The issue of cyber-security has become ever more prevalent in the analysis and design of networked systems. In this paper, we analyze networked control systems in the presence of denial-of-service (DoS) attacks, namely attacks that prevent transmissions over the network. We characterize frequency and duration of the DoS attacks under which input-to-state stability (ISS) of the closed-loop system can be preserved. To achieve ISS, a suitable scheduling of the transmission times is determined. It is shown that the considered framework is flexible enough so as to allow the designer to choose from several implementation options that can be used for trading-off performance versus communication resources. Examples are given to substantiate the analysis.

Input-to-State Stabilizing Control Under Denial-of-Service

With the exponential growth of cyber-physical systems (CPSs), new security challenges have emerged. Various vulnerabilities, threats, attacks, and controls have been introduced for the new generation of CPS. However, there lacks a systematic review of the CPS security literature. In particular, the heterogeneity of CPS components and the diversity of CPS systems have made it difficult to study the problem with one generalized model. In this paper, we study and systematize existing research on CPS security under a unified framework. The framework consists of three orthogonal coordinates: 1) from the security perspective, we follow the well-known taxonomy of threats, vulnerabilities, attacks and controls; 2) from the CPS components perspective, we focus on cyber, physical, and cyber-physical components; and 3) from the CPS systems perspective, we explore general CPS features as well as representative systems (e.g., smart grids, medical CPS, and smart cars). The model can be both abstract to show general interactions of components in a CPS application, and specific to capture any details when needed. By doing so, we aim to build a model that is abstract enough to be applicable to various heterogeneous CPS applications; and to gain a modular view of the tightly coupled CPS components. Such abstract decoupling makes it possible to gain a systematic understanding of CPS security, and to highlight the potential sources of attacks and ways of protection. With this intensive literature review, we attempt to summarize the state-of-the-art on CPS security, provide researchers with a comprehensive list of references, and also encourage the audience to further explore this emerging field.

https://ieeexplore.ieee.org/ielaam/6488907/8172502/7924372-aam.pdf

Cyber-Physical Systems Security—A Survey

Cyberphysical systems (CPSs) are new class of engineered systems that offer close interaction between cyber and physical components. The field of CPS has been identified as a key area of research, and CPSs are expected to play a major role in the design and development of future systems. In this paper, we survey recent advancements made in the development and applications of CPSs. We classify the existing research work based on their characteristics and identify the future challenges. We also discuss the examples of prototypes of CPSs. The aim of this survey is to enable researchers and system designers to get insights into the working and applications of CPSs and motivate them to propose novel solutions for making wide-scale adoption of CPS a tangible reality.

Design Techniques and Applications of Cyberphysical Systems: A Survey

At some point in the future, how far out we do not exactly know, wireless access to the Internet will outstrip all other forms of access bringing the freedom of mobility to the way we access the we...

ACM SIGCOMM computer communication review

The electricity industry is now at the verge of a new era—an era that promises, through the evolution of the existing electrical grids to smart grids, more efficient and effective power management, better reliability, reduced production costs, and more environmentally friendly energy generation. Numerous initiatives across the globe, led by both industry and academia, reflect the mounting interest around not only the enormous benefits but also the great risks introduced by this evolution. This paper focuses on issues related to the security of the smart grid and the smart home, which we present as an integral part of the smart grid. Based on several scenarios, we aim to present some of the most representative threats to the smart home/smart grid environment. The threats detected are categorized according to specific security goals set for the smart home/smart grid environment, and their impact on the overall system security is evaluated. A review of contemporary literature is then conducted with the aim of presenting promising security countermeasures with respect to the identified specific security goals for each presented scenario. An effort to shed light on open issues and future research directions concludes this paper.

/pdf/survey-in-smart-grid-and-smart-home-security-issues-1d2counx5m.pdf

Survey in Smart Grid and Smart Home Security: Issues, Challenges and Countermeasures

It is often appealing to assume that existing solutions can be directly applied to emerging engineering domains. Unfortunately, careful investigation of the unique challenges presented by new domains exposes its idiosyncrasies, thus often requiring new approaches and solutions. In this paper, we argue that the “smart” grid, replacing its incredibly successful and reliable predecessor, poses a series of new security challenges, among others, that require novel approaches to the field of cyber security. We will call this new field cyber-physical security. The tight coupling between information and communication technologies and physical systems introduces new security concerns, requiring a rethinking of the commonly used objectives and methods. Existing security approaches are either inapplicable, not viable, insufficiently scalable, incompatible, or simply inadequate to address the challenges posed by highly complex environments such as the smart grid. A concerted effort by the entire industry, the research community, and the policy makers is required to achieve the vision of a secure smart grid infrastructure.

