A Method for Revealing and Addressing Security Vulnerabilities in Cyber-physical Systems by Modeling Malicious Agent Interactions with Formal Verification
Several cyber-attacks on the cyber-physical systems (CPS) that monitor and control critical infrastructure were publically announced over the last few years. Almost without exception, the proposed security solutions focus on preventing unauthorized access to the industrial control systems (ICS) at v...
Saved in:
Published in | Procedia computer science Vol. 95; pp. 24 - 31 |
---|---|
Main Authors | , , , |
Format | Journal Article |
Language | English |
Published |
Elsevier B.V
2016
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Abstract | Several cyber-attacks on the cyber-physical systems (CPS) that monitor and control critical infrastructure were publically announced over the last few years. Almost without exception, the proposed security solutions focus on preventing unauthorized access to the industrial control systems (ICS) at various levels – the defense in depth approach. While useful, it does not address the problem of making the systems more capable of responding to the malicious actions of an attacker once they have gained access to the system. The first step in making an ICS more resilient to an attacker is identifying the cyber security vulnerabilities the attacker can use during system design. This paper presents a method that reveals cyber security vulnerabilities in ICS through the formal modeling of the system and malicious agents. The inclusion of the malicious agent in the analysis of an existing systems identifies security vulnerabilities that are missed in traditional functional model checking. |
---|---|
AbstractList | Several cyber-attacks on the cyber-physical systems (CPS) that monitor and control critical infrastructure were publically announced over the last few years. Almost without exception, the proposed security solutions focus on preventing unauthorized access to the industrial control systems (ICS) at various levels – the defense in depth approach. While useful, it does not address the problem of making the systems more capable of responding to the malicious actions of an attacker once they have gained access to the system. The first step in making an ICS more resilient to an attacker is identifying the cyber security vulnerabilities the attacker can use during system design. This paper presents a method that reveals cyber security vulnerabilities in ICS through the formal modeling of the system and malicious agents. The inclusion of the malicious agent in the analysis of an existing systems identifies security vulnerabilities that are missed in traditional functional model checking. |
Author | Wardell, Dean C. Peterson, Gilbert L. Oxley, Mark E. Mills, Robert F. |
Author_xml | – sequence: 1 givenname: Dean C. surname: Wardell fullname: Wardell, Dean C. email: dean.wardell@us.af.mil – sequence: 2 givenname: Robert F. surname: Mills fullname: Mills, Robert F. – sequence: 3 givenname: Gilbert L. surname: Peterson fullname: Peterson, Gilbert L. – sequence: 4 givenname: Mark E. surname: Oxley fullname: Oxley, Mark E. |
