Towards systematically deriving defence mechanisms from functional requirements of cyber-physical systems

Author

Cheah Huei YOONG
Venkata Reddy PALLETI
Arlindo SILVA
Christopher M. POSKITT, Singapore Management UniversityFollow

Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

10-2020

Abstract

The threats faced by cyber-physical systems (CPSs) in critical infrastructure have motivated the development of different attack detection mechanisms, such as those that monitor for violations of invariants, i.e. properties that always hold in normal operation. Given the complexity of CPSs, several existing approaches focus on deriving invariants automatically from data logs, but these can miss possible system behaviours if they are not represented in that data. Furthermore, resolving any design flaws identified in this process is costly, as the CPS is already built. In this position paper, we propose a systematic method for deriving invariants before a CPS is built by analysing its functional requirements. Our method, inspired by the axiomatic design methodology for systems, iteratively analyses dependencies in the design to construct equations and process graphs that model the invariant relationships between CPS components. As a preliminary study, we applied it to the design of a water treatment plant testbed, implementing checkers for two invariants by using decision trees, and finding that they could detect some examples of attacks on the testbed with high accuracy and without false positives. Finally, we explore how developing our method further could lead to more robust CPSs and reduced costs by identifying design weaknesses before systems are implemented.

Keywords

cyber-physical systems, systematic design framework, anomaly detection, axiomatic design, supervised machine learning

Discipline

Information Security | Software Engineering

Research Areas

Cybersecurity; Software and Cyber-Physical Systems

Publication

Proceedings of the 6th ACM Cyber-Physical System Security Workshop (CPSS 2020), Taipei, Taiwan, 2020 October 6

First Page

11

Last Page

22

Identifier

10.1145/3384941.3409589

Publisher

ACM

City or Country

Taipei, Taiwan (Virtual)

Citation

1

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1145/3384941.3409589