Identifying Security-Critical Cyber-Physical Components in Industrial Control Systems

In recent years, Industrial Control Systems (ICS) have become an appealing target for cyber attacks, having massive destructive consequences. Security metrics are therefore essential to assess their security posture. In this paper, we present a novel ICS security metric based on AND/OR graphs that represent cyber-physical dependencies among network components. Our metric is able to efficiently identify sets of critical cyber-physical components, with minimal cost for an attacker, such that if compromised, the system would enter into a non-operational state. We address this problem by efficiently transforming the input AND/OR graph-based model into a weighted logical formula that is then used to build and solve a Weighted Partial MAX-SAT problem. Our tool, META4ICS, leverages state-of-the-art techniques from the field of logical satisfiability optimisation in order to achieve efficient computation times. Our experimental results indicate that the proposed security metric can efficiently scale to networks with thousands of nodes and be computed in seconds. In addition, we present a case study where we have used our system to analyse the security posture of a realistic water transport network. We discuss our findings on the plant as well as further security applications of our metric.Comment: Keywords: Security metrics, industrial control systems, cyber-physical systems, AND-OR graphs, MAX-SAT resolutio

Quantum Security for the Physical Layer

The physical layer describes how communication signals are encoded and transmitted across a channel. Physical security often requires either restricting access to the channel or performing periodic manual inspections. In this tutorial, we describe how the field of quantum communication offers new techniques for securing the physical layer. We describe the use of quantum seals as a unique way to test the integrity and authenticity of a communication channel and to provide security for the physical layer. We present the theoretical and physical underpinnings of quantum seals including the quantum optical encoding used at the transmitter and the test for non-locality used at the receiver. We describe how the envisioned quantum physical sublayer senses tampering and how coordination with higher protocol layers allow quantum seals to influence secure routing or tailor data management methods. We conclude by discussing challenges in the development of quantum seals, the overlap with existing quantum key distribution cryptographic services, and the relevance of a quantum physical sublayer to the future of communication security.Comment: 7 pages, 6 figure