Abstract
Designing secure cyber-physical systems (CPS) is fundamentally important and performing vulnerability assessment becomes indispensable. In this paper, we discuss our ongoing work on building an automated mission-aware vulnerability CPS assessment framework that can accomplish three objectives including i) mapping CPS missions into infrastructural components, ii) evaluating global impact of each vulnerability, and iii) achieving verifiable results and high flexibility. In order to accomplish these objectives, we follow a model-assisted analysis strategy. Specifically, we take advantage of CPS simulator to model the behaviors of CPS components under different missions, our framework facilitates a bottom-up approach to construct a holistic model of a CPS that aim at profiling relationships among all CPS components. Formal methods, including program symbolic execution, logic programming, and linear optimization, have been employed to analyze the model, which build mathematical rigor into our framework. The framework first identifies mission-critical components, then discovers all attack paths from system access points to mission-critical components, and finally recommends the optimized mitigation plan.
Original language | English |
---|---|
Title of host publication | 2015 IEEE Trustcom/BigDataSE/ISPA |
Publisher | IEEE |
Pages | 1148-1153 |
Number of pages | 6 |
ISBN (Electronic) | 978-1-4673-7952-6, 978-1-4673-7951-9 |
DOIs | |
State | Published - 2015 |
Event | 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015 - Helsinki, Finland Duration: Aug 20 2015 → Aug 22 2015 |
Conference
Conference | 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015 |
---|---|
Country/Territory | Finland |
City | Helsinki |
Period | 8/20/15 → 8/22/15 |
ASJC Scopus Subject Areas
- Computer Networks and Communications
Keywords
- Cyber-physical systems
- Formal methods
- Security
- Vulnerability assessment
Disciplines
- Computer Sciences
- Engineering