical systems (CPS). HiCoNS continues after growing interest and enthusiasm that was created by the First Workshop on Secure Control Systems (SCS), the Workshop on the Foundations of Dependable and Secure Cyber-Physical Systems (FDSCPS), HiCoNS'12, and HiCoNS'13. CPS govern the operation of critical infrastructures such as power transmission, water distribution, transportation, healthcare, building automation, and process control. At the core of these systems are modern control technologies based on embedded computers and networked systems that monitor and control large-scale physical processes. The use of internet-connected devices and commodity IT solutions and the malicious intents of hackers and cybercriminals have made these control technologies more vulnerable. Despite attempts to develop guidelines for the design and operation of systems via security policies, much remains to be done to achieve a principled, science-based approach to enhance security, trustworthiness, and dependability of networked cyber-physical systems. HiCoNS'14 aimed to bring together novel concepts and theories that will help in the development of the science of high confidence networked systems, in particular those considered cyber-physical systems (CPS) and their interactions with human decision makers. The conference focused on system theoretic approaches to address fundamental challenges to increase the confidence of networked CPS by making them more secure, dependable, and trustworthy. The technical program includes sessions focused on Resilient Monitoring and Estimation, Security of Networked and Distributed Control Systems, Verification of Security Properties, and Security of CPS applications. The technical program also includes an invited session on improving CPS Resilience by integrating Robust Control and Theory of Incentives. During these sessions, presentations will cover both recent research results as well as new directions for future research and development. In addition, the program includes two invited talks and a poster session on emerging topics in resilience of CPS.

Today, cyber physical systems (CPS) are becoming popular in power networks, healthcare devices, transportation networks, industrial process and infrastructures. As cyber physical systems are used more and more extensively and thoroughly, security of cyber physical systems has become the utmost important concern in system design, implementation and research. Many kinds of attacks arise (e.g. the Stuxnet worm), causing heavy losses and serious potential security risks. For the past few years, researchers are focusing their researches on different aspects of security of cyber physical systems. In this paper, we propose a security framework assuring the security of cyber physical systems and analyze main universities and institutes studying CPS security and their relations in three levels: CPS security objectives, CPS security approaches and security in specific CPS applications. Finally, a conclusion of this article is given.

It is our great pleasure to welcome you to the Second ACM Workshop on Cyber-Physical Systems Security and PrivaCy (CPS-SPC) in conjunction with the 23rd ACM Conference on Computer and Communications Security (CCS) in Vienna, Austria. Our increased dependency on cyber-physical systems (CPS) has amplified concerns of cyber attacks on these systems. These transformative attack methods require additional research into secure control systems and related architectures of CPS. The majority of the published literature addressing the security and privacy of CPS reflect a field still in its infancy; as such, the overall principles, models, and theories for securing CPS have not yet emerged. It is hoped that this workshop will provide a focal point for the research community to begin addressing the security and privacy of CPS in a comprehensive and multidisciplinary manner and, in tandem with other efforts, build a comprehensive research roadmap. As a workshop, we expect to attract papers that reflect ongoing work that are still "works in progress". This year's workshop builds on the foundation laid last year to become one of the premier forums for presentation of interdisciplinary research results and experience reports at the interface of control theory, information security, embedded and real-time systems and human factors applied to CPS. The mission of the workshop is to create a community of researchers focusing on diverse aspects of CPS Security and Privacy, and to provide researchers and practitioners a premiere forum to share their perspectives with others interested in interdisciplinary approaches to solve the challenging security and privacy problems in CPS. The workshop attracted 26 submissions from across 10 countries, and all papers were reviewed by at least three program committee members. 12 papers were accepted leading to a 46% acceptance rate.

Cyber Physical Systems (CPS) security testbeds serve as a platform for evaluating and validating novel CPS security tools and technologies, accelerating the transition of state-of-the-art research to industrial practice. The engineering of CPS security testbeds requires significant investments in money, time and modeling efforts to provide a scalable, high-fidelity, real-time attack-defense platform. Therefore, there is a strong need in academia and industry to create remotely accessible testbeds that support a range of use-cases pertaining to CPS security of the grid, including vulnerability assessments, impact analysis, product testing, attack-defense exercises, and operator training. This paper describes the implementation architecture, and capabilities of a remote access and experimental orchestration framework developed for the PowerCyber CPS security testbed at Iowa State University (ISU). The paper then describes several engineering challenges in the development of such remotely accessible testbeds for Smart Grid CPS security experimentation. Finally, the paper provides a brief case study with some screenshots showing a particular use case scenario on the remote access framework.

