第1页 / 共347页
第2页 / 共347页
第3页 / 共347页
第4页 / 共347页
第5页 / 共347页
第6页 / 共347页
第7页 / 共347页
第8页 / 共347页
Cyber-Physical Systems Security.pdf
Preface
Contents
Contributors
Robust Digital Computation in the Physical World
1 Introduction
2 Limitations of Digital Models in an Analog World
2.1 Introduction
2.2 Physics of Hybrid Modeling
2.3 Definition of the Thermostat Model
2.4 Informal Analysis of the Thermostat Model
2.5 Formal Implementation
3 Modeling and Verification of Out-of-Nominal Logic
3.1 Introduction
3.2 Modeling Out-of-Nominal Safety Properties
3.3 Example Turnstile Model
3.4 Design and Out-of-Nominal Verification Via Abstraction
3.4.1 Refinement (High Level)
3.4.2 Implementation (Low Level)
4 Resilience of Computational Physics Simulation
4.1 Introduction
4.2 Methodology
4.2.1 Operations in PDE Solvers
4.2.2 Error Model and Mitigation Approach
4.3 Application to the Conjugate Gradient Solver
4.3.1 The Basic Conjugate Gradient Solver
4.3.2 Controlling Convergence of the CG Algorithm
4.3.3 Evaluation Using In Situ Interpolation
5 Conclusion
References
Constraint-Based Framework for Reasoning with DifferentialEquations
1 Introduction
2 Preliminary Notions
2.1 Numerical Constraint Satisfaction Problems
2.2 Branch-and-Contract Solving Method
2.3 Some Limitations on NCSP
2.3.1 Equality Constraints
2.3.2 Differential Constraints
3 Set-Based Constraint Satisfaction Differential Problems
3.1 Dynamical Systems
3.2 Set-Based Constraints
3.3 Set-Based Differential Constraint Satisfaction Problems
4 Solving SCSDP
4.1 Interval-Based Constraints
4.2 Interval-Based Differential Constraints
4.2.1 Outer Approximation of Differential Constraints
4.2.2 Inner Approximation of Differential Constraints
4.3 Revisiting Branch-and-Contract Solving Method
4.3.1 Contraction
4.3.2 Propagation
5 Numerical Example
6 Conclusion
References
Approximate Computing and Its Application to Hardware Security
1 Introduction
2 Approximate Circuit
2.1 Approximate Adders
2.2 Approximate Multipliers
2.3 Approximate Dividers
3 Approximate Software/Algorithm
4 Approximate Computing for Hardware Security
4.1 Security Primitives Based on Approximate Computing
4.1.1 Floating-Point Format with Embedding Security
4.1.2 Approximate Computing with Embedded Security Information
4.2 A Low-Voltage Approximate Computing Adder for Authentication
5 Future Research Directions
5.1 PUFs and SCAs
5.2 SCAs
5.3 Hardware Trojans (HTs)
5.4 Approximate Arithmetic Circuit for Logic Obfuscation
6 Conclusion
References
Mathematical Optimizations for Deep Learning
1 Introduction
2 Pruning
3 Quantization
3.1 Binary Weights
3.2 Binary Weights and Activations
4 Weight Sharing and Compression
4.1 Weight Sharing
4.2 Compression
5 Model Distillation
6 Filter Decomposition
7 Conclusion
References
A Zero-Entry Cyber Range Environment for Future Learning Ecosystems
1 Introduction
2 Limitations of Current Practice
2.1 Specific Problem Being Solved
3 Research
3.1 Research Question
3.2 Learning Science Approach
3.2.1 Simulation Experience Design Method
3.2.2 Distributed Cognition Theory
3.3 Learner Analysis
3.4 Cybersecurity Terminal Learning Objectives
4 Cyber Scorpion Design
4.1 Cyber Scorpion Learner Sketch
5 Software Environment
5.1 Cyber Scorpion Underlying Technology: Minimega
5.2 Software Development Approach
6 Learner Experience Demonstration and Lessons Learned
7 Limitations and Future Work
8 Conclusion
References
Parallel Programming in Cyber-Physical Systems
1 Introduction
1.1 Parallel Architectures
