1 / 30

SURE: Modeling and Simulation Platform for SecUre and REsilient Cyber-Physical Systems

This paper presents SURE, a modeling and simulation integration platform for the evaluation of secure and resilient cyber-physical systems. It discusses issues with SCADA, the SURE modeling framework, case studies, and concludes with thoughts and insights.

lramos
Download Presentation

SURE: Modeling and Simulation Platform for SecUre and REsilient Cyber-Physical Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SURE: A Modeling and Simulation Integration Platform for Evaluation of SecUre and REsilient Cyber– Physical Systems (2018) By: XenofonKoutsouKos, Senior Member IEEE, Gabor Karsai, Senior Member IEEE, Aron Laszka, Himanshu Neema, Bradley Potteiger, Peter Volgyesi, Yevgeniy Vorobeychik, Member IEEE, and Janos Sztipanovits, Life Fellow IEEE Presented by: Matt Pasco, Michigan State University, 3/19/2019

  2. Presentation Schedule • SCADA and IoT • Issues with SCADA • SURE Modeling Framework • SURE Case Studies • Conclusion and Thoughts

  3. SCADA • Supervisory Control and Data Acquisition • Provides remote: • Information monitoring • Command execution • Usages: • Manufactory machine control • Enterprise HVAC control • Traffic lights • Agriculture • Off-the-shelf home automation

  4. SCADA • Large Minicomputer (1970s) -> ESP8266 (present) • IoT: Internet of Things • present day SCADA • low cost IP based devices Source: Hackaday.com Source: Flicker.com

  5. Issues with SCADA • Ted Koppel, Lights Out (2015) • Power grids are highly unsecured • Many SCADA devices have: • Default passwords • Exposed on Shodan browser • Terrible physical security • Unmanned Aerial Vehicle (UAV) remote access • UART: Universal Asynchronous Receiver-Transmitter • Port on many IoT devices • Root shell • Easily bypass secured devices Sources: Koppel, Yoon et al., Malwarebytes, GoodReads.com

  6. Shodan Source: Shodan, cleancss.com

  7. Attack scenario • New Cold-War • Full nation outage • Nation-state attack • Motivation: war • Regional outage • Terrorist group • Motivation: fearmongering, ransom • Mitigation strategy: • Ship in new technology • Transformers for power grid Sources: Koppel

  8. Related Work • PowerCyber • Power grid CPS security testbed • Time based anomaly detection for CPS • Mohan et al. (2013) • Game-Theory detection • Ghafouri et al.(2016) • Ensuring resilient control design • SURE [26-29]

  9. SURE • SecUre and REsilient Cyber-Physical Systems (CPS) • Provides • Realistic simulation models of CPS components and interactions • Both physical and cyber • Cyber attack models • Focus on impact on CPS behavior and operation • Operational scenarios evaluated for security risk • In-depth security evaluation Source: SURE, Baheti et al.

  10. SURE Goals • Capture suitable metrics • Capture diverse attacks • Identify critical components to be protected • Understand traffic patterns • Design resilient monitoring Source: SURE

  11. SURE Modeling and Simulation A. Domain Modeling for rapid experimentation • Utilizes graphical modeling language • Model partitioned into • Abstracted cyber infrastructure • Cyber attack model toolset • Elements for integration in concrete CPS domain Source: SURE

  12. SURE Modeling and Simulation B. Collaboration and Gamification • Browser-based app • Provides live collaboration • Red-Blue teaming • Blue team defends (Security Engineers) • Red team attacks (Hackers) • Extremely prominent in Cybersecurity community Source: SURE

  13. SURE Modeling and Simulation C. Traceability and Reproducibility • Influenced by Git • Changes are recorded with cryptographic hash • Tree structure Source: SURE

  14. SURE Modeling and Simulation D. Transportation Domain • Simulation of Urban MObility (SUMO) framework • Used to simulate time of day and other parameters • Define: • Sensors • Controller • Hierarchies Source: SURE

