28,568 research outputs found
Identifying Security-Critical Cyber-Physical Components in Industrial Control Systems
In recent years, Industrial Control Systems (ICS) have become an appealing
target for cyber attacks, having massive destructive consequences. Security
metrics are therefore essential to assess their security posture. In this
paper, we present a novel ICS security metric based on AND/OR graphs that
represent cyber-physical dependencies among network components. Our metric is
able to efficiently identify sets of critical cyber-physical components, with
minimal cost for an attacker, such that if compromised, the system would enter
into a non-operational state. We address this problem by efficiently
transforming the input AND/OR graph-based model into a weighted logical formula
that is then used to build and solve a Weighted Partial MAX-SAT problem. Our
tool, META4ICS, leverages state-of-the-art techniques from the field of logical
satisfiability optimisation in order to achieve efficient computation times.
Our experimental results indicate that the proposed security metric can
efficiently scale to networks with thousands of nodes and be computed in
seconds. In addition, we present a case study where we have used our system to
analyse the security posture of a realistic water transport network. We discuss
our findings on the plant as well as further security applications of our
metric.Comment: Keywords: Security metrics, industrial control systems,
cyber-physical systems, AND-OR graphs, MAX-SAT resolutio
Quantum Security for the Physical Layer
The physical layer describes how communication signals are encoded and
transmitted across a channel. Physical security often requires either
restricting access to the channel or performing periodic manual inspections. In
this tutorial, we describe how the field of quantum communication offers new
techniques for securing the physical layer. We describe the use of quantum
seals as a unique way to test the integrity and authenticity of a communication
channel and to provide security for the physical layer. We present the
theoretical and physical underpinnings of quantum seals including the quantum
optical encoding used at the transmitter and the test for non-locality used at
the receiver. We describe how the envisioned quantum physical sublayer senses
tampering and how coordination with higher protocol layers allow quantum seals
to influence secure routing or tailor data management methods. We conclude by
discussing challenges in the development of quantum seals, the overlap with
existing quantum key distribution cryptographic services, and the relevance of
a quantum physical sublayer to the future of communication security.Comment: 7 pages, 6 figure
- …