Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dr. Fei Hu { Department of Electrical and Computer Engineering University of Alabama Tuscaloosa, Alabama Introduction to.

Published byTracey Lyons Modified over 8 years ago

Similar presentations

Presentation on theme: "Dr. Fei Hu { Department of Electrical and Computer Engineering University of Alabama Tuscaloosa, Alabama Introduction to."— Presentation transcript:

1 Dr. Fei Hu { fei@eng.ua.edu }fei@eng.ua.edu Department of Electrical and Computer Engineering University of Alabama Tuscaloosa, Alabama Introduction to CPS Security 1

2 Motivation "Cyber-Physical Systems (CPS) is a critical part of the national cyber infrastructure. Security threats to CPS pose significant risk to the health and safety of human lives, threaten severe damage to the environment, and could impose an adverse impact on the U.S. economy." "Cyber-Physical Systems (CPS) is a critical part of the national cyber infrastructure. Security threats to CPS pose significant risk to the health and safety of human lives, threaten severe damage to the environment, and could impose an adverse impact on the U.S. economy." - Homeland Security, Dr. Nabil Adam, 2010. 2

3 CPS Security: What? 3

4 CPS Security: Why? Cannot simply use conventional, general cyber security schemes to achieve all CPS protections. Cannot simply use conventional, general cyber security schemes to achieve all CPS protections. This is because most CPS security solutions need to be closely integrated with the underlying physical process control features. This is because most CPS security solutions need to be closely integrated with the underlying physical process control features. 4

5 CPS Security: Example IMD Wireless Powering security IMD Wireless Powering security 5 - It is meaningless to use conventional cryptographies to encrypt the power charge waves - Energy transfer is entirely different from data transfer

6 Motivation “It is estimated that as much as 10% of all high-tech products sold globally are counterfeit which leads to a conservative estimate of $100 billion of revenue loss.” “It is estimated that as much as 10% of all high-tech products sold globally are counterfeit which leads to a conservative estimate of $100 billion of revenue loss.” [Guajardo et al, 2008] [Guajardo et al, 2008] Several invasive and semi-invasive physical Several invasive and semi-invasive physical tampering methods have been developed, tampering methods have been developed, which made it possible to learn the ROM- which made it possible to learn the ROM- based keys through attacks and compromise based keys through attacks and compromise systems by using counterfeit copies of the systems by using counterfeit copies of the secret information. secret information.

7 7

8 8

9 Layered Architecture and Modularized Design 9

10 10

11 A Holistic Viewpoint 11

12 A Possible Solution: Defense ‐ in ‐ Depth 12

13 13 A Data Mining Approach to CPS Security

14 Use Historical Data for Anomaly Detection 14

15 15

16 16

17 CPS Smart grid Interactions e e a a c c b b d d e e a a c c b b d d e e At this IEM, information obtained from the observable physical event yields information about the cyber command (b) SST PHEV Load PV DGI SST PHEV Load Wind DGI SST Battery Load PV DGI a a b b c c d d Read state of Physical system a a Issue command to make a setting b b Message exchange including partial state information c c Power draw or contribution on the shared power bus d d e e Event due to physical flow on the shared power bus e e IEM 1 IEM 2 IEM 3

18 Information flow usecase of a CPS

19 Information Flow Security aims at guaranteeing that no high level (confidential) information is revealed to users at a low level, even in the presence of any possible cyber/physical process Potential information flow models for CPSs: – Non-Interference: Information does not flow from high to low if the high behavior has no effect on what low level observer can observe – Non-Inference: leaves a low level observer in doubt about high level events. – Non-deducibility: Given a set of low-level outputs, no low-level subject should be able to deduce anything about the high-level inputs [Sutherland]. – Composition of deducibly secure systems: not composable [McCullough] – McCullough`s Generalized noninterference-secure property considers non- determinism of real systems

20 PUFs Physical Unclonable Functions(PUFs) -a function which is an innovative circuit primitive that exploits the unique intrinsic uncontrollable physical features which are introduced by manufacturing process variations. -a function which is an innovative circuit primitive that exploits the unique intrinsic uncontrollable physical features which are introduced by manufacturing process variations. Physical Objects Process Variations Unpredictable Behavior Easy to Evaluate Hard to Clone PUFPUF Anti-counterfeiting marks for ICs

21 Thank you! Questions? Questions? 21

Download ppt "Dr. Fei Hu { Department of Electrical and Computer Engineering University of Alabama Tuscaloosa, Alabama Introduction to."

Similar presentations

© 2013 Copyright Southwest Research Institute ® Southwest Research Institute Embedded Systems Security for Automotive October 3, 2013.

© 2013 Copyright Southwest Research Institute ® Southwest Research Institute Embedded Systems Security for Automotive October 3, 2013.
David Grochocki et al.  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just.

David Grochocki et al.  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just.
Novel Reconfigurable Silicon Physical Unclonable Functions Yingjie Lao and Keshab K. Parhi Department of Electrical and Computer Engineering University.

Novel Reconfigurable Silicon Physical Unclonable Functions Yingjie Lao and Keshab K. Parhi Department of Electrical and Computer Engineering University.
1Copyright © 2005 InfoGard Laboratories Proprietary 2005 Physical Security Conference Physical Security 101 Tom Caddy September 26, 2005.

1Copyright © 2005 InfoGard Laboratories Proprietary 2005 Physical Security Conference Physical Security 101 Tom Caddy September 26, 2005.
Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce

Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce
The costs and benefits related to cyber security breaches Chapter 3 – Gordon & Loeb.

The costs and benefits related to cyber security breaches Chapter 3 – Gordon & Loeb.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
Copyright 2002, Center for Secure Information Systems 1 Panel: Role of Data Mining in Cyber Threat Analysis Professor Sushil Jajodia Center for Secure.

Copyright 2002, Center for Secure Information Systems 1 Panel: Role of Data Mining in Cyber Threat Analysis Professor Sushil Jajodia Center for Secure.
Greenbench: A Benchmark for Observing Power Grid Vulnerability Under Data-Centric Threats Mingkui Wei, Wenye Wang Department of Electrical and Computer.

Greenbench: A Benchmark for Observing Power Grid Vulnerability Under Data-Centric Threats Mingkui Wei, Wenye Wang Department of Electrical and Computer.
A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.

A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
GridWise ® Architecture Council Cyber-Physical System Requirements for Transactive Energy Systems Shawn A. Chandler Maseeh College of Electrical and Computer.

GridWise ® Architecture Council Cyber-Physical System Requirements for Transactive Energy Systems Shawn A. Chandler Maseeh College of Electrical and Computer.
IOT5_20110013GISFI # 05, June 20 – 22, 2011, Hyderabad, India 1 Privacy Requirements of User Data in Smart Grids Jaydip Sen Tata Consultancy Services Ltd.

IOT5_ GISFI # 05, June 20 – 22, 2011, Hyderabad, India 1 Privacy Requirements of User Data in Smart Grids Jaydip Sen Tata Consultancy Services Ltd.
Cyber Security of Smart Grid Systems

Cyber Security of Smart Grid Systems
A Secure Protocol for Spontaneous Wireless Ad Hoc Networks Creation.

A Secure Protocol for Spontaneous Wireless Ad Hoc Networks Creation.
Storage Security and Management: Security Framework

Storage Security and Management: Security Framework
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
High Density Packaging User Group

High Density Packaging User Group

Similar presentations

Ads by Google