A Method for Revealing and Addressing Security Vulnerabilities in Cyber-physical Systems by Modeling Malicious Agent Interactions with Formal Verification

Several cyber-attacks on the cyber-physical systems (CPS) that monitor and control critical infrastructure were publically announced over the last few years. Almost without exception, the proposed security solutions focus on preventing unauthorized access to the industrial control systems (ICS) at v...

Full description

Saved in:
Bibliographic Details
Published inProcedia computer science Vol. 95; pp. 24 - 31
Main Authors Wardell, Dean C., Mills, Robert F., Peterson, Gilbert L., Oxley, Mark E.
Format Journal Article
LanguageEnglish
Published Elsevier B.V 2016
Subjects
Online AccessGet full text

Cover

Loading…
Abstract Several cyber-attacks on the cyber-physical systems (CPS) that monitor and control critical infrastructure were publically announced over the last few years. Almost without exception, the proposed security solutions focus on preventing unauthorized access to the industrial control systems (ICS) at various levels – the defense in depth approach. While useful, it does not address the problem of making the systems more capable of responding to the malicious actions of an attacker once they have gained access to the system. The first step in making an ICS more resilient to an attacker is identifying the cyber security vulnerabilities the attacker can use during system design. This paper presents a method that reveals cyber security vulnerabilities in ICS through the formal modeling of the system and malicious agents. The inclusion of the malicious agent in the analysis of an existing systems identifies security vulnerabilities that are missed in traditional functional model checking.
AbstractList Several cyber-attacks on the cyber-physical systems (CPS) that monitor and control critical infrastructure were publically announced over the last few years. Almost without exception, the proposed security solutions focus on preventing unauthorized access to the industrial control systems (ICS) at various levels – the defense in depth approach. While useful, it does not address the problem of making the systems more capable of responding to the malicious actions of an attacker once they have gained access to the system. The first step in making an ICS more resilient to an attacker is identifying the cyber security vulnerabilities the attacker can use during system design. This paper presents a method that reveals cyber security vulnerabilities in ICS through the formal modeling of the system and malicious agents. The inclusion of the malicious agent in the analysis of an existing systems identifies security vulnerabilities that are missed in traditional functional model checking.
Author Wardell, Dean C.
Peterson, Gilbert L.
Oxley, Mark E.
Mills, Robert F.
Author_xml – sequence: 1
  givenname: Dean C.
  surname: Wardell
  fullname: Wardell, Dean C.
  email: dean.wardell@us.af.mil
– sequence: 2
  givenname: Robert F.
  surname: Mills
  fullname: Mills, Robert F.
– sequence: 3
  givenname: Gilbert L.
  surname: Peterson
  fullname: Peterson, Gilbert L.
– sequence: 4
  givenname: Mark E.
  surname: Oxley
  fullname: Oxley, Mark E.
BookMark eNp9kMtKQzEQhoMoeH0CN3mBc0xOem4LF6V4A4tgtduQy8SmnCYlSZXzKj6tqbpw5WxmhuH7GP5TdOi8A4QuKSkpoc3VutwGr2JZ5aUkfVl1_QE6oV3bFqQm_eGf-RhdxLgmuVjX9bQ9QZ9TPIe08hobH_AzvIMYrHvDwmk81TpAjPt1AWoXbBrxcjc4CELawSYLEVuHZ6OEUGxXY7RKDHgxxgSbiOWI517Dt22epcr6XcTTN3AJP7iUJSpZ7yL-sGmFb33YZHgJwZqs2V_O0ZERQ4SL336GXm9vXmb3xePT3cNs-lgoNulSUU1EZWgrJGOMVq2oJ1pqYmTd15q1IJmRmhnSdMTUpKFSdKqXfUNbYFVjasbOEPvxquBjDGD4NtiNCCOnhO8T5mv-nTDfJ8xJz3PCmbr-oSC_9m4h8KgsOAXaBlCJa2__5b8AogiLNA
CitedBy_id crossref_primary_10_1016_j_dib_2021_107166
crossref_primary_10_1016_j_measen_2022_100654
crossref_primary_10_3934_ElectrEng_2019_2_111
crossref_primary_10_1016_j_jlamp_2018_04_001
crossref_primary_10_1016_j_scs_2021_102816
crossref_primary_10_1109_MAES_2018_170021
crossref_primary_10_1016_j_ress_2018_06_011
crossref_primary_10_1080_23744731_2024_2336839
Cites_doi 10.1109/SECPRI.2002.1004377
10.1177/154193121005401315
10.1007/s10845-013-0760-z
10.1109/CCAC.2015.7345181
10.1109/iThings/CPSCom.2011.34
10.1002/prs.680220408
10.1016/j.compeleceng.2012.06.015
10.1016/j.ijcip.2012.08.002
10.2172/1166644
10.1016/j.adhoc.2009.04.012
10.1016/j.cose.2006.03.001
10.1109/ACSAC.2007.27
ContentType Journal Article
Copyright 2016
Copyright_xml – notice: 2016
DBID 6I.
