Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Physical System Security

Published byDuane Atkins Modified over 6 years ago

Similar presentations

Presentation on theme: "Cyber Physical System Security"— Presentation transcript:

1 Cyber Physical System Security
University of South Florida Xinming (Simon) Ou SCOWCT Annual Meeting Oct 26, 2016

2 Key Issue in CPS Security
Cyber breaches may drive physical processes/systems to an unsafe state. Smart buildings Smart grids Smart cars Smart transportation Smart city Smart …

3 What might future ITS look like?
TMC

4 Cybersecurity Challenges
Complete isolation between the transportation control network and the Internet may not be feasible Increasing number of points of entry Adversaries may compromise devices connected to the control network

5 A Related Project: Building Security
Buildings are ubiquitous critical infrastructure, yet often the last to be considered as such Building Automation Systems (BAS) are a class of complex network-based distributed system BAS is a system of Cyber- Physical Systems

6 Bio-Containment Facility
Example Scenario Bio-Containment Facility

7 Key Safety Requirement
Mockup BAS for a Zone The BAS is responsible for: Security control Interlock control Fire alarm control Decontamination control Temperature control Air pressure control Key Safety Requirement

8 Differential Pressure Requirement
Exhaust airflow Supply airflow

9 Big attack surface, serious risks
Zero security in communication Little Protection for Controller and Processes on it

10 Current Controllers Fall Short
Software vulnerable to arbitrary code injection Compromised applications can infect/impact others Devices on the network lack trust

11 What do We Need from Controllers?
Process Isolation Robust Design with Small Trusted Computing Base Explicit Management of Critical Constraints Device/task Identification and Network Access Control

12 How to Secure the Controllers?
Kernel is the “pinch point” of all information flows, including malicious ones. In monolithic kernels the entire OS works in kernel space with absolute power With time OS gets bigger, more complex, slower, and more error prone Nearly impossible to secure the entire OS Microkernel: easier path to security

13 Two Candidate Microkernels
MINIX 3 Free, open-source microkernel OS; developed over 30 years (V3 released in 2005) 4000 LOC Small, simple, and easy to modify Lack of real-time support, Lack of formal verification seL4 “The world's first operating-system kernel with an end-to-end proof of implementation correctness and security enforcement” 10.2 KLOC Support real-time constraints (not formally verified yet)

14 Secure RTOS Architecture
Process isolation with microkernel Fine-grained mandatory access control Real-time guarantees even with presence of malice Platform unforgeable identity and proxy- based network communication Co-existing with unmodified legacy OS and apps

15 Current Efforts Modify MINIX to support
Mandatory access control for Inter Process Communication and network communication Real-time property enforcement Understand seL4 with an eye towards targeting implementation Design a constraint language to model the security/safety properties of the system Map domain requirements to kernel policies

16 Benefits Build security in – fundamentally change the "breach and patch" cycle Manage security and safety in the same framework Support diverse constraints for different types of buildings; extensible to other CPS domains Minimize barrier to adoption by allowing running existing untrusted legacy devices

17 Going back to the Transportation System
Will integration with other CPSes become a trend/need? Will controllers/PLCs be widely used in ITS? What are the possible safety failures for future ITSes?

Download ppt "Cyber Physical System Security"

Similar presentations

1 Trust Evidence in Heterogeneous Environments: Towards a Research Agenda Ravi Sandhu Executive Director and Endowed Professor May 2010

1 Trust Evidence in Heterogeneous Environments: Towards a Research Agenda Ravi Sandhu Executive Director and Endowed Professor May 2010
1 Trust Evidence in Heterogeneous Environments: Towards a Research Agenda Ravi Sandhu Executive Director and Endowed Professor May 2010

1 Trust Evidence in Heterogeneous Environments: Towards a Research Agenda Ravi Sandhu Executive Director and Endowed Professor May 2010
MicroKernel Pattern Presented by Sahibzada Sami ud din Kashif Khurshid.

MicroKernel Pattern Presented by Sahibzada Sami ud din Kashif Khurshid.
Software Security & Privacy Risks in Mobile E-Commerce Kartikeya Kakarala CSCI 5939-Independent Study Wireless Application Protocols.

Software Security & Privacy Risks in Mobile E-Commerce Kartikeya Kakarala CSCI 5939-Independent Study Wireless Application Protocols.
Trusted Ring: A Security Enhancing Software Architecture Michael DiRossi, Inventor The Johns Hopkins University Applied Physics Laboratory.

Trusted Ring: A Security Enhancing Software Architecture Michael DiRossi, Inventor The Johns Hopkins University Applied Physics Laboratory.
Department of Computer Science and Engineering University of Washington Brian N. Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,

Department of Computer Science and Engineering University of Washington Brian N. Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,
Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.

Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.
Dancing with Giants: Wimpy Kernels for On-demand Isolated I/O Presenter: Probir Roy Computer Science Department College of William & Mary.

Dancing with Giants: Wimpy Kernels for On-demand Isolated I/O Presenter: Probir Roy Computer Science Department College of William & Mary.
EXTENSIBILITY, SAFETY AND PERFORMANCE IN THE SPIN OPERATING SYSTEM B. Bershad, S. Savage, P. Pardyak, E. G. Sirer, D. Becker, M. Fiuczynski, C. Chambers,

EXTENSIBILITY, SAFETY AND PERFORMANCE IN THE SPIN OPERATING SYSTEM B. Bershad, S. Savage, P. Pardyak, E. G. Sirer, D. Becker, M. Fiuczynski, C. Chambers,
Software Construction

Software Construction
Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce

Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce
Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.

Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.
Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.

Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.
Cloud Usability Framework

Cloud Usability Framework
Adversaries in Clouds: Protecting Data in Cloud-Based Applications Nick Feamster Georgia Tech.

Adversaries in Clouds: Protecting Data in Cloud-Based Applications Nick Feamster Georgia Tech.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
On-Chip Control Flow Integrity Check for Real Time Embedded Systems Fardin Abdi Taghi Abad, Joel Van Der Woude, Yi Lu, Stanley Bak, Marco Caccamo, Lui.

On-Chip Control Flow Integrity Check for Real Time Embedded Systems Fardin Abdi Taghi Abad, Joel Van Der Woude, Yi Lu, Stanley Bak, Marco Caccamo, Lui.
Stack Management Each process/thread has two stacks  Kernel stack  User stack Stack pointer changes when exiting/entering the kernel Q: Why is this necessary?

Stack Management Each process/thread has two stacks  Kernel stack  User stack Stack pointer changes when exiting/entering the kernel Q: Why is this necessary?
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
CSCE 548 Secure Software Development Risk-Based Security Testing.

CSCE 548 Secure Software Development Risk-Based Security Testing.

Similar presentations

Ads by Google