2 Parallel Programming in CPSs
2.1 Experimental Methodology
2.2 Modular Exponentiation
2.2.1 m-ary Approach
2.2.2 Slicing Approach
2.2.3 Conclusions: Modular Exponentiation
2.3 Karatsuba Multiplication
3 Conclusions
Appendix: Sequential and Basic Parallel Code for Karatsuba
References
Automatic Application of Software Countermeasures Against Physical Attacks
1 Introduction
2 Background
2.1 Side-Channel Attacks
2.2 Fault Injection Attacks
2.3 Combined Attacks
2.4 Countermeasures
2.5 Compilation of Secured Code
3 Automatic Application of Software Countermeasures
3.1 At Source Code Level
3.1.1 Side-Channel Attack Countermeasures
3.1.2 Fault Injection Countermeasures
3.1.3 Pros and Cons of Source Code Level
3.2 During Compilation
3.2.1 Side-Channel Attack Countermeasures
3.2.2 Fault Injection Countermeasures
3.2.3 Pros and Cons of Compiler Level
3.3 At Link Time/At Assembly Level
3.3.1 Side-Channel Attack Countermeasures
3.3.2 Fault Attack Countermeasures
3.3.3 Pros and Cons of Assembly Level
4 Discussion
4.1 Confrontation of Pros and Cons of the Different Levels
4.2 Future Works
5 Conclusion
References
Time-Delay Attacks in Network Systems
1 Introduction
2 Problem Setup
2.1 Network Model
2.2 Attack Model
2.3 Problem Formulation
3 Minimum Cardinality Attack Sets
3.1 Optimal Delay Attacks
3.2 Numerical Methods for Finding Optimal Attacks
4 Optimal Attack Sets and Relation with Topology
5 Conclusions
References
Attack Tree Construction and Its Application to the ConnectedVehicle
1 Introduction
1.1 Attack Trees in the Automotive Domain
1.2 Attack Tree Generation
1.3 Contributions
2 Background and Definitions
2.1 Automotive Architecture
2.2 Architectural Graph
Running Example
2.3 Graph Transformation
Example
3 Attack Graph Generation
4 Attack Tree Generation
5 Countermeasure
6 Conclusion
References
Reinforcement Learning and Trustworthy Autonomy
1 Introduction
2 Reinforcement Learning Preliminaries
2.1 Markov Decision Processes
2.2 Reinforce Method
3 Microsoft's AirSim
3.1 Overview
3.2 Python APIs
4 Reinforcement Learning in AirSim
4.1 Unreal Dynamic Environment
4.2 Python Environment Library
4.3 REINFORCE Method in AirSim
5 Increased Trustworthiness Through Visualization
5.1 t-SNE
5.2 Action Visualization
5.3 Attribution Visualization
6 Conclusion
References
Identifier Randomization: An Efficient Protection Against CAN-Bus Attacks
1 Introduction
2 State-of-the-Art CAN Protections
2.1 Controller Area Network Overview
2.2 Payload Protection
Flaws
2.3 Intrusion Detection and Prevention Systems
Flaws
2.4 Identifier Protection
Flaws
3 Solutions Based on Randomization and Their Evaluation
3.1 Principle and Formalism
3.2 Evaluation Metrics
3.2.1 Reverse-Engineering Attack
3.2.2 Replay and Injection Attacks
3.3 The IA-CAN Approach
3.3.1 Particular Case
3.3.2 Testing
3.4 Equal Intervals
3.4.1 Testing
3.5 Frequency Intervals
3.5.1 Testing
3.6 Dynamic Intervals
3.6.1 Illustrative Example
3.6.2 Testing
3.7 Arithmetic Masking
3.7.1 Testing
4 Comparison
5 Conclusion
Appendix
Entropy of Fixed Mapping
Conditional Entropy of Fixed Mapping
Entropy of Dynamic Intervals
Entropy of Arithmetic Masking
Conditional Entropy of Arithmetic
Fixed Mapping Optimality Proof
References
Public Key-Based Lightweight Swarm Authentication
1 Introduction
1.1 Related Work
1.2 Structure of This Chapter
2 Preliminaries
2.1 Fiat–Shamir Authentication
2.2 Topology-Aware Distributed Spanning Trees
2.2.1 Topology-Aware Networks
2.2.2 Mooij–Goga–Wesselink's Algorithm