AAFTH
AAYXX
CITATION
DOI 10.1016/j.procs.2016.09.289
DatabaseName ScienceDirect Open Access Titles
Elsevier:ScienceDirect:Open Access
CrossRef
DatabaseTitle CrossRef
DatabaseTitleList
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
EISSN 1877-0509
EndPage 31
ExternalDocumentID 10_1016_j_procs_2016_09_289
S1877050916324619
GroupedDBID --K
0R~
0SF
1B1
457
5VS
6I.
71M
AACTN
AAEDT
AAEDW
AAFTH
AAIKJ
AALRI
AAQFI
AAXUO
ABMAC
ACGFS
ADBBV
ADEZE
AEXQZ
AFTJW
AGHFR
AITUG
ALMA_UNASSIGNED_HOLDINGS
AMRAJ
E3Z
EBS
EJD
EP3
FDB
FNPLU
HZ~
IXB
KQ8
M41
M~E
NCXOZ
O-L
O9-
OK1
P2P
RIG
ROL
SES
SSZ
AAYXX
ACRPL
ADNMO
ADVLN
AKRWK
CITATION
ID FETCH-LOGICAL-c348t-24a2f17ab333127a54dbd0fb595d37eb3fbd3f0680f5061ba8c9b9617e326f533
IEDL.DBID IXB
ISSN 1877-0509
IngestDate Fri Dec 06 01:28:35 EST 2024
Wed May 17 00:58:03 EDT 2023
IsDoiOpenAccess true
IsOpenAccess true
IsPeerReviewed true
IsScholarly true
Keywords industrial control systems
model checking
vulnerability detection
malicious agents
Language English
License This is an open access article under the CC BY-NC-ND license.
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c348t-24a2f17ab333127a54dbd0fb595d37eb3fbd3f0680f5061ba8c9b9617e326f533
OpenAccessLink https://www.sciencedirect.com/science/article/pii/S1877050916324619
PageCount 8
ParticipantIDs crossref_primary_10_1016_j_procs_2016_09_289
elsevier_sciencedirect_doi_10_1016_j_procs_2016_09_289
PublicationCentury 2000
PublicationDate 2016
2016-00-00
PublicationDateYYYYMMDD 2016-01-01
PublicationDate_xml – year: 2016
  text: 2016
PublicationDecade 2010
PublicationTitle Procedia computer science
PublicationYear 2016
Publisher Elsevier B.V
Publisher_xml – name: Elsevier B.V
References 25:498-506, 2006.
Zetter, Kim
Fernandez, B., Blanco, E. and Merezhin, A., Testing & Verification of PLC Code for Process Control
Carpanzano, L., et al, Automated Formal Verification for Flexible Manufacturing Systems
Cardenas, Roosta, Sastry (bib0030) 2009; 7
(CCAC), 1-6 (2015).
Papers from the AAAI Spring Symposium, 2014.
Siemens
2013.
Washington State University, St Louis, MO., 2011. http://www.cse.wustl.edu/∼jain/cse571-11/ftp/ics/index.html.
(S&P’02), 2002.
Ecole Nationale Supérieure des Télécommunications, Département Réseaux, Paris, France, 1998.
Building Technologies, 125-3209, Rev 1, March 2004, section 3, pages 67-80.
Caswell, J.
pages 477-486, 2007.
Combefis, S., Giannakopoulou, D.and Pecheur, C., State Event Models for the Formal Analysis of Human-Machine Interactions
Sparks, S., Embleton, S., Cunningham, R. and Zou, C., Automated Vulnerability Analysis: Leveraging Control Flow for Evolutionary Input Crafting
Armstrong, R.C., Punnoose, R.J., Wong, M.H. and Mayo, J.R.
