Xiaotian Wang, M. Davis, Junjie Zhang, V. Saunders
{"title":"网络物理系统的任务感知脆弱性评估","authors":"Xiaotian Wang, M. Davis, Junjie Zhang, V. Saunders","doi":"10.1109/Trustcom.2015.496","DOIUrl":null,"url":null,"abstract":"Designing secure cyber-physical systems (CPS) is fundamentally important and performing vulnerability assessment becomes indispensable. In this paper, we discuss our ongoing work on building an automated mission-aware vulnerability CPS assessment framework that can accomplish three objectives including i) mapping CPS missions into infrastructural components, ii) evaluating global impact of each vulnerability, and iii) achieving verifiable results and high flexibility. In order to accomplish these objectives, we follow a model-assisted analysis strategy. Specifically, we take advantage of CPS simulator to model the behaviors of CPS components under different missions, our framework facilitates a bottom-up approach to construct a holistic model of a CPS that aim at profiling relationships among all CPS components. Formal methods, including program symbolic execution, logic programming, and linear optimization, have been employed to analyze the model, which build mathematical rigor into our framework. The framework first identifies mission-critical components, then discovers all attack paths from system access points to mission-critical components, and finally recommends the optimized mitigation plan.","PeriodicalId":277092,"journal":{"name":"2015 IEEE Trustcom/BigDataSE/ISPA","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Mission-Aware Vulnerability Assessment for Cyber-Physical Systems\",\"authors\":\"Xiaotian Wang, M. Davis, Junjie Zhang, V. Saunders\",\"doi\":\"10.1109/Trustcom.2015.496\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Designing secure cyber-physical systems (CPS) is fundamentally important and performing vulnerability assessment becomes indispensable. In this paper, we discuss our ongoing work on building an automated mission-aware vulnerability CPS assessment framework that can accomplish three objectives including i) mapping CPS missions into infrastructural components, ii) evaluating global impact of each vulnerability, and iii) achieving verifiable results and high flexibility. In order to accomplish these objectives, we follow a model-assisted analysis strategy. Specifically, we take advantage of CPS simulator to model the behaviors of CPS components under different missions, our framework facilitates a bottom-up approach to construct a holistic model of a CPS that aim at profiling relationships among all CPS components. Formal methods, including program symbolic execution, logic programming, and linear optimization, have been employed to analyze the model, which build mathematical rigor into our framework. The framework first identifies mission-critical components, then discovers all attack paths from system access points to mission-critical components, and finally recommends the optimized mitigation plan.\",\"PeriodicalId\":277092,\"journal\":{\"name\":\"2015 IEEE Trustcom/BigDataSE/ISPA\",\"volume\":\"36 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-08-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE Trustcom/BigDataSE/ISPA\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/Trustcom.2015.496\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE Trustcom/BigDataSE/ISPA","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/Trustcom.2015.496","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Mission-Aware Vulnerability Assessment for Cyber-Physical Systems
Designing secure cyber-physical systems (CPS) is fundamentally important and performing vulnerability assessment becomes indispensable. In this paper, we discuss our ongoing work on building an automated mission-aware vulnerability CPS assessment framework that can accomplish three objectives including i) mapping CPS missions into infrastructural components, ii) evaluating global impact of each vulnerability, and iii) achieving verifiable results and high flexibility. In order to accomplish these objectives, we follow a model-assisted analysis strategy. Specifically, we take advantage of CPS simulator to model the behaviors of CPS components under different missions, our framework facilitates a bottom-up approach to construct a holistic model of a CPS that aim at profiling relationships among all CPS components. Formal methods, including program symbolic execution, logic programming, and linear optimization, have been employed to analyze the model, which build mathematical rigor into our framework. The framework first identifies mission-critical components, then discovers all attack paths from system access points to mission-critical components, and finally recommends the optimized mitigation plan.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