3 Distributed Fiat–Shamir Authentication
3.1 The Approach
3.2 Backup Authentication
4 Security Proofs
4.1 Soundness
4.2 Zero Knowledge
4.3 Security Analysis
4.3.1 Choice of Parameters
4.3.2 Algorithmic Complexity
4.3.3 Root Causes of Authentication Failure
4.3.4 Effect of Network Noise
4.3.5 Man-in-the-Middle Attacks
5 Variants and Implementation Trade-Offs
5.1 Shorter Challenge Variant
5.2 Multiple-Secret Variant
5.3 Precomputed Alphabet Variant
5.4 Precomputed Combination Variant
6 Conclusion
References
Physical Security Versus Masking Schemes
1 Context About the Protection Problem
1.1 Nature of Computation
1.2 Combinational or Sequential?
1.3 Outline of the Article
2 Definition of t-Order Security by ISW [12]
2.1 Revisiting of ISW Definition
2.2 Ill-Formed Definition
2.3 Attack on Coron's Higher-Order Masking of Look-Up Tables [8]
2.4 Motivation for Bit-Mixing Masking Schemes
3 Analysis of the Security Issue
3.1 Hardware Case
3.2 Software Case
6502
LEON3
Analysis of the 6502 and LEON3 Codes
4 New Definition of Security Order
5 Conclusion
References
Embedded Classifiers for Energy-Constrained IoTNetwork Security
1 Sensor Nodes Empowered by SoC FPAA Devices
2 Low-Power Context-Aware FPAA Architectures
3 FPAAs as Physical Computation Devices
4 Embedded FPAA Security Concerns
4.1 Positive FPAA Security Attributes
4.2 Addressing FPAA Security Issues
5 FPAAs for Investigating IC Validation
5.1 Black Box (BB) Exam: CNS 182
5.2 Training IC Deconstruction Using FPAA BB Approach
5.3 FPAAs for Unique Functions
6 Summary and Next Directions
References
Challenges in Cyber Security: Ransomware Phenomenon
1 Spora Ransomware
2 DMA Locker Ransomware
3 WannaCry Ransomware
Applying Model-Based Situational Awareness and Augmented Reality to Next-Generation Physical Security Systems
1 Introduction
2 Model-Based Situational Awareness for Physical Security
3 A Secure Facility Meets Its Digital Twin
4 Scene: Sunday, 1600. Somewhere in the Countryside…
4.1 A Digital Twin Saves the Day
5 Toward Digital Twin
6 Conclusion
References
Çetin Kaya Koç Ed.
Cyber-Physical
Systems Security
Cyber-Physical Systems Security
Çetin Kaya Koç
Editor
Cyber-Physical Systems
Security
123
Editor
Çetin Kaya Koç
˙Istinye University, ˙Istanbul, Turkey
Nanjing University of Aeronautics and
Astronautics, Nanjing, China
University of California Santa Barbara
Santa Barbara, CA, USA
ISBN 978-3-319-98934-1
https://doi.org/10.1007/978-3-319-98935-8
ISBN 978-3-319-98935-8 (eBook)
Library of Congress Control Number: 2018963758
© Springer Nature Switzerland AG 2018
This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of
the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,
broadcasting, reproduction on microfilms or in any other physical way, and transmission or information
storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology
now known or hereafter developed.
The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication
does not imply, even in the absence of a specific statement, that such names are exempt from the relevant
protective laws and regulations and therefore free for general use.
The publisher, the authors and the editors are safe to assume that the advice and information in this book
are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or
the editors give a warranty, express or implied, with respect to the material contained herein or for any
errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional
claims in published maps and institutional affiliations.
