This paper presents a general theory of event compensation as an information flow security enforcement mechanism for Cyber-Physical Systems (CPSs). The fundamental research problem being investigated is that externally observable events in modern CPSs have the propensity to divulge sensitive settings to adversaries, resulting in a confidentiality violation. This is a less studied yet emerging concern in modern system security. A viable method to mitigate such violations is to use information flow security based enforcement mechanisms since access control based security models cannot impose restrictions on information propagation. Further, the disjoint nature of security analysis is not appropriate for systems with highly integrated physical and cyber infrastructures. The proposed compensation based security framework is foundational work that unifies cyber and physical aspects of security through the shared semantics of information flow. A DC circuit example is presented to demonstrate this concept.
T. T. Gamage et al., "Enforcing Information Flow Security Properties in Cyber-Physical Systems: A Generalized Framework Based on Compensation," Proceedings of the 2010 IEEE 34th Annual Computer Software and Applications Conference Workshops (COMPSACW), Institute of Electrical and Electronics Engineers (IEEE), Jul 2010.
The definitive version is available at http://dx.doi.org/10.1109/COMPSACW.2010.36
2010 IEEE 34th Annual Computer Software and Applications Conference Workshops (COMPSACW)
Future Renewable Electric Energy Distribution Management Center
Missouri University of Science and Technology. Intelligent Systems Center
National Science Foundation (U.S.)
Keywords and Phrases
Cyber-Physical Systems; Execution Monitoring Enforcement; Information Flow Security; Runtime Security
Article - Conference proceedings
© 2010 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.