3 research outputs found
Integrating Security in Resource-Constrained Cyber-Physical Systems
Defense mechanisms against network-level attacks are commonly based on the
use of cryptographic techniques, such as message authentication codes that
provide data integrity guarantees. However, such mechanisms require significant
resources, which prevents their continuous use in resource-constrained
cyber-physical systems. Recently, it was shown how physical properties of
plants can be exploited to relax these requirements for systems where sensor
measurements and actuator commands are transmitted over a compromised network;
specifically, intermittent use of data authentication, can still provide
Quality-of-Control (QoC) guarantees even in the presence of false-data
injection attacks. Consequently, in this work we focus on integrating security
into existing systems, in order to protect against these attacks. We introduce
a design-time methodology that incorporates requirements for QoC in the
presence of attacks into end-to-end timing constraints for real-time control
transactions, which include data acquisition and authentication, communication,
and control. This allows us to formulate a mixed integer linear
programming-based method for synthesis of schedulable task and message
parameters (i.e., deadlines and offsets) that maintain timing requirements of
deployed controllers, while adding a sufficient level of protection against
attacks; specifically, this method provides suitable intermittent
authentication policies that ensure the desired QoC levels under attack. To
additionally reduce the security-related bandwidth overhead, we propose the use
of cumulative message authentication. Furthermore, we introduce a method for
opportunistic use of remaining resources to further improve the overall QoC
guarantees while ensuring system schedulability. Finally, we demonstrate
applicability of our methodology on synthetic automotive systems as well as an
automotive case-study
Skip to Secure: Securing Cyber-physical Control Loops with Intentionally Skipped Executions
We consider the problem of provably securing a given control loop
implementation in the presence of adversarial interventions on data exchange
between plant and controller. Such interventions can be thwarted using
continuously operating monitoring systems and also cryptographic techniques,
both of which consume network and computational resources. We provide a
principled approach for intentional skipping of control loop executions which
may qualify as a useful control theoretic countermeasure against stealthy
attacks which violate message integrity and authenticity. As is evident from
our experiments, such a control theoretic counter-measure helps in lowering the
cryptographic security measure overhead and resulting resource consumption in
Control Area Network (CAN) based automotive CPS without compromising
performance and safety.Comment: 9 page
Channels, Remote Estimation and Queueing Systems With A Utilization-Dependent Component: A Unifying Survey Of Recent Results
In this article, we survey the main models, techniques, concepts, and results
centered on the design and performance evaluation of engineered systems that
rely on a utilization-dependent component (UDC) whose operation may depend on
its usage history or assigned workload. Specifically, we report on research
themes concentrating on the characterization of the capacity of channels and
the design with performance guarantees of remote estimation and queueing
systems. Causes for the dependency of a UDC on past utilization include the use
of replenishable energy sources to power the transmission of information among
the sub-components of a networked system, and the assistance of a human
operator for servicing a queue. Our analysis unveils the similarity of the UDC
models typically adopted in each of the research themes, and it reveals the
differences in the objectives and technical approaches employed. We also
identify new challenges and future research directions inspired by the
cross-pollination among the central concepts, techniques, and problem
formulations of the research themes discussed