This Springer imprint is published by the registered company Springer Nature Switzerland AG
The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland
Preface
Cyber-physical systems involve interactions between computer-controlled and actu-
ator-enabled components, whose dynamics have thus far been modeled, designed,
and analyzed separately, but now need to be investigated and taught jointly. They
control much of the world’s critical infrastructure: power generation, telecommuni-
cations, water supply, and industrial control systems. Because of their critical nature,
known, predictable, and secure behavior of cyber-physical systems is necessary to
ensure the safety of the people whom these systems serve. Yet most cyber-physical
systems provide limited operational guarantee outside of nominal conditions.
Understanding how diverse physical and digital systems can be safely and
securely combined is not a simple task. Solving the safety and security deficiencies
in next generation cyber-physical systems will require contributions from every
branch of engineering, from mechanical and power engineering to computer science
and mathematics. Partners from university research labs, governments, and industry
must come together. It is necessary that we establish an engaged, multidisciplinary
cyber-physical security community committed to developing unified foundations,
principles, and technologies.
Cyber-physical as a term explains much of the underlying theory and practice;
it is the interplay of physics and computation. Our understanding of the physical
world through the models of classical and quantum physics, together with our
models of computation from analog to digital, helps us build a better understanding
of the cyber-physical world. Insights from physics, methods of complex systems
theory, and formal methods borrowed from various facets of mathematical and
computational sciences will help us to build reliable, safe, and secure systems.
The advantages of digital computation are relatively low power requirements and
flexibility; their carefully built discrete combinational states offer abstractions of
Boolean logic. However such abstractions are limited, and we need to discover the
conditions under which a digital abstraction of a system or subsystem can be valid.
Physical properties appear continuous and constrain how cyber-physical systems
models can be constructed and analyzed using formal logic. The study of the cyber-
physical system also necessitates the study of the topologies of complex systems
in addition to the computational and physical properties of their components.
v
vi
Preface
A cyber-physical system is a complex set of systems and subsystems requiring
communication channels among the cooperative entities and tasks, for example, a
coordinated platoon of interconnected vehicles or a countrywide power system of
different generating and consuming plants. Overall stability of the system will be
affected by adversary attacks that tamper with the temporal characteristics, causing
the delays of signals from nodes to nodes. Understanding which channels are less
robust and furthermore what kind of network topologies have more resilience will
help us minimize the number and the overall effect of compromised channels.
We created the Cyber-Physical Security Workshop and brought
together
researchers, engineers, and teachers into a common forum of exchange in order
to achieve several goals, the primary one being to expose researchers, educators,
and students to the world of CPS research. Invited speakers from academia and
government labs offered glimpses of their work on modeling, analyzing, and
understanding cyber-physical systems.
Sandro Bartolini,
University of Siena
Alexandre Chapoutot, ENSTA ParisTech
Télécom SudParis
Hervé Debar,
Arizona State University
Georgios Fainekos,
Georgia Institute of Technology
Jennifer Hasler,
Israel Koren,
University of Massachusetts
Sandia National Laboratories
Jackson Mayo,
University of California Riverside
Fabio Pasqualetti,
Sandia National Laboratories
Elaine Raybourn,
John D. Siirola,
Sandia National Laboratories
University of California, Santa Barbara
Sam Green,
The Workshop was initiated and organized by the steering committee, com-
posed of Çetin Kaya Koç (˙Istinye University, Nanjing University of Aeronautics
and Astronautics, and UC Santa Barbara), Patrick Duvaut (Télécom ParisTech),
David Naccache (École normale supérieure), and Jennifer Troup (Sandia National
Laboratories).
The primary sponsor of the Workshop was the National Science Foundation with
the award number 1638470 and the title “Cyber Physical Systems Security Educa-
tion Workshop” with the Principal Investigator as Çetin Kaya Koç. The sponsors
included Almerys, École normale supérieure, and Sandia National Laboratories.
The Cyber-Physical Security Workshop was held on July 17–19, 2017, on the
campus of Télécom ParisTech, located in central Paris, in the heart of a rich urban
and cultural environment. My thanks are also due to the faculty and students at
Télécom ParisTech for running the Workshop.
