Design and Run-Time Aspects of Secure Cyber-Physical Systems
Book Chapter
Fournaris, AP, Komninos, A, Lalos, AS et al. (2019). Design and Run-Time Aspects of Secure Cyber-Physical Systems
. 357-382. 10.1007/978-3-030-25312-7_13
Fournaris, AP, Komninos, A, Lalos, AS et al. (2019). Design and Run-Time Aspects of Secure Cyber-Physical Systems
. 357-382. 10.1007/978-3-030-25312-7_13
Cyber-Physical Systems (CPSs) combine computational and physical components enabling real-world interaction. Digitization, decentralization, and high connectivity, as well as incorporation of various enabling technologies, raise various security issues. These security concerns may affect safety, endangering assets and even human lives. This is especially true for CPS utilization in different sectors of great significance, including manufacturing or critical infrastructures, creating a need for efficiently handling relevant security issues. Including security as part of a software-intensive technical system (i.e., the CPS) that can be distributed and highly resilient highlights the need for appropriate security methodologies to be applied on the CPS from the engineering stage during CPS design. The efficient security-related processes that are implemented at design time have an impact on security monitoring during the CPS operational phase (at run-time). Efficient and accurate security monitoring that follows security-by-design principles can be a potent tool in the hands of the CPS manager for detecting and mitigating cyber threats. Monitoring traffic and activity at the system boundaries, detecting changes to device status and configuration, detecting suspicious activity indicating attacks, detecting unauthorized activity that is suspicious or violates security policies, and timely responding to security incidents and recovering from them are issues that need to be efficiently tackled with by security monitoring. In this chapter, we explore the various CPS cybersecurity threats and discuss how adding security as a parameter at the CPS design phase can provide a well-structured and efficient approach on providing strong securityCPS foundations.Newtechnologies onCPS security design are presented and emerging security directions are discussed. Furthermore, in the chapter, the different aspects of security monitoring are presented with a special emphasis on CPSs, discussing the various existing monitoring approaches that are followed in order to detect security issues at run-time. Specific use cases of CPSs in the manufacturing domain and with reference to critical infrastructures are also detailed and security requirements like confidentiality, integrity, and availability are discussed.
