*banner
 

Attack Modeling in Ptolemy: Towards a Secure Design for Cyber-Physical Systems
Armin Wasicek

Citation
Armin Wasicek. "Attack Modeling in Ptolemy: Towards a Secure Design for Cyber-Physical Systems". Talk or presentation, 7, November, 2013; Presented at the 10th Biennial Ptolemy Miniconference, Berkeley.

Abstract
Establishing security properties in a computer system is a challenging task that is often neglected during a system’s design. Adding these properties later during the system’s life cycle is common cause for security deficiencies. For instance, vulnerabilities might come from integration problems, misconfiguration, or the installed protection mechanisms might not cover the intended attack model. This work aims to integrate security engineering techniques in the model-based design flow of Cyber-Physical Systems (CPS). Following a model-based design approach facilitates a rigorous systems engineering approach to the design of a CPS. A first step towards this goal is to formally represent an attack model in the model-based design environment. For instance, the manipulation of a sensor in a CPS might take the shape of a corrupted signal. Within a model-based design environment the impact of the corrupted signal on the overall system can be analyzed. Different modes of attack may result in different corrupted signals in the system. The CPS might respond to the corrupted signals either by continuing correct service (i.e., exhibiting intrusion-tolerant behavior) or by malfunctioning. As a result, the designer gains insights, whether appropriate security mechanisms should be put in place to mitigate the effects from such an attack in subsequent steps in the design flow.

Electronic downloads

Citation formats  
  • HTML
    Armin Wasicek. <a
    href="http://chess.eecs.berkeley.edu/pubs/1039.html"><i>Attack
    Modeling in Ptolemy: Towards a Secure Design for
    Cyber-Physical Systems</i></a>, Talk or
    presentation,  7, November, 2013; Presented at the <a
    href="http://ptolemy.org/conferences/13" >10th
    Biennial Ptolemy Miniconference</a>, Berkeley.
  • Plain text
    Armin Wasicek. "Attack Modeling in Ptolemy: Towards a
    Secure Design for Cyber-Physical Systems". Talk or
    presentation,  7, November, 2013; Presented at the <a
    href="http://ptolemy.org/conferences/13" >10th
    Biennial Ptolemy Miniconference</a>, Berkeley.
  • BibTeX
    @presentation{Wasicek13_AttackModelingInPtolemyTowardsSecureDesignForCyberPhysical,
        author = {Armin Wasicek},
        title = {Attack Modeling in Ptolemy: Towards a Secure
                  Design for Cyber-Physical Systems},
        day = {7},
        month = {November},
        year = {2013},
        note = {Presented at the <a
                  href="http://ptolemy.org/conferences/13" >10th
                  Biennial Ptolemy Miniconference</a>, Berkeley.},
        abstract = {Establishing security properties in a computer
                  system is a challenging task that is often
                  neglected during a system’s design. Adding these
                  properties later during the system’s life cycle
                  is common cause for security deficiencies. For
                  instance, vulnerabilities might come from
                  integration problems, misconfiguration, or the
                  installed protection mechanisms might not cover
                  the intended attack model. This work aims to
                  integrate security engineering techniques in the
                  model-based design flow of Cyber-Physical Systems
                  (CPS). Following a model-based design approach
                  facilitates a rigorous systems engineering
                  approach to the design of a CPS. A first step
                  towards this goal is to formally represent an
                  attack model in the model-based design
                  environment. For instance, the manipulation of a
                  sensor in a CPS might take the shape of a
                  corrupted signal. Within a model-based design
                  environment the impact of the corrupted signal on
                  the overall system can be analyzed. Different
                  modes of attack may result in different corrupted
                  signals in the system. The CPS might respond to
                  the corrupted signals either by continuing correct
                  service (i.e., exhibiting intrusion-tolerant
                  behavior) or by malfunctioning. As a result, the
                  designer gains insights, whether appropriate
                  security mechanisms should be put in place to
                  mitigate the effects from such an attack in
                  subsequent steps in the design flow.},
        URL = {http://chess.eecs.berkeley.edu/pubs/1039.html}
    }
    

Posted by Barb Hoversten on 21 Nov 2013.
Groups: ptolemy
For additional information, see the Publications FAQ or contact webmaster at chess eecs berkeley edu.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.

©2002-2018 Chess