Publication Type
Conference Proceeding Article
Version
acceptedVersion
Publication Date
10-2020
Abstract
The threats faced by cyber-physical systems (CPSs) in critical infrastructure have motivated the development of different attack detection mechanisms, such as those that monitor for violations of invariants, i.e. properties that always hold in normal operation. Given the complexity of CPSs, several existing approaches focus on deriving invariants automatically from data logs, but these can miss possible system behaviours if they are not represented in that data. Furthermore, resolving any design flaws identified in this process is costly, as the CPS is already built. In this position paper, we propose a systematic method for deriving invariants before a CPS is built by analysing its functional requirements. Our method, inspired by the axiomatic design methodology for systems, iteratively analyses dependencies in the design to construct equations and process graphs that model the invariant relationships between CPS components. As a preliminary study, we applied it to the design of a water treatment plant testbed, implementing checkers for two invariants by using decision trees, and finding that they could detect some examples of attacks on the testbed with high accuracy and without false positives. Finally, we explore how developing our method further could lead to more robust CPSs and reduced costs by identifying design weaknesses before systems are implemented.
Keywords
cyber-physical systems, systematic design framework, anomaly detection, axiomatic design, supervised machine learning
Discipline
Information Security | Software Engineering
Research Areas
Cybersecurity; Software and Cyber-Physical Systems
Publication
Proceedings of the 6th ACM Cyber-Physical System Security Workshop (CPSS 2020), Taipei, Taiwan, 2020 October 6
First Page
11
Last Page
22
Identifier
10.1145/3384941.3409589
Publisher
ACM
City or Country
Taipei, Taiwan (Virtual)
Citation
1
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
https://doi.org/10.1145/3384941.3409589