Authors R Mitchell I R Chen Presenter Nikhil Muralidhar 1 Outline Definitions Types of Devices Failures Attackers Countermeasures SPN Model System Initialization Construction Parametrization ID: 524989
Download Presentation The PPT/PDF document "Modeling and Analysis of Attacks and Cou..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Modeling and Analysis of Attacks and Counter Defense Mechanisms for Cyber Physical Systems
Zongtao Lin & Shuqi Zhao
1Slide2
Abstract
Cyber Physical System: modernized electrical grid
Types of failures: attrition, pervasion, and exfiltration
Optimal design conditions: intrusion detection interval, redundancy level
Tradeoff between 3 types of failuresUse redundancy to improve overall system reliability
2Slide3
Introduction
2 lines of research in modeling and analysis of CPSs
Formalized safety and functional requirements utilizing formal modeling and analysis tools
Mathematical model for analyzing the system's response behavior in the presence of malicious nodes performing various attacks
3Slide4
Introduction
Introduce attacks and countermeasures on the survivability of CPSs
Illustrate attrition, pervasion, and exfiltration failure on a modernized electrical grid
Use redundancy to improve the overall system reliability
4Slide5
System Model - System Description
5Slide6
System Model - System Failure Definition
Attrition
Sensors are not affected by attrition because
If a sensor is evicted, the short-term impact is minimal
If a sensor is compromised, it can do little more than send illegitimate data to control nodes
Pervasion
Sensor is not considered in pervasion failure
No means to directly or indirectly attack the CPS
Exfiltration
Sensor and control nodes are considered in the exfiltration failure analysis
6Slide7
System Model - Attacker Behavior Modeling
Surveilling attacker: targets sensor, results in exfiltration failure
Destructive attacker: targets actuator and control nodes, leads to attrition and pervasion failure
7Slide8
System Model - Countermeasures
Intrusion Detection: Pervasion
Connection nodes and actuators.
False Negative Probability
False positive Probability
Data Leak Rate Control: exfiltration
Sensor and connection nodes.
Limits the data upload speed
Limits the data leak by decrease the sensing time interval
Redundancy: Attrition
The connection nodes and actuators will gradually fail because of reaching their life cycle.
8Slide9
Performance Model
SPN model
9Slide10
Performance Model
Fig. 3
10Slide11
Performance Model
Fig. 4
11Slide12
Performance Model
Fig. 5
12Slide13
Performance Model
Fig. 6
13Slide14
Performance Model
Fig. 7
14Slide15
Performance Model
Fig. 8
15Slide16
Performance Analysis - Results
Fig. 9
16Slide17
Performance Analysis - Results
Fig. 10
17Slide18
Performance Analysis - Results
Fig. 11
18Slide19
Performance Analysis - Results
Fig. 12
19Slide20
Conclusion
With this analytical model, the authors was able to find relationships between the CPS’s maximal MTTF with 4 parameters (intrusion detection interval, the probability of false positive and false negative, and the redundancy level).
Note that by increasing redundancy level, there is some tradeoff between exfiltration failure with other failures.
20