Sarwate, A., 2015 Industrial Control System Vulnerability Trends, Presentation at RSA Conference 2015, Session SEC-F04, July 2015.
Wired Online, 8 January 2015. http://www.wired.com/2015/01/german-steel-mill-hack-destruction.
Combita, J.F., Giraldo, J., Cardenas, A.A. and Quijano, N., Response and Reconfiguration of Cyber-Physical Control Systems: A survey.
,
17-18.3.2009.
PhD Dissertation, Air Force Institute of Technology, 2013. AFIT -ENG-DS-13-J-03.
Vol. 22, No. 4, pages 220-292, 2003.
2014.
Billman, D., Work Representations for Evaluating and Modeling Human-Machine Systems
Bartha, T., et al, Verification of an Industrial Safety Function Using Coloured Petri Nets and Model Checking, Proceedings of the 14
Yu, W.Y., et al, Modeling and Verification of Online Shopping Business Processes by Considering Malicious Behavior Patterns
Valkonen, J., et al, Formal Verification of Safety Automation Logic Designs
International Conference on Modern Information Technology in the Innovation Processes of the Industrial Enterprises, 2012. pp 472-485.
Sheyner, O., et al, Automated Generation and Analysis of Attack Graphs
http://www.informatik.unikiel.de/∼procos/dag9523/steam-boiler-problem.ps.Z, 1994.
Baybutt, P., An Asset-Based Approach for Industrial Cyber Security Vulnerability Analysis
Abrial, J-R.
Javaux, D., et al, A Methodology for Analyzing Human-Automation Interactions in Flight Operations Using Formal Verification Techniques
Zhu, B., Joseph, A. and Sastry, S., A Taxonomy of Cyber Attacks on SCADA Systems, Proceedings of the International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing, pages 380-388, 2011.
Burmester, Magkos, Chrissikopoulos (bib0035) 2012; 5
Löffler, S.
Red Flag 15-3, 2015.
Kimball, W.
October 2014, Volume 25, Issue 5, pp 1181-1195.
Igure, V.M., Laughter, S.A. and Williams, R.D., Security issues in SCADA networks
Air Force Institute of Technology
Bolton, M. and Bass, E., Using Task Analytic Models and Phenotypes of Erroneous Human Behavior to Discover System Failures Using Model Checking
Genge, Siaterlis, Fovino, Masera (bib0040) 2012; 38
Bau, J. and Mitchell, J.C., Security Modeling and Analysis, IEEE Security & Privacy 9, (3), pages 18-25, 2011. DOI: 10.1109/MSP. 2011.2.
SANDIA REPORT SAND2014-20533, Unlimited Release, Printed December 2014.
2010 54: 992.
10.1016/j.procs.2016.09.289_bib0015
10.1016/j.procs.2016.09.289_bib0115
Genge (10.1016/j.procs.2016.09.289_bib0040) 2012; 38
10.1016/j.procs.2016.09.289_bib0075
10.1016/j.procs.2016.09.289_bib0010
10.1016/j.procs.2016.09.289_bib0130
10.1016/j.procs.2016.09.289_bib0095
10.1016/j.procs.2016.09.289_bib0135
10.1016/j.procs.2016.09.289_bib0055
10.1016/j.procs.2016.09.289_bib0110
Cardenas (10.1016/j.procs.2016.09.289_bib0030) 2009; 7
Burmester (10.1016/j.procs.2016.09.289_bib0035) 2012; 5
10.1016/j.procs.2016.09.289_bib0060
10.1016/j.procs.2016.09.289_bib0080
10.1016/j.procs.2016.09.289_bib0105
10.1016/j.procs.2016.09.289_bib0005
10.1016/j.procs.2016.09.289_bib0125
10.1016/j.procs.2016.09.289_bib0020
10.1016/j.procs.2016.09.289_bib0120
10.1016/j.procs.2016.09.289_bib0065
10.1016/j.procs.2016.09.289_bib0140
10.1016/j.procs.2016.09.289_bib0085
10.1016/j.procs.2016.09.289_bib0025
10.1016/j.procs.2016.09.289_bib0100
10.1016/j.procs.2016.09.289_bib0045
10.1016/j.procs.2016.09.289_bib0090
10.1016/j.procs.2016.09.289_bib0050
10.1016/j.procs.2016.09.289_bib0070
References_xml – volume: 5
  start-page: 118
