Cyber-physical systems (CPS) embody a tight integration between network-based communications, software, sensors, and physical processes. While the integration of cyber technologies within legacy systems will most certainly introduce opportunities and advancements not yet envisioned, it will undoubtedly also pave the way to misdemeanors that will exploit systems' resources, causing drastic and severe nationwide impacts. While almost all works in the literature exclusively tackled the security of one independent aspect of CPS (i.e., cyber or physical), we argue that these systems cannot be decoupled. In this context, we present what we believe is a first attempt ever to tackle the problem of CPS security in a coupled and a systematic manner. To this end, this article proposes a novel approach that federates the cyber and physical environments to infer and attribute tangible CPS attacks. This is achieved by - Leveraging real cyber threat intelligence derived from empirical measurements. - Capturing and investigating CP data flows by devising an innovative CPS threat detector. An added value of the proposed approach is rendered by physical remediation strategies, which are envisioned to automatically be invoked as a reaction to the inferred attacks to provide CPS resiliency. We conclude this article by discussing a few design considerations and presenting three case studies that demonstrate the feasibility of the proposed approach.
Cyber meets control: A novel federated approach for resilient cps leveraging real cyber threat intelligence / Bou-Harb E.; Lucia W.; Forti N.; Weerakkody S.; Ghani N.; Sinopoli B.. - In: IEEE COMMUNICATIONS MAGAZINE. - ISSN 0163-6804. - STAMPA. - 55:(2017), pp. 7864816.198-7864816.204. [10.1109/MCOM.2017.1600292CM]
Cyber meets control: A novel federated approach for resilient cps leveraging real cyber threat intelligence
Forti N.;
2017
Abstract
Cyber-physical systems (CPS) embody a tight integration between network-based communications, software, sensors, and physical processes. While the integration of cyber technologies within legacy systems will most certainly introduce opportunities and advancements not yet envisioned, it will undoubtedly also pave the way to misdemeanors that will exploit systems' resources, causing drastic and severe nationwide impacts. While almost all works in the literature exclusively tackled the security of one independent aspect of CPS (i.e., cyber or physical), we argue that these systems cannot be decoupled. In this context, we present what we believe is a first attempt ever to tackle the problem of CPS security in a coupled and a systematic manner. To this end, this article proposes a novel approach that federates the cyber and physical environments to infer and attribute tangible CPS attacks. This is achieved by - Leveraging real cyber threat intelligence derived from empirical measurements. - Capturing and investigating CP data flows by devising an innovative CPS threat detector. An added value of the proposed approach is rendered by physical remediation strategies, which are envisioned to automatically be invoked as a reaction to the inferred attacks to provide CPS resiliency. We conclude this article by discussing a few design considerations and presenting three case studies that demonstrate the feasibility of the proposed approach.I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.