Cyber Security Threat Modeling of A Telesurgery System

Asif, Md. Rashid Al; Khondoker, Rahamatullah

doi:10.1109/sti50764.2020.9350452

Cited by 8 publications

(3 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This choice is based on the tool's wide acceptance in both academia and industry, as well as its ability to identify threats at the component level. It is an open-source tool provided by Microsoft and is free [36]. It specifically focuses on identifying vulnerabilities and weaknesses in application security.…”

Section: Threat Modeling Using Stridementioning

confidence: 99%

STRIDE-Based Cybersecurity Threat Modeling, Risk Assessment and Treatment of an Infotainment High Performance Computing (HPC) System

Das,

Asif,

Jahan

et al. 2024

Preprint

View full text Add to dashboard Cite

In modern automobiles, Infotainment High-Performance Computing (HPC) systems play a vital role in enhancing the capabilities of drivers and passengers by providing advanced features consisting of music, navigation, communication, entertainment, etc. However, as the use of information technology in vehicles increases, it results in cybersecurity threats such as data breaches and the loss of sensitive information. To improve the security of the infotainment system in automotive vehicles, the research conducted threat modeling at the component level using Microsoft’s STRIDE tool and performed risk assessment by using SAHARA (Safety-Aware Hazard Analysis and Risk Assessment) and DREAD methodologies to evaluate associated risks. It provides a systematic representation of threats, associated risks, and generic mitigation strategies to counter cybersecurity attacks. Through the threat modeling process, 34 potential security threats were identified. The study also provided a comparative analysis to calculate the risk values of the threats to prioritize for treatment. These identified threats and associated risks need to be considered to avoid potential cyberattacks, before deploying the infotainment HPC system in real-world automotive vehicles.

show abstract

Section: Threat Modeling Using Stridementioning

confidence: 99%

STRIDE-Based Cybersecurity Threat Modeling, Risk Assessment and Treatment of an Infotainment High Performance Computing (HPC) System

Das,

Asif,

Jahan

et al. 2024

Preprint

View full text Add to dashboard Cite

show abstract

“…• Resource Prioritization [4]: For the desired system function using wireless, setting up a transmission priority enables nodes to be given a desired wireless resource to transmit data. One potential approach for setting a transmission priority is through defining the delay requirement of data transmission.…”

Section: Plan and Implement Cybersecurity Controlsmentioning

confidence: 99%

Draft Methodology for Cybersecurity Analysis for Adoption of Wireless Technology in Nuclear Power Plants

Manjunatha

McJunkin

Chwasz

2022

View full text Add to dashboard Cite

The report is delivered as DOE-NE Cybersecurity Program Milestone M2CT-22IN1104014-Industry cybersecurity guidance adoption status. The milestone is specifically to document the process and the status of the efforts towards developing guidance in support of industry's adoption of wireless communication technologies. To transform the operation of nuclear power plants, including domestic light-water reactors, advanced reactors, microreactors, and fission battery, for grid and non-grid applications, secure and resilient wireless capabilities are required. In addition, to realize new operational concepts such as autonomous operation and remote monitoring, advanced sensor, and instrumentation, wireless technology is essential. However, industry implementation is low, and there is no technical basis for how to understand and address potential risks for wireless communications for critical plant functions. A methodology with a technical basis for implementing secure wireless communication is crucial. This wireless adoption methodology is intended to assist a licensee in identifying an appropriate technological approach for securing wireless communications in nuclear power plant. However, this methodology does not provide guidance for addressing wireless design criteria or for addressing all the cybersecurity commitments in licensees' cybersecurity plans (CSPs) including addressing security impact analysis that a licensee must perform before an update to a Critical Digital Asset (CDA). This methodology guides a licensee through a process of evaluating a proposed wireless implementation and drafting a plant change notification for an example use case. The example is a generic/nonproprietary version of the first test case of the methodology, which, if successfully implemented, is part of the consideration for protecting other functions' use of wireless in a cybersecure manner.Disclaimer: Neither INL, NRC, nor any of its employees, members, supporting organizations, contractors, or consultants make any warranty, expressed or implied, or assume any legal responsibility that the method provided in this document meets the NRC cyber or completeness of NRC requirements. Blanc for coordinating important critical reviews of the methodology within the DOE-NE Cybersecurity team. The team of researchers that provided comments that contributed to this report during the program reviews are listed below. Idaho National Laboratory had multiple technical exchanges with the NRC staff through the Office of Nuclear Regulatory Research under the DOE-NRC Memorandum of Understanding (MOU) on Nuclear Energy Innovation, Amendment 4, Research Related to Light Water Reactor Sustainability (ML21083A072). We are grateful to the NRC staff colleagues who provided their insights and expertise under the LWRS MOU as part of this effort. However, these exchanges should not be interpreted as NRC endorsement, acceptance, or concurrence with this report. This work would not have been possible without the commitment of the Nuclear Energy Institute (NEI) Cybers...

show abstract

“…As the threat of cyber-attacks increases, preparing and enhancing the cyber security of bilateral control systems is essential. Several studies have been conducted on the modeling and classification of cyber-attack methods, such as denialof-service (DoS) attacks and packet drop attacks on forceposition-type bilateral control systems [26], specific cyberattacks on surgical robots and remote rescue robots [27], [28], and false data injection attacks on practical force-positiontype bilateral control systems [26], [29]. Moreover, several studies have been conducted on cyber-attack countermeasures for bilateral control systems, which are broadly classified into proactive and reactive countermeasures.…”

Section: Introductionmentioning

confidence: 99%

Experimental Validation of Reaction Force Estimation for Secure Robot Teleoperation

Takanashi

Teranishi

Kogiso

2023

2023 IEEE/SICE International Symposium on System Integration (SII)

View full text Add to dashboard Cite

This study developed an encrypted four-channel bilateral control system that enables posture synchronization and force feedback for leader and follower robot arms. The encrypted bilateral control system communicates encrypted signals and operates with encrypted control parameters using homomorphic encryption. We created two-axis robot arms and identified them to obtain a nonlinear model consisting of a linear system and a nonlinear disturbance. Disturbance and reactionforce observers and a proportional-derivative controller were designed to construct a networked robot-manipulation system. The controllers in the constructed bilateral control system were securely implemented on dedicated computers using a controller encryption technique. The experimental results demonstrate that the developed bilateral control system can facilitate encrypted communication and controller, synchronize the posture, and feed the reaction force back. Through experimental validation, the encrypted four-channel bilateral control system enables the inheritance of control performance from the original (unencrypted) bilateral control system.

show abstract

Cyber Security Threat Modeling of A Telesurgery System

Cited by 8 publications

References 9 publications

STRIDE-Based Cybersecurity Threat Modeling, Risk Assessment and Treatment of an Infotainment High Performance Computing (HPC) System

STRIDE-Based Cybersecurity Threat Modeling, Risk Assessment and Treatment of an Infotainment High Performance Computing (HPC) System

Draft Methodology for Cybersecurity Analysis for Adoption of Wireless Technology in Nuclear Power Plants

Experimental Validation of Reaction Force Estimation for Secure Robot Teleoperation

Contact Info

Product

Resources

About