Classification of and resilience to cyber-attacks on cyber-physical systems

Abstract

The growing connectivity of cyber-physical systems (CPSes) has led to an increased concern over the ability of cyber-attacks to inflict physical damage. Current cybersecurity measures focus on preventing attacks from penetrating control supervisory networks. These reactive techniques, however, are often plagued with vulnerabilities and zero-day exploits. Embedded processors in CPS field devices often possess little security of their own, and are easily exploited once the network is penetrated. In response, researchers at Georgia Tech and Virginia Tech have proposed a Trustworthy Autonomic Interface Guardian Architecture (TAIGA), which monitors communication between the embedded controller and physical process. This autonomic architecture provides the physical process with a last line of defense against cyber-attacks by switching process control to a trusted backup controller if an attack causes a system specification violation. This thesis focuses on classifying the effects of cyberattacks on embedded controllers, evaluating TAIGA’s resilience against these attacks, and determining the applicability of TAIGA to other CPSes. This thesis identifies four possible outcomes of a cyber-attack on a CPS embedded processor. We then evaluate TAIGA’s mechanisms to defend against those attack outcomes, and verify TAIGA satisfies the listed trust requirements. Next, we discuss an implementation and the experimental results of TAIGA on a hazardous cargo transportation robot. Then, by making various modifications to the setup configuration, we are able to explore TAIGA’s ability to provide security and process protection to other CPSes with varying levels of autonomy or distributed components.