BookMark | eNp9kMtKQzEQhoMoeH0CN3mBc0xOem4LF6V4A4tgtduQy8SmnCYlSZXzKj6tqbpw5WxmhuH7GP5TdOi8A4QuKSkpoc3VutwGr2JZ5aUkfVl1_QE6oV3bFqQm_eGf-RhdxLgmuVjX9bQ9QZ9TPIe08hobH_AzvIMYrHvDwmk81TpAjPt1AWoXbBrxcjc4CELawSYLEVuHZ6OEUGxXY7RKDHgxxgSbiOWI517Dt22epcr6XcTTN3AJP7iUJSpZ7yL-sGmFb33YZHgJwZqs2V_O0ZERQ4SL336GXm9vXmb3xePT3cNs-lgoNulSUU1EZWgrJGOMVq2oJ1pqYmTd15q1IJmRmhnSdMTUpKFSdKqXfUNbYFVjasbOEPvxquBjDGD4NtiNCCOnhO8T5mv-nTDfJ8xJz3PCmbr-oSC_9m4h8KgsOAXaBlCJa2__5b8AogiLNA |
CitedBy_id | crossref_primary_10_1016_j_dib_2021_107166 crossref_primary_10_1016_j_measen_2022_100654 crossref_primary_10_3934_ElectrEng_2019_2_111 crossref_primary_10_1016_j_jlamp_2018_04_001 crossref_primary_10_1016_j_scs_2021_102816 crossref_primary_10_1109_MAES_2018_170021 crossref_primary_10_1016_j_ress_2018_06_011 crossref_primary_10_1080_23744731_2024_2336839 |
Cites_doi | 10.1109/SECPRI.2002.1004377 10.1177/154193121005401315 10.1007/s10845-013-0760-z 10.1109/CCAC.2015.7345181 10.1109/iThings/CPSCom.2011.34 10.1002/prs.680220408 10.1016/j.compeleceng.2012.06.015 10.1016/j.ijcip.2012.08.002 10.2172/1166644 10.1016/j.adhoc.2009.04.012 10.1016/j.cose.2006.03.001 10.1109/ACSAC.2007.27 |
ContentType | Journal Article |
Copyright | 2016 |
Copyright_xml | – notice: 2016 |
DBID | 6I. AAFTH AAYXX CITATION |
DOI | 10.1016/j.procs.2016.09.289 |
DatabaseName | ScienceDirect Open Access Titles Elsevier:ScienceDirect:Open Access CrossRef |
DatabaseTitle | CrossRef |
DatabaseTitleList | |
DeliveryMethod | fulltext_linktorsrc |
Discipline | Computer Science |
EISSN | 1877-0509 |
EndPage | 31 |
ExternalDocumentID | 10_1016_j_procs_2016_09_289 S1877050916324619 |
GroupedDBID | --K 0R~ 0SF 1B1 457 5VS 6I. 71M AACTN AAEDT AAEDW AAFTH AAIKJ AALRI AAQFI AAXUO ABMAC ACGFS ADBBV ADEZE AEXQZ AFTJW AGHFR AITUG ALMA_UNASSIGNED_HOLDINGS AMRAJ E3Z EBS EJD EP3 FDB FNPLU HZ~ IXB KQ8 M41 M~E NCXOZ O-L O9- OK1 P2P RIG ROL SES SSZ AAYXX ACRPL ADNMO ADVLN AKRWK CITATION |
ID | FETCH-LOGICAL-c348t-24a2f17ab333127a54dbd0fb595d37eb3fbd3f0680f5061ba8c9b9617e326f533 |
IEDL.DBID | IXB |
ISSN | 1877-0509 |
IngestDate | Fri Dec 06 01:28:35 EST 2024 Wed May 17 00:58:03 EDT 2023 |
IsDoiOpenAccess | true |
IsOpenAccess | true |
IsPeerReviewed | true |
IsScholarly | true |
Keywords | industrial control systems model checking vulnerability detection malicious agents |
Language | English |
License | This is an open access article under the CC BY-NC-ND license. |
LinkModel | DirectLink |
MergedId | FETCHMERGED-LOGICAL-c348t-24a2f17ab333127a54dbd0fb595d37eb3fbd3f0680f5061ba8c9b9617e326f533 |
OpenAccessLink | https://www.sciencedirect.com/science/article/pii/S1877050916324619 |
PageCount | 8 |
ParticipantIDs | crossref_primary_10_1016_j_procs_2016_09_289 elsevier_sciencedirect_doi_10_1016_j_procs_2016_09_289 |
PublicationCentury | 2000 |
PublicationDate | 2016 2016-00-00 |
PublicationDateYYYYMMDD | 2016-01-01 |
PublicationDate_xml | – year: 2016 text: 2016 |
PublicationDecade | 2010 |
PublicationTitle | Procedia computer science |
PublicationYear | 2016 |
Publisher | Elsevier B.V |
Publisher_xml | – name: Elsevier B.V |
