Transcript Slide 1
Introduction to CPS Security
Dr. Fei Hu { [email protected] }
Department of Electrical and Computer Engineering
University of Alabama
Tuscaloosa, Alabama
1
Motivation
"Cyber-Physical Systems (CPS) is a critical part of the national
cyber infrastructure. Security threats to CPS pose significant risk
to the health and safety of human lives, threaten severe damage
to the environment, and could impose an adverse impact on the
U.S. economy."
- Homeland Security, Dr. Nabil Adam, 2010.
2
CPS Security: What?
cyber objects
Cyber-physical
Interaction security
Sensors
Physical → Cyber:
Monitoring Security
• Sensor data attacks
• RFID tag attacks
• Memory reading attacks
• Log attacks (forensics)
Implantable devices
computing
(HW/SW)
Actuators
Smart grid
Physical objects
App 1:
Healthcare
IMD
App 2: Renewable Energy
Cyber → Physical:
Control Security
• Wireless charge attacks;
• Close-loop control attacks;
• Device coordination attack;
• Command misleading, etc.
Fig.2 Cyber-Physical Systems (CPS): Security Perspective
App 3: Industrial
Control
3
CPS Security: Why?
Cannot simply use conventional,
general cyber security schemes to
achieve all CPS protections.
This is because most CPS security
solutions need to be closely
integrated with the underlying
physical process control features.
4
CPS Security: Example
IMD Wireless Powering security
Pacemaker
Oscillator
Inductor
Electromagnetic
wave
Fig.3 Wireless IMD Power charge
- It is meaningless to use
conventional cryptographies to
encrypt the power charge waves
- Energy transfer is entirely
different from data transfer
Physical: Wireless
Charge Circuit
Cyber: Two-Level, Chaos-based
Resonance Frequency Tuning algorithms
Fig.4 CPS-oriented security solution
5
Motivation
“It is estimated that as much as 10% of all high-tech
products sold globally are counterfeit which leads to a
conservative estimate of $100 billion of revenue loss.”
[Guajardo et al, 2008]
Several invasive and semi-invasive physical
tampering methods have been developed,
which made it possible to learn the ROMbased keys through attacks and compromise
systems by using counterfeit copies of the
secret information.
7
8
Layered Architecture and
Modularized Design
9
10
A Holistic Viewpoint
11
A Possible Solution:
Defense‐in‐Depth
12
A Data Mining Approach to CPS Security
13
Use Historical Data for Anomaly Detection
14
15
16
CPS Smart grid Interactions
a
b
c
Read state of Physical system
d
Issue command to make a setting
Message exchange including
partial state information
e
c
IEM1
IEM2
DGI
b
d
PHEV
a
e
SST
Load
PV
Power draw or contribution
on the shared power bus
Event due to physical flow on
the shared power bus
PHEV
IEM3
DGI
DGI
SST
SST
Load
Wind
Battery
e
a
c
b
d
e
At this IEM, information obtained from
the observable physical event yields
information about the cyber command
(b)
Load
PV
a
c
b
d
e
Information flow usecase of a CPS
• Information Flow Security aims at guaranteeing that no high level
(confidential) information is revealed to users at a low level, even
in the presence of any possible cyber/physical process
• Potential information flow models for CPSs:
– Non-Interference: Information does not flow from high to low if the high
behavior has no effect on what low level observer can observe
– Non-Inference: leaves a low level observer in doubt about high level events.
– Non-deducibility: Given a set of low-level outputs, no low-level subject
should be able to deduce anything about the high-level inputs [Sutherland].
– Composition of deducibly secure systems: not composable [McCullough]
– McCullough`s Generalized noninterference-secure property considers nondeterminism of real systems
PUFs
Physical Unclonable Functions(PUFs)
-a function which is an innovative circuit primitive that exploits the
unique intrinsic uncontrollable physical features which are introduced
by manufacturing process variations.
Physical Objects
Process Variations
PUF
Unpredictable Behavior
Easy to Evaluate
Hard to Clone
Anti-counterfeiting marks for ICs
Thank you!
Questions?
21