  year: 2012
  end-page: 126
  ident: bib0035
  article-title: Modeling security in cyber-physical systems
  publication-title: International Journal of Critical Infrastructure Protection
  contributor:
    fullname: Chrissikopoulos
– volume: 38
  start-page: 1146
  year: 2012
  end-page: 1161
  ident: bib0040
  article-title: A cyber-physical experimentation environment for the security analysis of networked industrial control systems
  publication-title: Computers and Electrical Engineering
  contributor:
    fullname: Masera
– volume: 7
  start-page: 1434
  year: 2009
  end-page: 1447
  ident: bib0030
  article-title: Rethinking security properties, threat models, and the design space in sensor networks: a case study in SCADA systems
  publication-title: Ad Hoc Networks
  contributor:
    fullname: Sastry
– ident: 10.1016/j.procs.2016.09.289_bib0050
  doi: 10.1109/SECPRI.2002.1004377
– ident: 10.1016/j.procs.2016.09.289_bib0115
– ident: 10.1016/j.procs.2016.09.289_bib0140
– ident: 10.1016/j.procs.2016.09.289_bib0025
– ident: 10.1016/j.procs.2016.09.289_bib0100
  doi: 10.1177/154193121005401315
– ident: 10.1016/j.procs.2016.09.289_bib0060
– ident: 10.1016/j.procs.2016.09.289_bib0070
  doi: 10.1007/s10845-013-0760-z
– ident: 10.1016/j.procs.2016.09.289_bib0125
– ident: 10.1016/j.procs.2016.09.289_bib0045
  doi: 10.1109/CCAC.2015.7345181
– ident: 10.1016/j.procs.2016.09.289_bib0130
– ident: 10.1016/j.procs.2016.09.289_bib0075
– ident: 10.1016/j.procs.2016.09.289_bib0090
– ident: 10.1016/j.procs.2016.09.289_bib0120
  doi: 10.1109/iThings/CPSCom.2011.34
– ident: 10.1016/j.procs.2016.09.289_bib0135
– ident: 10.1016/j.procs.2016.09.289_bib0010
  doi: 10.1002/prs.680220408
– ident: 10.1016/j.procs.2016.09.289_bib0005
– volume: 38
  start-page: 1146
  year: 2012
  ident: 10.1016/j.procs.2016.09.289_bib0040
  article-title: A cyber-physical experimentation environment for the security analysis of networked industrial control systems
  publication-title: Computers and Electrical Engineering
  doi: 10.1016/j.compeleceng.2012.06.015
  contributor:
    fullname: Genge
– ident: 10.1016/j.procs.2016.09.289_bib0065
– volume: 5
  start-page: 118
  year: 2012
  ident: 10.1016/j.procs.2016.09.289_bib0035
  article-title: Modeling security in cyber-physical systems
  publication-title: International Journal of Critical Infrastructure Protection
  doi: 10.1016/j.ijcip.2012.08.002
  contributor:
    fullname: Burmester
– ident: 10.1016/j.procs.2016.09.289_bib0080
– ident: 10.1016/j.procs.2016.09.289_bib0085
  doi: 10.2172/1166644
– ident: 10.1016/j.procs.2016.09.289_bib0095
– ident: 10.1016/j.procs.2016.09.289_bib0105
– volume: 7
  start-page: 1434
  year: 2009
  ident: 10.1016/j.procs.2016.09.289_bib0030
  article-title: Rethinking security properties, threat models, and the design space in sensor networks: a case study in SCADA systems
  publication-title: Ad Hoc Networks
  doi: 10.1016/j.adhoc.2009.04.012
  contributor:
    fullname: Cardenas
– ident: 10.1016/j.procs.2016.09.289_bib0110
  doi: 10.1016/j.cose.2006.03.001
– ident: 10.1016/j.procs.2016.09.289_bib0015
– ident: 10.1016/j.procs.2016.09.289_bib0020
  doi: 10.1109/ACSAC.2007.27
– ident: 10.1016/j.procs.2016.09.289_bib0055
SSID ssj0000388917
Score 2.2157836
Snippet Several cyber-attacks on the cyber-physical systems (CPS) that monitor and control critical infrastructure were publically announced over the last few years....
