Presentation is loading. Please wait.

Presentation is loading. Please wait.

CYBER - PHYSICAL SECURITY

Published byArnold Cooper Modified over 8 years ago

Similar presentations

Presentation on theme: "CYBER - PHYSICAL SECURITY"— Presentation transcript:

1 CYBER - PHYSICAL SECURITY
James Maki & Mason Vogel

2 WHAT IS IT? Normally a system that monitors behaviour of physical processes and takes actions to correct those behaviors. Two Major Components

3 Cyber Process Network of tiny devices (like sensors)
Can sense, compute, and communicate (wireless)

4 Physical Process Monitored by the cyber system Could be
naturally occurring phenomenon Man-made Combination of the two

5 Example Cyber-Physical Systems
Temperature/Humidity Controlled Labs Sense Temperature Sense Humidity Act accordingly

6 ATTACKING Areas to Attack Physical and control (Physical)
Communication and Network (Cyber) Supervisory and Management (Human) Attack Types Actuator State Data Insert picture of six layer of hierarchical system Common Attack: Eavesdropping Compromised-Key attack Man-in-the-Middle Denial-of-Service

7 Green Lights Forever broadcast on a similar protocol as 802.11 (WLAN)
unencrypted Controller setting may be configured in person or cyber default usernames and passwords Integrate security into system and change from factory default

8 War Games film 1983 SHALL WE PLAY A GAME?

9 Drone Attacks Drones are basically flying computers
Incredibly hard to detect drones Drone crash in Texas

10 Phase of Worm: targeted Winodws machine Siemens Step7 software compromised PLCs Some Features: All actions were done in memory-no disk evidence Self-scalability control-prevent spreading to more than three others uninstall mechanism Code for man-in-the-middle Could have centrifuges tear themselves apart

11 STUXNET WORM targeting highly specialized industrial systems in critical high-security infrastructures (at least 14 sites were infected). Modifying the code running in PLCs in order to make them deviate from their expected behavior. Believed to had sponsorship from a nation-state, it has been suggested it was United States and Israel Other attacks 2000 Maroochy water breach, Brazil 2003 SQL Slammer worm Davis-Besse nuclear plant 2010 Stuxnet Could derail trains, poison water supplies, and cripple power grids (2012 Leon Panetta)

12 DETECTING AN ATTACK Cross-correlator
technique to detect False Data Injection Attacks Intelligent Checker Layer 1: basic process control system Layer 2: alarm and operators Layer 3: safety instrumented systems Secutiry Objective: Integrity Authenticity Confidentiality Big thing is Attack detection and identification

13 Update the system

14 REFERENCES IEEE Control Systems Magazine Feb Cyberphysical Security Stuxnet Worm Impact on Industrial Cyber-Physical System Security, Stamatis Karnouskos SAP Research, Germany, IEEE 2011 The Real Story of Stuxnet, spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet Feb 2013 Countermeasures to Enhance Cyber-Physical System Security and Safety, Giedre Sabaliaukaite and Aditya P. Mathur, 2014 IEEE Green Lights Forever: Analyzing the Security of Traffic Infrastructure, Branden Ghena, William Beyer, Allen Hillaker, Jonathan Pevarnek, and J. Alex Halderman, 2014 Proceedings of the 8th USENIX Workshop on Offensive Technologies (WOOT)

15 REFERENCES Security Issues and Challenges for Cyber Physical System, Eric Ke Wang, Yunming Ye, Xiaofei Xu, S.M. Yiu, L.C.K. HUI, K.P.Chow, 2010 IEEE Cyber-Physical Security via Geometric Control: Distributed Monitoring and Malicious Attacks, Fabio Pasqualetti, Florian Dörfler, and Francesco Bullo, 2012 IEEE Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon, Kim Zetter, 2014

Download ppt "CYBER - PHYSICAL SECURITY"

Similar presentations

International Graduate School Cottbus / IHP microelectronics Im Technologiepark 25 15236 Frankfurt (Oder) Germany IHP Im Technologiepark 25 15236 Frankfurt.

International Graduate School Cottbus / IHP microelectronics Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt.
SCADA Security, DNS Phishing

SCADA Security, DNS Phishing
NFC Security What is NFC? NFC Possible Security Attacks. NFC Security Attacks Countermeasures. Conclusion. References.

NFC Security What is NFC? NFC Possible Security Attacks. NFC Security Attacks Countermeasures. Conclusion. References.
GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.

GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.

Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.
Challenges in Protecting Critical National Infrastructure from Cyber Attacks Singapore University of Technology and Design Aditya P Mathur September 27,

Challenges in Protecting Critical National Infrastructure from Cyber Attacks Singapore University of Technology and Design Aditya P Mathur September 27,
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Vulnerabilities of Windows XP Brock Prince Dana Zottola ECE 578 Spring 2002 C.K. Koc.

Vulnerabilities of Windows XP Brock Prince Dana Zottola ECE 578 Spring 2002 C.K. Koc.
February 21, 2008 Center for Hybrid and Embedded Software Systems Cyber-Physical Systems (CPS): Orchestrating networked.

February 21, 2008 Center for Hybrid and Embedded Software Systems Cyber-Physical Systems (CPS): Orchestrating networked.
Green Lights Forever Analyzing the Security of Traffic Infrastructure Branden Ghena, William Beyer, Allen Hillaker, Jonathan Pevarnek, and J. Alex Halderman.

Green Lights Forever Analyzing the Security of Traffic Infrastructure Branden Ghena, William Beyer, Allen Hillaker, Jonathan Pevarnek, and J. Alex Halderman.
Software-based Code Attestation for Wireless Sensors.

Software-based Code Attestation for Wireless Sensors.
1 Workshop on Research Directions for Security and Networking in Critical Real-Time and Embedded Systems Organizers: NC State University & UNC Chapel Hill.

1 Workshop on Research Directions for Security and Networking in Critical Real-Time and Embedded Systems Organizers: NC State University & UNC Chapel Hill.
Supervision of Production Computers in ALICE Peter Chochula for the ALICE DCS team.

Supervision of Production Computers in ALICE Peter Chochula for the ALICE DCS team.
Introduction to Security Computer Networks Computer Networks Term B10.

Introduction to Security Computer Networks Computer Networks Term B10.
Prepared By: Kopila Sharma 908-37-2749.  Enables communication between two or more system.  Uses standard network protocols for communication.  Do.

Prepared By: Kopila Sharma  Enables communication between two or more system.  Uses standard network protocols for communication.  Do.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World

Similar presentations

Ads by Google