CRYSTAL framework: Cybersecurity assurance for cyber-physical systems

• Published in: Journal of logical and algebraic methods in programming Vol. 139; p. 100965
• Main Authors: Moradi, Fereidoun, Abbaspour Asadollah, Sara, Pourvatan, Bahman, Moezkarimi, Zahra, Sirjani, Marjan
• Format: Journal Article
• Language: English
• Published: Elsevier Inc 01.06.2024
• Subjects: Attack detection system; Cyber-Physical Systems (CPS); Formal verification; Model abstraction; Runtime monitoring; Tiny Digital Twin; Runtime monitoring; Tiny Digital Twin; Cyber-Physical Systems (CPS); Model abstraction; Attack detection system; Formal verification
• ISSN: 2352-2208; 2352-2216
• DOI: 10.1016/j.jlamp.2024.100965

We propose CRYSTAL framework for automated cybersecurity assurance of cyber-physical systems (CPS) at design-time and runtime. We build attack models and apply formal verification to recognize potential attacks that may lead to security violations. We focus on both communication and computation in designing the attack models. We build a monitor to check and manage security at runtime and use a reference model, called Tiny Digital Twin, in detecting attacks. The Tiny Digital Twin is an abstract behavioral model that is automatically derived from the state space generated by model checking during design-time. Using CRYSTAL, we are able to systematically model and check complex coordinated attacks. In this paper we discuss the applicability of CRYSTAL in security analysis and attack detection for different case studies, Temperature Control System (TCS), Pneumatic Control System (PCS), and Secure Water Treatment System (SWaT). We provide a detailed description of the framework and explain how it works in different cases.