Modeling and control of Cyber-Physical Systems subject to cyber attacks: A survey of recent advances and challenges

Mahmoud, Magdi S.; Hamdan, Mutaz M.; Baroudi, Uthman

doi:10.1016/j.neucom.2019.01.099

Cited by 209 publications

(63 citation statements)

References 102 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As a cyber-physical control system, the powertrain and power electronic systems in EVs may present similar attack surfaces. Typically, cyber-attacks in a cyber-physical control system can be qualitatively categorized into three types: denial of service (DOS) attacks, replay attacks, and false data injection attacks [51]. Although the three types of cyber-attacks are summarized according to the cybersecurity research in cyberphysical control systems, up to date, they are widely used in vehicle cybersecurity.…”

Section: B Cyber-attack Modeling In Vehicle Control Systemsmentioning

confidence: 99%

Cyber–Physical Security of Powertrain Systems in Modern Electric Vehicles: Vulnerabilities, Challenges, and Future Visions

You-hai

Guo

Yang

et al. 2021

IEEE J. Emerg. Sel. Topics Power Electron.

View full text Add to dashboard Cite

Section: B Cyber-attack Modeling In Vehicle Control Systemsmentioning

confidence: 99%

Cyber–Physical Security of Powertrain Systems in Modern Electric Vehicles: Vulnerabilities, Challenges, and Future Visions

You-hai

Guo

Yang

et al. 2021

IEEE J. Emerg. Sel. Topics Power Electron.

View full text Add to dashboard Cite

“…Mahmoud et al surveyed the literature on CPSs security and attack models. Three cyber‐attacks (DoS, deception, and replay attack) are considered in review and discussion.…”

Section: Related Workmentioning

confidence: 99%

Security assessment of data management systems for cyber physical system applications

Chaudhry

Yousaf

Khan

2019

J Software Evolu Process

View full text Add to dashboard Cite

Cyber physical system (CPS) applications are widely used to control critical infrastructure of various application domains, eg, medical health care, energy, and power, to name a few. Such applications usually take input data from sensors, estimate current state of the system, and then based on the estimation, make critical decisions to control the underlying infrastructure automatically. Therefore, security and integrity of the (system state) data are critically important to ensure safe operations of CPS. In this paper, we present a review of security of various data management systems used in CPS. Since CPS are composed of systems of (sub)systems that generate a huge amount of data (ie, periodical sensor input data), therefore, recently, NoSQL and NewSQL data management systems have emerged as popular data management systems to support efficient and scalable analysis of unstructured data. Unfortunately, these systems were not initially build for data security and thus are vulnerable to numerous security attacks. Considering flexible data model and efficient access methods in NoSQL and NewSQL, we discuss the security attacks on such data management systems and their corresponding solutions to mitigate them. In particular, we analyze the system and data security of popular NoSQL and NewSQL systems. To analyze that, we defined feature vectors for system and data security and compared the data systems against them. Finally, we propose security solutions for data management systems by identifying various security vulnerabilities in internal security algorithms of such systems. KEYWORDSaccess control security, CPS, data integrity, data security INTRODUCTIONIndustry 4.0 has led to the development of cyber physical systems (CPSs). A typical CPS consists of cyber and physical components, where cyber components are responsible for controlling physical components (respectively process) of an underlying critical infrastructure. The cyber components receive sensor data as an input to estimate current state of the physical components. Based on the state estimation, the cyber components make decisions (ie, issue commands) to change the state of the physical process. With the recent trend towards affordable sensors, fast communication networks, and better data acquisition methods, massive amount of data is generated by various sensors and autonomous resources in a CPS. This huge volume of data needs big data processing and management techniques. This introduces challenges related to the performance, security, reliability, scalability, and fault tolerance of a system. Since a CPS makes decision based on sensor input data, such data needs to be protected against various security attacks to ensure reliable and safe data operations. In this paper, we review the security of various data management systems that are used to store process data in a CPS. Modern CPS uses NoSQL and NewSQL systems to store data in order to assure reliable and efficient (ie, with strict time requirements) CPS operations. The increased data access has increa...

show abstract

“…In recent years, the CPS has been widely recognized as the core technology for promoting the development of Industry 4.0, and it has been successfully applied to control systems in industries such as electricity, medical treatment, transportation, water supply, and natural gas [1,2]. Hence, the CPS is currently a research area of increased interest in industry and academia [3]. However, since information technologies are deeply used and the communications between various components are mainly achieved through a network, CPSs are vulnerable to cyberattacks [4][5][6].…”

Section: Introductionmentioning

confidence: 99%

A Minimum Defense Cost Calculation Method for Attack Defense Trees

Zhong

2020

Security and Communication Networks

View full text Add to dashboard Cite

The cyberphysical system (CPS) is becoming the infrastructure of society. Unfortunately, the CPS is vulnerable to cyberattacks, which may cause environmental pollution, property losses, and even casualties. Furthermore, in contrast to the conventional Internet, the devices in CPSs are more specific, and the device systems may not be upgraded or installed with new programs during their life spans. The selection of the best defense nodes for defeating cyberattacks is quite challenging in CPSs. To overcome this issue, several attack-defense modeled methods have been proposed. However, few existing studies have considered the defense cost, which is usually a determinant in practice. In this paper, we propose a method for choosing optimal defense nodes that (1) can defeat specific attacks and (2) are inexpensive. First, the atom attack defense tree (A2DTree) is proposed by adding constraints to the conventional attack defense tree (ADTree). Second, the algebraic method is used to efficiently calculate the minimum defense cost. On this basis, a minimum defense cost calculation tool is designed and implemented. Finally, the effectiveness of the proposed method is verified with two typical case studies, and a comparative experiment of related work is carried out. The results show that the method can correctly and efficiently identify the optimal defense nodes and calculate the minimum defense cost of a CPS.

show abstract

Modeling and control of Cyber-Physical Systems subject to cyber attacks: A survey of recent advances and challenges

Cited by 209 publications

References 102 publications

Cyber–Physical Security of Powertrain Systems in Modern Electric Vehicles: Vulnerabilities, Challenges, and Future Visions

Cyber–Physical Security of Powertrain Systems in Modern Electric Vehicles: Vulnerabilities, Challenges, and Future Visions

Security assessment of data management systems for cyber physical system applications

A Minimum Defense Cost Calculation Method for Attack Defense Trees

Contact Info

Product

Resources

About