References | 25:498-506, 2006. Zetter, Kim Fernandez, B., Blanco, E. and Merezhin, A., Testing & Verification of PLC Code for Process Control Carpanzano, L., et al, Automated Formal Verification for Flexible Manufacturing Systems Cardenas, Roosta, Sastry (bib0030) 2009; 7 (CCAC), 1-6 (2015). Papers from the AAAI Spring Symposium, 2014. Siemens 2013. Washington State University, St Louis, MO., 2011. http://www.cse.wustl.edu/∼jain/cse571-11/ftp/ics/index.html. (S&P’02), 2002. Ecole Nationale Supérieure des Télécommunications, Département Réseaux, Paris, France, 1998. Building Technologies, 125-3209, Rev 1, March 2004, section 3, pages 67-80. Caswell, J. pages 477-486, 2007. Combefis, S., Giannakopoulou, D.and Pecheur, C., State Event Models for the Formal Analysis of Human-Machine Interactions Sparks, S., Embleton, S., Cunningham, R. and Zou, C., Automated Vulnerability Analysis: Leveraging Control Flow for Evolutionary Input Crafting Armstrong, R.C., Punnoose, R.J., Wong, M.H. and Mayo, J.R. Sarwate, A., 2015 Industrial Control System Vulnerability Trends, Presentation at RSA Conference 2015, Session SEC-F04, July 2015. Wired Online, 8 January 2015. http://www.wired.com/2015/01/german-steel-mill-hack-destruction. Combita, J.F., Giraldo, J., Cardenas, A.A. and Quijano, N., Response and Reconfiguration of Cyber-Physical Control Systems: A survey. , 17-18.3.2009. PhD Dissertation, Air Force Institute of Technology, 2013. AFIT -ENG-DS-13-J-03. Vol. 22, No. 4, pages 220-292, 2003. 2014. Billman, D., Work Representations for Evaluating and Modeling Human-Machine Systems Bartha, T., et al, Verification of an Industrial Safety Function Using Coloured Petri Nets and Model Checking, Proceedings of the 14 Yu, W.Y., et al, Modeling and Verification of Online Shopping Business Processes by Considering Malicious Behavior Patterns Valkonen, J., et al, Formal Verification of Safety Automation Logic Designs International Conference on Modern Information Technology in the Innovation Processes of the Industrial Enterprises, 2012. pp 472-485. Sheyner, O., et al, Automated Generation and Analysis of Attack Graphs http://www.informatik.unikiel.de/∼procos/dag9523/steam-boiler-problem.ps.Z, 1994. Baybutt, P., An Asset-Based Approach for Industrial Cyber Security Vulnerability Analysis Abrial, J-R. Javaux, D., et al, A Methodology for Analyzing Human-Automation Interactions in Flight Operations Using Formal Verification Techniques Zhu, B., Joseph, A. and Sastry, S., A Taxonomy of Cyber Attacks on SCADA Systems, Proceedings of the International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing, pages 380-388, 2011. Burmester, Magkos, Chrissikopoulos (bib0035) 2012; 5 Löffler, S. Red Flag 15-3, 2015. Kimball, W. October 2014, Volume 25, Issue 5, pp 1181-1195. Igure, V.M., Laughter, S.A. and Williams, R.D., Security issues in SCADA networks Air Force Institute of Technology Bolton, M. and Bass, E., Using Task Analytic Models and Phenotypes of Erroneous Human Behavior to Discover System Failures Using Model Checking Genge, Siaterlis, Fovino, Masera (bib0040) 2012; 38 Bau, J. and Mitchell, J.C., Security Modeling and Analysis, IEEE Security & Privacy 9, (3), pages 18-25, 2011. DOI: 10.1109/MSP. 2011.2. SANDIA REPORT SAND2014-20533, Unlimited Release, Printed December 2014. 2010 54: 992. 