{"title":"从crc到弹性控制系统:区分网络物理系统保护的可靠性和安全性","authors":"A. Cárdenas","doi":"10.1145/2566468.2566469","DOIUrl":null,"url":null,"abstract":"In this talk I will discuss the need to establish clear differences between reliability and security for protecting cyber-physical systems (CPS). This is particularly important given the recent interest from researchers in exploring the vulnerability of a CPS when an attacker has partial control of the sensor or actuator signals, which has led to the proposal of several anomaly detection schemes for CPS by using data collected from physical sensors (as opposed to traditional network sensors). In the general setting, data obtained from normal behavior of the system is used to create a model and then any outlier is considered an anomaly and a potential failure or attack; however, this line of research is very similar to the fault-detection, and safety mechanisms that have been deployed in control systems for decades. In particular, the protection of control systems has traditionally been enforced by several safety mechanisms, which include bad data detection, protective relays, safety shutdowns, interlock systems, robust control, and fault-tolerant control; however, so far there has not been a systematic study that tries to identify how much these protection mechanisms can help against attacks (as opposed to failures or accidents), and how can they be broken by an attacker and potentially fixed by a system designer that incorporates attack models in the design of their system. In this talk I describe how current protection mechanisms are analogous to how error correcting codes are used in communications: they protect against a vast majority of random faults and accidents; however they are not secure against attacks - the way cryptographic hash functions are. As a community we need to revisit protection mechanisms available from control theory and then analyze them from a security perspective, giving new guidelines on security metrics and new ways to design attack-resilient CPS. In addition, we also need to avoid falling into the trap of proposing security mechanisms that are evaluated using similar tools from reliability.","PeriodicalId":339979,"journal":{"name":"Proceedings of the 3rd international conference on High confidence networked systems","volume":"15 5-6","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"From CRCs to resilient control systems: differentiating between reliability and security for the protection of cyber-physical systems\",\"authors\":\"A. Cárdenas\",\"doi\":\"10.1145/2566468.2566469\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this talk I will discuss the need to establish clear differences between reliability and security for protecting cyber-physical systems (CPS). This is particularly important given the recent interest from researchers in exploring the vulnerability of a CPS when an attacker has partial control of the sensor or actuator signals, which has led to the proposal of several anomaly detection schemes for CPS by using data collected from physical sensors (as opposed to traditional network sensors). In the general setting, data obtained from normal behavior of the system is used to create a model and then any outlier is considered an anomaly and a potential failure or attack; however, this line of research is very similar to the fault-detection, and safety mechanisms that have been deployed in control systems for decades. In particular, the protection of control systems has traditionally been enforced by several safety mechanisms, which include bad data detection, protective relays, safety shutdowns, interlock systems, robust control, and fault-tolerant control; however, so far there has not been a systematic study that tries to identify how much these protection mechanisms can help against attacks (as opposed to failures or accidents), and how can they be broken by an attacker and potentially fixed by a system designer that incorporates attack models in the design of their system. In this talk I describe how current protection mechanisms are analogous to how error correcting codes are used in communications: they protect against a vast majority of random faults and accidents; however they are not secure against attacks - the way cryptographic hash functions are. As a community we need to revisit protection mechanisms available from control theory and then analyze them from a security perspective, giving new guidelines on security metrics and new ways to design attack-resilient CPS. In addition, we also need to avoid falling into the trap of proposing security mechanisms that are evaluated using similar tools from reliability.\",\"PeriodicalId\":339979,\"journal\":{\"name\":\"Proceedings of the 3rd international conference on High confidence networked systems\",\"volume\":\"15 5-6\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-04-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 3rd international conference on High confidence networked systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2566468.2566469\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 3rd international conference on High confidence networked systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2566468.2566469","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
From CRCs to resilient control systems: differentiating between reliability and security for the protection of cyber-physical systems
In this talk I will discuss the need to establish clear differences between reliability and security for protecting cyber-physical systems (CPS). This is particularly important given the recent interest from researchers in exploring the vulnerability of a CPS when an attacker has partial control of the sensor or actuator signals, which has led to the proposal of several anomaly detection schemes for CPS by using data collected from physical sensors (as opposed to traditional network sensors). In the general setting, data obtained from normal behavior of the system is used to create a model and then any outlier is considered an anomaly and a potential failure or attack; however, this line of research is very similar to the fault-detection, and safety mechanisms that have been deployed in control systems for decades. In particular, the protection of control systems has traditionally been enforced by several safety mechanisms, which include bad data detection, protective relays, safety shutdowns, interlock systems, robust control, and fault-tolerant control; however, so far there has not been a systematic study that tries to identify how much these protection mechanisms can help against attacks (as opposed to failures or accidents), and how can they be broken by an attacker and potentially fixed by a system designer that incorporates attack models in the design of their system. In this talk I describe how current protection mechanisms are analogous to how error correcting codes are used in communications: they protect against a vast majority of random faults and accidents; however they are not secure against attacks - the way cryptographic hash functions are. As a community we need to revisit protection mechanisms available from control theory and then analyze them from a security perspective, giving new guidelines on security metrics and new ways to design attack-resilient CPS. In addition, we also need to avoid falling into the trap of proposing security mechanisms that are evaluated using similar tools from reliability.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