I also sincerely thank Ronan Nugent of Springer for his valuable advice and the
Editorial Office of Springer for their help in getting the book published.
Paris, France
Çetin Kaya Koç
Contents
Robust Digital Computation in the Physical World ..........................
Jackson R. Mayo, Robert C. Armstrong, Geoffrey C. Hulette,
Maher Salloum, and Andrew M. Smith
Constraint-Based Framework for Reasoning with Differential
Equations .........................................................................
Julien Alexandre dit Sandretto, Alexandre Chapoutot,
and Olivier Mullier
Approximate Computing and Its Application to Hardware Security ......
Weiqiang Liu, Chongyan Gu, Gang Qu, and Máire O’Neill
Mathematical Optimizations for Deep Learning .............................
Sam Green, Craig M. Vineyard, and Çetin Kaya Koç
A Zero-Entry Cyber Range Environment for Future Learning
Ecosystems ........................................................................
Elaine M. Raybourn, Michael Kunz, David Fritz, and Vince Urias
1
23
43
69
93
Parallel Programming in Cyber-Physical Systems ........................... 111
Sandro Bartolini and Biagio Peccerillo
Automatic Application of Software Countermeasures Against
Physical Attacks .................................................................. 135
Nicolas Belleville, Karine Heydemann, Damien Couroussé,
Thierno Barry, Bruno Robisson, Abderrahmane Seriai,
and Henri-Pierre Charles
Time-Delay Attacks in Network Systems ...................................... 157
Gianluca Bianchin and Fabio Pasqualetti
Attack Tree Construction and Its Application to the Connected
Vehicle ............................................................................. 175
Khaled Karray, Jean-Luc Danger, Sylvain Guilley,
and M. Abdelaziz Elaabid
vii
viii
Contents
Reinforcement Learning and Trustworthy Autonomy ....................... 191
Jieliang Luo, Sam Green, Peter Feghali, George Legrady,
and Çetin Kaya Koç
Identifier Randomization: An Efficient Protection Against
CAN-Bus Attacks ................................................................ 219
Khaled Karray, Jean-Luc Danger, Sylvain Guilley,
and M. Abdelaziz Elaabid
Public Key-Based Lightweight Swarm Authentication ...................... 255
Simon Cogliani, Bao Feng, Houda Ferradi, Rémi Géraud, Diana Maimu¸t,
David Naccache, Rodrigo Portella do Canto, and Guilin Wang
Physical Security Versus Masking Schemes . .................................. 269
Jean-Luc Danger, Sylvain Guilley, Annelie Heuser, Axel Legay,
and Tang Ming
Embedded Classifiers for Energy-Constrained IoT
Network Security ................................................................. 285
Jennifer Hasler
Challenges in Cyber Security: Ransomware Phenomenon .................. 303
Vlad-Raul Pa¸sca and Emil Simion
Applying Model-Based Situational Awareness and Augmented
Reality to Next-Generation Physical Security Systems ...................... 331
Elaine M. Raybourn and Ray Trechter
相关推荐
2023年江西萍乡中考道德与法治真题及答案.doc
2012年重庆南川中考生物真题及答案.doc
2013年江西师范大学地理学综合及文艺理论基础考研真题.doc
2020年四川甘孜小升初语文真题及答案I卷.doc
2020年注册岩土工程师专业基础考试真题及答案.doc
2023-2024学年福建省厦门市九年级上学期数学月考试题及答案.doc
2021-2022学年辽宁省沈阳市大东区九年级上学期语文期末试题及答案.doc
2022-2023学年北京东城区初三第一学期物理期末试卷及答案.doc
2018上半年江西教师资格初中地理学科知识与教学能力真题及答案.doc
2012年河北国家公务员申论考试真题及答案-省级.doc
2020-2021学年江苏省扬州市江都区邵樊片九年级上学期数学第一次质量检测试题及答案.doc
2022下半年黑龙江教师资格证中学综合素质真题及答案.doc
