Presentation is loading. Please wait.

Presentation is loading. Please wait.

Integrated Simulation and Emulation Platform for Cyber-Physical System Security Experimentation Wei Yan, Yuan Xue, Xiaowei Li, Jiannian Weng, Timothy Busch,

Published byChastity Wilkinson Modified over 8 years ago

Similar presentations

Presentation on theme: "Integrated Simulation and Emulation Platform for Cyber-Physical System Security Experimentation Wei Yan, Yuan Xue, Xiaowei Li, Jiannian Weng, Timothy Busch,"— Presentation transcript:

1 Integrated Simulation and Emulation Platform for Cyber-Physical System Security Experimentation Wei Yan, Yuan Xue, Xiaowei Li, Jiannian Weng, Timothy Busch, Janos Sztipanovits Vanderbilt University HiCoNS 2012

2 Security Issues of CPS Trustworthiness of software and hardware for cyber- physical systems is an essential concern. Existing systems are built without sufficiently formalized and analyzed properties and guarantees. –Such inadequacies in the system design phase can lead to catastrophic consequences in operations. As CPS become more complex it becomes more challenging to formally analyze the performance, stability, safety and security properties of their behaviors. There is a pressing need to evaluate both cyber- and physical systems together and holistically

3 Security Assessment Tool and Experiment Environment Evaluation of CPS security requires a sophisticated modeling and simulation, experiment infrastructure that allows for the concurrent modeling, simulation and evaluation of –the CPS system architecture (advanced system-of-systems modeling) –Running environment (scenario modeling and generation) –Attack scenario (threat modeling and generation) This requires the integration at two levels –Run-time: integration of multiple tools/environment Simulation, emulation, real testbed so that they can interact in a coordinated way –Modeling: model integration Rapid configuration/deployment

4 Current Solutions ToolTypeCapacityLimitation Truetime in Matlab/Simulink, Modelica, Ptolemy Control system modeling and simulation environment Model complex control algorithms Limited support for network simulation Ns-2, OMNet++Network simulation environment Packet-level simulation of network protocol stack Limited in control system modeling and design PiccSIM, ModelSim, NCSWT[HSCC’12] Integrated modeling and simulation environment of both control and network systems Model control system dynamics and simulate network behavior simultaneously Lack of realistic network accuracy and operating system level details.

5 Our Approach: iSEE Integrating network emulation environment with control system simulation environment –Greater realism and accuracy with truthful protocol implementation and real network traffic delivery –Providing a computing platform where prototypes of software components can be deployed

6 Our Approach: iSEE Two major components –The modeling environment for system specification and experiment configuration. System model of CPS Security experiment scenario configuration –Run-time environment that supports experiment execution: Network emulation platform: DETERlab: large number of tools available for emulate network attacks

7 iSEE Overall Framework Topology Model Network Interaction Model Modeling Environment Model Interpreter Run-Time Environment TCL script Configuration/Control Environment Host Assignmen t DETERlab Emulation Environment NCSWT Simulation Environment … Tap Client EmuGateway Federate RTI Simulink Federate Tap Client Tap Serve r Federates Involving network communication … Network File System Network Application Code Deployment Model

8 Network Deployment Model Meta-Model Model

9 Network Interaction Model Meta-Model Model

10 Network Topology Model Meta-Model Model

11 iSEE Run-time Environment RTI Matlab/ Simulink Federate Emulation Gateway Federate Time Synchronization Data Communication Emulation Host Time Synchronization Data Communication Simulation Environment Emulation Environment

12 iSEE Implementation Architecture EmuGateway Federate Emulation Host for Plant Emulation Host for Controller Simulation Environment Emulation Environment RTI HostMap NodeName: HostIP TapClient RecvCommand SendImage Time Converter HostMap Task buffer TapClient SendCommand RecvImage Time Converter HostMap Task buffer TCP UDP UAV Federate ControlStation Federate TapServer Interaction Handler

13 Experiment Setup

14 Accuracy: comparison with NCSWT NCSWT iSEE Reference

15 NCS WindTunnel [HSCC 2012] Code/demo: http://vanets.vuse.vanderbilt.edu/dokuwiki/doku.php?id=research:cps

16 Impact of Security Attacks 10%20%30% Plots of UAV trajectory for various packet loss rate

17 Summary and Demo iSEE: an integrated simulation and emulation platform for cyber-physical system security experimentation For more info: http://vanets.vuse.vanderbilt.edu/dokuwiki/doku.php?id=research:isee Acknowledgments U.S. Army Research Office and Lockheed Martin (W911NF-10-1-0005) NSF TRUST Science and Technology Center (CCF-0424422) National Science Foundation (NSF) Grants OCI-1127396 Air Force Research Lab

Download ppt "Integrated Simulation and Emulation Platform for Cyber-Physical System Security Experimentation Wei Yan, Yuan Xue, Xiaowei Li, Jiannian Weng, Timothy Busch,"

Similar presentations

TRUST for SCADA: A Simulation-based Experimental Platform

TRUST for SCADA: A Simulation-based Experimental Platform
Presented by: Thabet Kacem Spring 2010. Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.

Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.
Extensible Networking Platform 1 1 - IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood

Extensible Networking Platform IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood
Building Enterprise Applications Using Visual Studio ®.NET Enterprise Architect.

Building Enterprise Applications Using Visual Studio ®.NET Enterprise Architect.
1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson

1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson
1 Experiments and Tools for DDoS Attacks Roman Chertov, Sonia Fahmy, Rupak Sanjel, Ness Shroff Center for Education and Research in Information Assurance.

1 Experiments and Tools for DDoS Attacks Roman Chertov, Sonia Fahmy, Rupak Sanjel, Ness Shroff Center for Education and Research in Information Assurance.
1 GENI: Global Environment for Network Innovations Jennifer Rexford Princeton University

1 GENI: Global Environment for Network Innovations Jennifer Rexford Princeton University
Attacks on Three Tank System Three Tank System Testing Model-Based Security Features Experimental Platform for Model-Based Design of Embedded Systems Matt.

Attacks on Three Tank System Three Tank System Testing Model-Based Security Features Experimental Platform for Model-Based Design of Embedded Systems Matt.
1 GENI: Global Environment for Network Innovations Jennifer Rexford On behalf of Allison Mankin (NSF)

1 GENI: Global Environment for Network Innovations Jennifer Rexford On behalf of Allison Mankin (NSF)
A Model-Driven Framework for Architectural Evaluation of Mobile Software Systems George Edwards Dr. Nenad Medvidovic Center.

A Model-Driven Framework for Architectural Evaluation of Mobile Software Systems George Edwards Dr. Nenad Medvidovic Center.
Anthony Trinh and Rich Zieminski Department of Computer Science, Columbia University { akt2105, rez2107

Anthony Trinh and Rich Zieminski Department of Computer Science, Columbia University { akt2105, rez2107
CASE Tools CIS 376 Bruce R. Maxim UM-Dearborn. Prerequisites to Software Tool Use Collection of useful tools that help in every step of building a product.

CASE Tools CIS 376 Bruce R. Maxim UM-Dearborn. Prerequisites to Software Tool Use Collection of useful tools that help in every step of building a product.
1 Sonia Fahmy Ness Shroff Students: Roman Chertov Rupak Sanjel Center for Education and Research in Information Assurance and Security (CERIAS) Purdue.

1 Sonia Fahmy Ness Shroff Students: Roman Chertov Rupak Sanjel Center for Education and Research in Information Assurance and Security (CERIAS) Purdue.
MOBIES Project Progress Report Engine Throttle Controller Design Using Multiple Models of Computation Edward Lee Haiyang Zheng with thanks to Ptolemy Group.

MOBIES Project Progress Report Engine Throttle Controller Design Using Multiple Models of Computation Edward Lee Haiyang Zheng with thanks to Ptolemy Group.
Draft-li-rtgwg-cc-igp-arch-00IETF 88 RTGWG1 An Architecture of Central Controlled Interior Gateway Protocol (IGP) draft-li-rtgwg-cc-igp-arch-00 Zhenbin.

Draft-li-rtgwg-cc-igp-arch-00IETF 88 RTGWG1 An Architecture of Central Controlled Interior Gateway Protocol (IGP) draft-li-rtgwg-cc-igp-arch-00 Zhenbin.
Annarita Giani, UC Berkeley Bruno Sinopoli & Aakash Shah, Carnegie Mellon University Gabor Karsai & Jon Wiley, Vanderbilt University TRUST 2008 Autumn.

Annarita Giani, UC Berkeley Bruno Sinopoli & Aakash Shah, Carnegie Mellon University Gabor Karsai & Jon Wiley, Vanderbilt University TRUST 2008 Autumn.
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Tcipg.org 1 An Alert Buffer Overflow Attack in DNP3 Controlled SCADA Systems Objectives/Problem Investigate a simple but effective attack to block legitimated.

Tcipg.org 1 An Alert Buffer Overflow Attack in DNP3 Controlled SCADA Systems Objectives/Problem Investigate a simple but effective attack to block legitimated.
TRUST, Autumn 2010 Conference, November 10-11, 2010 Simulation of Network Attacks on SCADA Systems Rohan Chabukswar, Bruno Sinopoli, Gabor Karsai, Annarita.

TRUST, Autumn 2010 Conference, November 10-11, 2010 Simulation of Network Attacks on SCADA Systems Rohan Chabukswar, Bruno Sinopoli, Gabor Karsai, Annarita.
Control Over WirelessHART Network S. Han, X. Zhu, Al Mok University of Texas at Austin M. Nixon, T. Blevins, D. Chen Emerson Process Management.

Control Over WirelessHART Network S. Han, X. Zhu, Al Mok University of Texas at Austin M. Nixon, T. Blevins, D. Chen Emerson Process Management.

Similar presentations

Ads by Google