SourceID crossref
elsevier
SourceType Aggregation Database
Publisher
StartPage 24
SubjectTerms industrial control systems
malicious agents
model checking
vulnerability detection
Title A Method for Revealing and Addressing Security Vulnerabilities in Cyber-physical Systems by Modeling Malicious Agent Interactions with Formal Verification
URI https://dx.doi.org/10.1016/j.procs.2016.09.289
Volume 95
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1LS8QwEA6iFy--xTdz8GjYpm3azbEuLj7Qg8-9laZJYEXqsq6Cf8Vf60yaioJ48JjQhJKZTr4OM9_H2CFB8KpWNXdR5XiqrOYKJ7gUVmauip3VvkD2Kju9S89HcjTHBl0vDJVVhtjfxnQfrcNML5xmbzIe925EP8-JvUQQ43jmqT8TGZGXn42Ov_IsxHaivPAuPc9pQUc-5Mu86J4g2m6REd9pTHLvv11Q3y6d4QpbCmgRivaFVtmcbdbYcqfEAOHDXGcfBVx6KWhADArX9g3hH95JUDUGCmN8rSsOb4JYHdy_PhHbtC-MxV9lGDcweNd2yifBbBCYzEG_A8ml-d0ucdOaamahoIYs8NnEtjHiBSihC0NCwE9wj27tQjJwg90NT24HpzyoLvA6SfszHqdoIZFXOkkSEeeVTI02kdNSSZPk-O_ttEkcSXY4PG2hq36ttEIgZBEJOkSPm2y-eW7sFgObJXVNTUKxSVOEDsoaKSoh8xpxS9R32-yoO-py0pJrlF3V2WPpLVOSZcpIlWiZbZZ15ih_-EiJ4f-vhTv_XbjLFmnUplz22Pxs-mr3EYTM9AFbKC6uHy4OvLd9Ahx-38M
link.rule.ids 314,780,784,3506,4024,27923,27924,27925,45874
linkProvider Elsevier
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3LTuswELUQLGBzeVzQ5T0Lltdq83ASL0tFVR5lwUvdWXFsS0VVqKAg8St8LTOOg0BCLFjG0ViRxxkfj2bOYeyIIHhZyYq7bul4Kq3mEge4iKzIXBk7q32B7GU2vE3PxmK8wPptLwyVVYbY38R0H63DSCesZmc2mXSuoyLPib0kIsbxjKg_l1JR5ESgfzo-_ki0EN2J9Mq7ZMDJomUf8nVedFAQb3eUEeFpTHrv351Qn06dwRr7E-Ai9JovWmcLtt5gq60UA4Q_8y9768HIa0EDglC4si-I__BQgrI20DPGF7vi43VQq4O75ynRTfvKWLwrw6SG_qu2j3wW_AaByhz0K5Bemp9thJNWVDQLPerIAp9ObDojnoAyujAgCDyFO9zXLmQDN9nt4OSmP-RBdoFXSVrMeZyii6K81EmSRHFeitRo03VaSGGSHC_fTpvEkWaHE4gGdFlUUktEQhahoEP4uMUW64fa_mNgs6SqqEsoNmmK2EFaI6IyEnmFwKVbuG32v11qNWvYNVRbdnavvGcUeUZ1pULPbLOsdYf6skkUxv-fDHd-a3jIloc3owt1cXp5vstW6E2Tf9lji_PHZ7uPiGSuD_yOewdvgeFJ
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=A+Method+for+Revealing+and+Addressing+Security+Vulnerabilities+in+Cyber-physical+Systems+by+Modeling+Malicious+Agent+Interactions+with+Formal+Verification&rft.jtitle=Procedia+computer+science&rft.au=Wardell%2C+Dean+C.&rft.au=Mills%2C+Robert+F.&rft.au=Peterson%2C+Gilbert+L.&rft.au=Oxley%2C+Mark+E.&rft.date=2016&rft.issn=1877-0509&rft.eissn=1877-0509&rft.volume=95&rft.spage=24&rft.epage=31&rft_id=info:doi/10.1016%2Fj.procs.2016.09.289&rft.externalDBID=n%2Fa&rft.externalDocID=10_1016_j_procs_2016_09_289
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1877-0509&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1877-0509&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1877-0509&client=summon