An Approach for Formal Analysis of the Security of a Water Treatment Testbed
Abstract
An increase in the number of attacks on cyberphysical systems (CPS) has raised concerns over the vulnerability of critical infrastructure such as water treatment, oil, gas plants, against cyber attacks. Such systems are controlled by an Industrial Control System (ICS) that includes controllers communicating with each other, and with physical sensors and actuators, using a communications network. This paper focuses on a Multiple Security Domain Nondeducibility (MSDND) model to identify the vulnerable points of attack on the system that hide critical information rather than steal it, such as in the STUXNET virus. It is shown how MSDND analysis, conducted on a realistic multi-stage water treatment testbed, is useful in enhancing the security of a water treatment plant. Based on the MSDND analysis, this work offers a thorough documentation on the vulnerable points of attack, invariants used for removing the vulnerabilities, and suggested design decisions that help in developing invariants to mitigate attacks.
Recommended Citation
S. S. Patlolla et al., "An Approach for Formal Analysis of the Security of a Water Treatment Testbed," Proceedings of the IEEE 23rd Pacific Rim International Symposium on Dependable Computing (2018, Taipei, Taiwan), pp. 115 - 124, IEEE Computer Society, Dec 2018.
The definitive version is available at https://doi.org/10.1109/PRDC.2018.00022
Meeting Name
IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018 (2018: Dec. 4-7, Taipei, Taiwan)
Department(s)
Computer Science
Research Center/Lab(s)
Intelligent Systems Center
Keywords and Phrases
Design; Embedded systems; Gas plants; Intelligent control; Network security; Testbeds; Viruses; Cyber security; Cyber-Physical securities; Information flows; Invariants; Msdnd; Water treatment; Cyber physical security
International Standard Book Number (ISBN)
978-1-5386-5700-3
International Standard Serial Number (ISSN)
2473-3105
Document Type
Article - Conference proceedings
Document Version
Citation
File Type
text
Language(s)
English
Rights
© 2018 IEEE Computer Society, All rights reserved.
Publication Date
01 Dec 2018
Comments
Part of this work was supported by research grant NRF2014-NCR-NCR001-040 from the National Research Foundation, Singapore University of Technology and Design, National Institute of Standards and Technology, Grant Number 70NANB13H183 and with support from the Missouri S&T Intelligent Systems Center and by a grant from the US National Science Foundation under award number CNS-1505610.