Mission-Aware Vulnerability Assessment for Cyber-Physical Systems

Xiaotian Wang, Matthew Davis, Junjie Zhang, Vance Saunders

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Designing secure cyber-physical systems (CPS) is fundamentally important and performing vulnerability assessment becomes indispensable. In this paper, we discuss our ongoing work on building an automated mission-aware vulnerability CPS assessment framework that can accomplish three objectives including i) mapping CPS missions into infrastructural components, ii) evaluating global impact of each vulnerability, and iii) achieving verifiable results and high flexibility. In order to accomplish these objectives, we follow a model-assisted analysis strategy. Specifically, we take advantage of CPS simulator to model the behaviors of CPS components under different missions, our framework facilitates a bottom-up approach to construct a holistic model of a CPS that aim at profiling relationships among all CPS components. Formal methods, including program symbolic execution, logic programming, and linear optimization, have been employed to analyze the model, which build mathematical rigor into our framework. The framework first identifies mission-critical components, then discovers all attack paths from system access points to mission-critical components, and finally recommends the optimized mitigation plan.

Original languageEnglish
Title of host publication2015 IEEE Trustcom/BigDataSE/ISPA
PublisherIEEE
Pages1148-1153
Number of pages6
ISBN (Electronic)978-1-4673-7952-6, 978-1-4673-7951-9
DOIs
StatePublished - 2015
Event14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015 - Helsinki, Finland
Duration: Aug 20 2015Aug 22 2015

Conference

Conference14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015
Country/TerritoryFinland
CityHelsinki
Period8/20/158/22/15

ASJC Scopus Subject Areas

  • Computer Networks and Communications

Keywords

  • Cyber-physical systems
  • Formal methods
  • Security
  • Vulnerability assessment

Disciplines

  • Computer Sciences
  • Engineering

Cite this