Cyber-physical systems combine data processing and physical interaction. Therefore, security in cyber-physical systems involves more than traditional information security. This paper surveys recent research on security in cloud-based cyber-physical systems. In addition, this paper especially analyzes the security issues in modern production devices and smart mobility services, which are examples of cyber-physical systems from different application domains.

This paper considers the development of information flow analyses to support resilient design and active detection of adversaries in cyber physical systems (CPS). CPS security, though well studied, suffers from fragmentation. In this paper, we consider control systems as an abstraction of CPS. Here, we use information flow analysis, a well established set of methods developed in software security, to obtain a unified framework that captures and extends results in control system security. Specifically, we propose the Kullback Liebler (KL) divergence as a causal measure of information flow, which quantifies the effect of adversarial inputs on sensor outputs. We show that the proposed measure characterizes the resilience of control systems to specific attack strategies by relating the KL divergence to optimal detection. We then relate information flows to stealthy attack scenarios where an adversary can bypass detection. Finally, this article examines active detection mechanisms where a defender intelligently manipulates control inputs or the system itself to elicit information flows from an attacker's malicious behavior. In all previous cases, we demonstrate an ability to investigate and extend existing results through the proposed information flow analyses.

It is our great pleasure to welcome you to the Fifth ACM Workshop on Cyber-Physical Systems Security and PrivaCy (CPS-SPC) in conjunction with the 26th ACM Conference on Computer and Communications Security (CCS) in London, United Kingdom. Our increased dependency on cyber-physical systems (CPS) has amplified concerns of cyber attacks on these systems. These transformative attack methods require additional research into secure control systems and related architectures of CPS. The majority of the published literature addressing the security and privacy of CPS reflect a field that is still developing. As such, the overall principles, models, and theories for securing CPS have not yet emerged. The CPS-SPC workshop series provides a focal point for the research community to begin addressing the security and privacy of CPS in a comprehensive and interdisciplinary manner and, in tandem with other efforts, build a comprehensive research roadmap. As a workshop, we expect to attract papers that reflect new research directions in CPS security and privacy as well as early results based on "works in progress". This year's workshop builds on the foundation laid last year to become one of the premier forums for presentation of interdisciplinary research results and experience reports at the interface of control theory, information security, embedded and real-time systems and human factors applied to CPS. The mission of the workshop is to create a community of researchers focusing on diverse aspects of CPS Security and Privacy, and to provide researchers and practitioners a premier forum to share their perspectives with others interested in interdisciplinary approaches to solve the challenging security and privacy problems in CPS.

It is our great pleasure to welcome you to the Fourth ACM Workshop on Cyber-Physical Systems Security and PrivaCy (CPS-SPC) in conjunction with the 25th ACM Conference on Computer and Communications Security (CCS) in Toronto, Canada. Our increased dependency on cyber-physical systems (CPS) has amplified concerns of cyber attacks on these systems. These transformative attack methods require additional research into secure control systems and related architectures of CPS. The majority of the published literature addressing the security and privacy of CPS reflect a field that is still developing. As such, the overall principles, models, and theories for securing CPS have not yet emerged. The CPS-SPC workshop series provides a focal point for the research community to begin addressing the security and privacy of CPS in a comprehensive and interdisciplinary manner and, in tandem with other efforts, build a comprehensive research roadmap. As a workshop, we expect to attract papers that reflect new research directions in CPS security and privacy as well as early results based on "works in progress". This year's workshop builds on the foundation laid last year to become one of the premier forums for presentation of interdisciplinary research results and experience reports at the interface of control theory, information security, embedded and real-time systems and human factors applied to CPS. The mission of the workshop is to create a community of researchers focusing on diverse aspects of CPS Security and Privacy, and to provide researchers and practitioners a premier forum to share their perspectives with others interested in interdisciplinary approaches to solve the challenging security and privacy problems in CPS. The workshop attracted 22 submissions from across 15 countries, and all papers were reviewed by at least three program committee members. 8 full papers and 2 short papers were accepted leading to a 45% acceptance rate.

Security and Privacy Aspect of Cyber Physical Systems