We describe an approach for analysing and attacking the physical part (a process) of a cyber-physical system. Thestages of this approach are demonstrated in a case study, a simulation of a vinyl acetate monomer plant. We wantto demonstrate in particular where security has to rely on expert knowledge in the domain of the physical componentsand processes of a system and that there are major chal-lenges for converting cyber attacks into successful cyber-physical attacks.
Cyber-Physical Systems (CPS) are monitored and controlled by a wide variety of sensors and controllers. The securityof our cyber-physical critical infrastructures depends on the integrity of these devices and the software they execute;however, it has been repeatedly demonstrated that most of the devices interacting with the physical world (sensors andcontrollers) are extremely fragile to security incidents. The insecurity of these devices ranges from insecure-by-designimplementations (e.g., devices that have a backdoor used for troubleshooting) to the inability to apply software updates tovulnerable devices.
This paper focuses on the challenges of modeling cyber–physical systems (CPSs) that arise from the intrinsicheterogeneity, concurrency, and sensitivity to timing of such systems. It uses a portion of an aircraft vehicle managementsystem (VMS), specifically the fuel management subsystem, to illustrate the challenges, and then discusses technologiesthat at least partially address the challenges. Specific technologies described include hybrid system modeling and simula-tion, concurrent and heterogeneous models of computation, the use of domain-specific ontologies to enhance modularity,and the joint modeling of functionality and implementation architectures.
Please complete the form below to download the document [DOCUMENT_TITLE]