Cyberphysical Security Through Resiliency: A Systems-Centric Approach

  title={Cyberphysical Security Through Resiliency: A Systems-Centric Approach},
  author={Cody Harrison Fleming and Carl R. Elks and Georgios Bakirtzis and Stephen C. Adams and Bryan T. Carter and Peter A. Beling and Barry M. Horowitz},
Cyberphysical systems require resiliency techniques for defense, and multicriteria resiliency problems need an approach that evaluates systems for current threats and potential design solutions. A systems-oriented view of cyberphysical security, termed Mission Aware, is proposed based on a holistic understanding of mission goals, system dynamics, and risk. 

Figures from this paper

Dynamic Certification for Autonomous Systems
Assurance about autonomous systems requires new certification methods and mathematical tools that can bound the uncertainty engendered by these diverse deployment scenarios, rather than relying on static tools.


A Preliminary Design-Phase Security Methodology for Cyber-Physical Systems
Two methodologies are presented that can augment and enhance existing systems engineering approaches with model-based evidence for identifying and prioritizing appropriate resiliency strategies for implementation in a given system and mission.
A systems approach for eliciting mission-centric security requirements
A systems-theoretic analysis approach that combines stakeholder perspectives with a modified version of Systems-Theoretic Accident Model and Process (STAMP) that allows decision-makers to strategically enhance the safety, resilience, and security of a cyber-physical system against potential threats is presented.
Fundamental Challenges of Cyber-Physical Systems Security Modeling
It is posited that cyber-physical systems security modeling is practiced insufficiently because it is still addressed similarly to information technology systems.
Cyber Security of Water SCADA Systems—Part I: Analysis and Experimentation of Stealthy Deception Attacks
The deception attack presented here can enable remote water pilfering from automated canal systems and is reported on a field-operational test attack on the Gignac canal system located in Southern France.
A System‐Aware Cyber Security architecture
Key elements of the System‐Aware Cyber Security architecture are presented and it is shown how they can be integrated to mitigate the risks of insider and supply chain attacks.
The Cyber-Physical Systems Revolution
Cyber-physical systems constitute a disruptive technology across many industries, with a strong impact on economies and social processes, and their applications in many domains brings challenges in technology, business, law and ethics.
Resilience metrics for cyber systems
A generic approach is proposed that could integrate actual data, technical judgment, and literature-based measures to assess system resilience across physical, information, cognitive, and social domains and link national policy goals to specific system measures, such that resource allocation decisions can be translated into actionable interventions and investments.
Data-Driven Vulnerability Exploration for Design Phase System Analysis
By using CYBOK, security analysts and system designers can work together to assess the overall security posture of systems early in their lifecycle, during major design decisions and before final product designs, consequently, assisting in applying security earlier and throughout the systems lifecycle.
An integrated approach to safety and security based on systems theory
Applying a more powerful new safety methodology to security risks is applied and shows clear signs of improvement in the quality of data and in the predictability of outcomes.
Research Challenges for the Security of Control Systems
This paper proposes a new mathematical framework to analyze attacks against control systems and formulates specific research problems to detect attacks, and survive attacks.