Cyber physical attacker

Paper:  The Cyber-Physical Attacker
Author: Roberto Vigo
              DTU Informatics, Technical University of Denmark, Kongens Lyngby, Denmark


Problem: To secure a Cyber Physical System(CPS) completely, we have to understand the attacks that
are possible and thereby understand the security properties of CPS. There is not much work done in the field of security in CPS and hence there is a need for a model to analyze the various attacks in detail.

Solution Approach: This paper proposes an attacker model to analyse the attacks that are possible in a CPS. The attacker model is created from the reference model used to formally define the CPS.
In the reference model, a CPS is formally defined as a pair S = (N , M )
where,  N = {n1 , . . . , nm } the set of components of the system (nodes)
M the topology of the system, represented as a matrix m × m.

The attack of the system depends on the structure of the components ‘n’ such as read/write, reprogram, starve, reveal, remove an insert. These attacks are performed by the adversary who manipulates the node, removes node from network or insert a new node to the network.

Novelty: The idea proposed in the paper is an attacker model :
Given a CPS S = (N , M ), The attacker can be modeled as a set A of pairs (l, C),
where, l : a location in the network where the attacker lies C:  a set of cyber-physical capabilities, each one being a tuple (a, c, r), a is an attack/action, c its cost in terms of energy/time, r the range of the attack expressed as a set of locations in M that could be affected.”

Analysis: The paper also compares the cyber physical attacker model to other existing models such as The Dolev-Yao Model.

Dolev-Yao Model is based on the certain assumptions such as (i) perfect cryptography (cryptographic primitives are unbreakable), (ii) the attacker controls the communication medium, and (iii) the attacker is a legitimate user.

Comparing this with the proposed attacker model, Dolev Yao model expresses spatial limitations and is incomplete with respect to the adversaries. This is because the adversary lacks the agent compromise mechanism. The proposed attacker model overcome these limitations.

The model is analyzed well and is able to exploit both physical and cyber weaknesses of a cyber physical system. The model can be further analyzed since it shows certain problems that should be researched in order to increase the security features in CPS.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s