10.1016/j.procs.2016.09.289_bib0015 10.1016/j.procs.2016.09.289_bib0115 Genge (10.1016/j.procs.2016.09.289_bib0040) 2012; 38 10.1016/j.procs.2016.09.289_bib0075 10.1016/j.procs.2016.09.289_bib0010 10.1016/j.procs.2016.09.289_bib0130 10.1016/j.procs.2016.09.289_bib0095 10.1016/j.procs.2016.09.289_bib0135 10.1016/j.procs.2016.09.289_bib0055 10.1016/j.procs.2016.09.289_bib0110 Cardenas (10.1016/j.procs.2016.09.289_bib0030) 2009; 7 Burmester (10.1016/j.procs.2016.09.289_bib0035) 2012; 5 10.1016/j.procs.2016.09.289_bib0060 10.1016/j.procs.2016.09.289_bib0080 10.1016/j.procs.2016.09.289_bib0105 10.1016/j.procs.2016.09.289_bib0005 10.1016/j.procs.2016.09.289_bib0125 10.1016/j.procs.2016.09.289_bib0020 10.1016/j.procs.2016.09.289_bib0120 10.1016/j.procs.2016.09.289_bib0065 10.1016/j.procs.2016.09.289_bib0140 10.1016/j.procs.2016.09.289_bib0085 10.1016/j.procs.2016.09.289_bib0025 10.1016/j.procs.2016.09.289_bib0100 10.1016/j.procs.2016.09.289_bib0045 10.1016/j.procs.2016.09.289_bib0090 10.1016/j.procs.2016.09.289_bib0050 10.1016/j.procs.2016.09.289_bib0070 |
References_xml | – volume: 5 start-page: 118 year: 2012 end-page: 126 ident: bib0035 article-title: Modeling security in cyber-physical systems publication-title: International Journal of Critical Infrastructure Protection contributor: fullname: Chrissikopoulos – volume: 38 start-page: 1146 year: 2012 end-page: 1161 ident: bib0040 article-title: A cyber-physical experimentation environment for the security analysis of networked industrial control systems publication-title: Computers and Electrical Engineering contributor: fullname: Masera – volume: 7 start-page: 1434 year: 2009 end-page: 1447 ident: bib0030 article-title: Rethinking security properties, threat models, and the design space in sensor networks: a case study in SCADA systems publication-title: Ad Hoc Networks contributor: fullname: Sastry – ident: 10.1016/j.procs.2016.09.289_bib0050 doi: 10.1109/SECPRI.2002.1004377 – ident: 10.1016/j.procs.2016.09.289_bib0115 – ident: 10.1016/j.procs.2016.09.289_bib0140 – ident: 10.1016/j.procs.2016.09.289_bib0025 – ident: 10.1016/j.procs.2016.09.289_bib0100 doi: 10.1177/154193121005401315 – ident: 10.1016/j.procs.2016.09.289_bib0060 – ident: 10.1016/j.procs.2016.09.289_bib0070 doi: 10.1007/s10845-013-0760-z – ident: 10.1016/j.procs.2016.09.289_bib0125 – ident: 10.1016/j.procs.2016.09.289_bib0045 doi: 10.1109/CCAC.2015.7345181 – ident: 10.1016/j.procs.2016.09.289_bib0130 – ident: 10.1016/j.procs.2016.09.289_bib0075 – ident: 10.1016/j.procs.2016.09.289_bib0090 – ident: 10.1016/j.procs.2016.09.289_bib0120 doi: 10.1109/iThings/CPSCom.2011.34 – ident: 10.1016/j.procs.2016.09.289_bib0135 – ident: 10.1016/j.procs.2016.09.289_bib0010 doi: 10.1002/prs.680220408 – ident: 10.1016/j.procs.2016.09.289_bib0005 – volume: 38 start-page: 1146 year: 2012 ident: 10.1016/j.procs.2016.09.289_bib0040 article-title: A cyber-physical experimentation environment for the security analysis of networked industrial control systems publication-title: Computers and Electrical Engineering doi: 10.1016/j.compeleceng.2012.06.015 contributor: fullname: Genge – ident: 10.1016/j.procs.2016.09.289_bib0065 – volume: 5 start-page: 118 year: 2012 ident: 10.1016/j.procs.2016.09.289_bib0035 article-title: Modeling security in cyber-physical systems publication-title: International Journal of Critical Infrastructure Protection doi: 10.1016/j.ijcip.2012.08.002 contributor: fullname: Burmester – ident: 10.1016/j.procs.2016.09.289_bib0080 – ident: 10.1016/j.procs.2016.09.289_bib0085 doi: 10.2172/1166644 – ident: 10.1016/j.procs.2016.09.289_bib0095 – ident: 10.1016/j.procs.2016.09.289_bib0105 – volume: 7 start-page: 1434 year: 2009 ident: 10.1016/j.procs.2016.09.289_bib0030 article-title: Rethinking security properties, threat models, and the design space in sensor networks: a case study in SCADA systems publication-title: Ad Hoc Networks doi: 10.1016/j.adhoc.2009.04.012 contributor: fullname: Cardenas – ident: 10.1016/j.procs.2016.09.289_bib0110 doi: 10.1016/j.cose.2006.03.001 – ident: 10.1016/j.procs.2016.09.289_bib0015 – ident: 10.1016/j.procs.2016.09.289_bib0020 doi: 10.1109/ACSAC.2007.27 – ident: 10.1016/j.procs.2016.09.289_bib0055 |