/pdf/cyber-physical-security-of-a-smart-grid-infrastructure-k72rknn16y.pdf

Cyber–Physical Security of a Smart Grid Infrastructure

It is often appealing to assume that existing solutions can be directly applied to emerging engineering do- mains. Unfortunately, careful investigation of the unique chal- lenges presented by new domains exposes its idiosyncrasies, thus often requiring new approaches and solutions. In this paper, we argue that the Bsmart( grid, replacing its incredibly successful and reliable predecessor, poses a series of new se- curity challenges, among others, that require novel approaches to the field of cyber security. We will call this new field cyber- physical security. The tight coupling between information and communication technologies and physical systems introduces new security concerns, requiring a rethinking of the commonly used objectives and methods. Existing security approaches are either inapplicable, not viable, insufficiently scalable, incom- patible, or simply inadequate to address the challenges posed by highly complex environments such as the smart grid. A con- certed effort by the entire industry, the research community, and the policy makers is required to achieve the vision of a secure smart grid infrastructure.

/pdf/cyber-physical-security-of-a-smart-grid-infrastructure-the-vt94msc2o4.pdf

Cyber-Physical Security of a Smart Grid Infrastructure The authors of this paper discuss the limitations of advances, measures to make the smart grid secure, and also to assure continuous power flows and dynamic power pricing.

Recent trends in public-key infrastructure research explore the tradeoff between decreased trust in Certificate Authorities (CAs), resilience against attacks, communication overhead (bandwidth and latency) for setting up an SSL/TLS connection, and availability with respect to verifiability of public key information. In this paper, we propose AKI as a new public-key validation infrastructure, to reduce the level of trust in CAs. AKI integrates an architecture for key revocation of all entities (e.g., CAs, domains) with an architecture for accountability of all infrastructure parties through checks-and-balances. AKI efficiently handles common certification operations, and gracefully handles catastrophic events such as domain key loss or compromise. We propose AKI to make progress towards a public-key validation infrastructure with key revocation that reduces trust in any single entity.

/pdf/accountable-key-infrastructure-aki-a-proposal-for-a-public-254wlbhlvp.pdf

Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure

We present ARPKI, a public-key infrastructure that ensures that certificate-related operations, such as certificate issuance, update, revocation, and validation, are transparent and accountable. ARPKI is the first such infrastructure that systematically takes into account requirements identified by previous research. Moreover, ARPKI is co-designed with a formal model, and we verify its core security property using the Tamarin prover. We present a proof-of-concept implementation providing all features required for deployment. ARPKI efficiently handles the certification process with low overhead and without incurring additional latency to TLS. ARPKI offers extremely strong security guarantees, where compromising n-1 trusted signing and verifying entities is insufficient to launch an impersonation attack. Moreover, it deters misbehavior as all its operations are publicly visible.

/pdf/arpki-attack-resilient-public-key-infrastructure-55j9g3zh8c.pdf

ARPKI: Attack Resilient Public-Key Infrastructure

an impressive effort at raising the general populace's security sensitivity—the awareness of, motivation to use, and knowledge of how to use security and privacy tools—much security advice is ignored and many security tools remain underutilized. Part of the problem may be that we do not yet understand the social processes underlying people's decisions to (1) disseminate information about security and privacy and (2) actually modify their security behaviors (e.g., adopt a new security tool or practice). To that end, we report on a retrospective interview study examining the role of social influence—or, our ability to affect the behaviors and perceptions of others with our own words and actions—in people's decisions to change their security behaviors, as well as the nature of and reasons for their discussions about security. We found that social processes played a major role in a large number of privacy and security-related behavior changes reported by our sample, probably because these processes were effective at raising security sensitivity. We also found that conversations about security were most often driven by the desire to warn or protect others from immediate novel threats observed or experienced, or to gather information about solving an experienced problem. Furthermore, the observability of security feature usage was a key enabler of socially triggered behavior change—both in encouraging the spread of positive behaviors and in discouraging negative behaviors.

/pdf/the-effect-of-social-influence-on-security-sensitivity-zleh9tz820.pdf

Tiffany Hyun-Jin Kim

Papers

Cyber–Physical Security of a Smart Grid Infrastructure

Cyber-Physical Security of a Smart Grid Infrastructure The authors of this paper discuss the limitations of advances, measures to make the smart grid secure, and also to assure continuous power flows and dynamic power pricing.

Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure

ARPKI: Attack Resilient Public-Key Infrastructure

The Effect of Social Influence on Security Sensitivity