SSID | ssj0000388917 |
Score | 2.2157836 |
Snippet | Several cyber-attacks on the cyber-physical systems (CPS) that monitor and control critical infrastructure were publically announced over the last few years.... |
SourceID | crossref elsevier |
SourceType | Aggregation Database Publisher |
StartPage | 24 |
SubjectTerms | industrial control systems malicious agents model checking vulnerability detection |
Title | A Method for Revealing and Addressing Security Vulnerabilities in Cyber-physical Systems by Modeling Malicious Agent Interactions with Formal Verification |
URI | https://dx.doi.org/10.1016/j.procs.2016.09.289 |
Volume | 95 |
hasFullText | 1 |
inHoldings | 1 |
isFullTextHit | |
isPrint | |
link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1LS8QwEA6iFy--xTdz8GjYpm3azbEuLj7Qg8-9laZJYEXqsq6Cf8Vf60yaioJ48JjQhJKZTr4OM9_H2CFB8KpWNXdR5XiqrOYKJ7gUVmauip3VvkD2Kju9S89HcjTHBl0vDJVVhtjfxnQfrcNML5xmbzIe925EP8-JvUQQ43jmqT8TGZGXn42Ov_IsxHaivPAuPc9pQUc-5Mu86J4g2m6REd9pTHLvv11Q3y6d4QpbCmgRivaFVtmcbdbYcqfEAOHDXGcfBVx6KWhADArX9g3hH95JUDUGCmN8rSsOb4JYHdy_PhHbtC-MxV9lGDcweNd2yifBbBCYzEG_A8ml-d0ucdOaamahoIYs8NnEtjHiBSihC0NCwE9wj27tQjJwg90NT24HpzyoLvA6SfszHqdoIZFXOkkSEeeVTI02kdNSSZPk-O_ttEkcSXY4PG2hq36ttEIgZBEJOkSPm2y-eW7sFgObJXVNTUKxSVOEDsoaKSoh8xpxS9R32-yoO-py0pJrlF3V2WPpLVOSZcpIlWiZbZZ15ih_-EiJ4f-vhTv_XbjLFmnUplz22Pxs-mr3EYTM9AFbKC6uHy4OvLd9Ahx-38M |
link.rule.ids | 314,780,784,3506,4024,27923,27924,27925,45874 |
linkProvider | Elsevier |
linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3LTuswELUQLGBzeVzQ5T0Lltdq83ASL0tFVR5lwUvdWXFsS0VVqKAg8St8LTOOg0BCLFjG0ViRxxkfj2bOYeyIIHhZyYq7bul4Kq3mEge4iKzIXBk7q32B7GU2vE3PxmK8wPptLwyVVYbY38R0H63DSCesZmc2mXSuoyLPib0kIsbxjKg_l1JR5ESgfzo-_ki0EN2J9Mq7ZMDJomUf8nVedFAQb3eUEeFpTHrv351Qn06dwRr7E-Ai9JovWmcLtt5gq60UA4Q_8y9768HIa0EDglC4si-I__BQgrI20DPGF7vi43VQq4O75ynRTfvKWLwrw6SG_qu2j3wW_AaByhz0K5Bemp9thJNWVDQLPerIAp9ObDojnoAyujAgCDyFO9zXLmQDN9nt4OSmP-RBdoFXSVrMeZyii6K81EmSRHFeitRo03VaSGGSHC_fTpvEkWaHE4gGdFlUUktEQhahoEP4uMUW64fa_mNgs6SqqEsoNmmK2EFaI6IyEnmFwKVbuG32v11qNWvYNVRbdnavvGcUeUZ1pULPbLOsdYf6skkUxv-fDHd-a3jIloc3owt1cXp5vstW6E2Tf9lji_PHZ7uPiGSuD_yOewdvgeFJ |
openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=A+Method+for+Revealing+and+Addressing+Security+Vulnerabilities+in+Cyber-physical+Systems+by+Modeling+Malicious+Agent+Interactions+with+Formal+Verification&rft.jtitle=Procedia+computer+science&rft.au=Wardell%2C+Dean+C.&rft.au=Mills%2C+Robert+F.&rft.au=Peterson%2C+Gilbert+L.&rft.au=Oxley%2C+Mark+E.&rft.date=2016&rft.issn=1877-0509&rft.eissn=1877-0509&rft.volume=95&rft.spage=24&rft.epage=31&rft_id=info:doi/10.1016%2Fj.procs.2016.09.289&rft.externalDBID=n%2Fa&rft.externalDocID=10_1016_j_procs_2016_09_289 |
thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1877-0509&client=summon |
thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1877-0509&client=summon |
thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1877-0509&client=summon |