  15. SURE Modeling and Simulation E. Simulation Drivers • In-summary: you can run this from the command line Source: SURE

  16. SURE Modeling and Simulation F. Model-Based Simulation Integration • Provides rapid: • Design • Synthesis • Evaluation Source: SURE

  17. SURE Modeling Source: SURE

  18. SURE Adversarial Environments • 6 types of attacks • Out of Order • Rearranges network packet order • DoS • Prevention of data transmission • Delay • Added network delay • Integrity • Modification • Data Corruption • Integrity, just uniformed • Network manipulation • Record and playback (replay) Source: SURE

  19. SURE Adversarial Environments Source: SURE

  20. SURE Case Studies • Vulnerability analysis of traffic signal tampering • Resilient sensor selection to predict traffic flow • Decentralized traffic signal control subjected to a Denial of Service (Dos) attack Source: SURE

  21. SURE Case Study 1: Traffic Signal Tampering • Leveraging • Lack of encryption • Lack of authentication • Vulnerabilities • Attacker can: • Select set of traffic signals to attack • Create a new schedule for traffic lights • Assumes: • Attacker cannot set crossing intersections both to green Source: SURE

  22. SURE Case Study 1: Traffic Signal Tampering • Maximizing travel time is NP-Hard problem • Attacker utilizes heuristic algorithm • 0.8% loss from exhaustive search • 92% morning travel • 51% midday travel Source: SURE

  23. SURE Case Study 2: Resilient Sensor Selection for traffic forecasting • Minimize the effect of DoS attacks • Utilize a set of sensors to predict traffic at unobserved locations • Attacker can: • Select K sensors deployed • DoS attacks can be • Physical • Wireless jamming • Battery exhaustion Source: SURE

  24. SURE Case Study 2: Resilient Sensor Selection for traffic forecasting • Designer trains a Gaussian based regression model to predict traffic at unobserved locations • Gaussian process is a type of Bayesian learning • Events are independent, probabilities are based on posterior and prior probabilities • Attacker removes [1,K] sensors • Assess model prediction with lack of sensors Source: SURE

  25. SURE Case Study 2: Resilient Sensor Selection for traffic forecasting Source: SURE

  26. SURE Case Study 3: Resilient Traffic Signal Control • Observes traffic network as a whole • System understands queue lengths • Sensors are vulnerable to DoS attacks • Game-theory approach to minimizing effects of DoS attacks • Attacker selects [1,K] sensors to attack • Control is evaluated Source: SURE

  27. SURE Case Study 3: Centralized vs Decentralized Results Source: SURE

  28. Conclusion • Attackers can compromise city traffic • Adverse effects for: • Fire/ Police • Delivery/ mail • Commuters • Proposed a toolset to simulate and design a traffic system and their attacks • Collaborative based • Red-Blue team Source: SURE

  29. Thoughts for autonomous vehicles • Doesn’t address Vehicle-2-Infrastructure (V2I) communication

  30. References • Baheti et al. : R. Baheti and H. Gill, “Cyber-physical systems,” Impact Control Technol., vol. 12, pp. 161–166, Mar. 2011 • Flicker: https://c1.staticflickr.com/3/2435/3878202215_372c46fccb_b.jpg • Ghafouriet al. : A. Ghafouri, W. Abbas, A. Laszka, Y. Vorobeychik, and X. Koutsoukos, “Optimal thresholds for anomaly-based intrusion detection in dynamical environments,” in Proc. Int. Conf. Decision Game Theory Secur., 2016, pp. 415–434. • GoodReads: https://i.gr-assets.com/images/S/compressed.photo.goodreads.com/books/1434725454i/25733923._UY630_SR1200,630_.jpg • Hackaday: https://hackadaycom.files.wordpress.com/2015/03/esp8266-how-to-thumb.jpg • Koppel: Ted Koppel, Lights Out (2015) • Malwarebytes: https://blog.malwarebytes.com/security-world/2014/02/uart-root-shell-on-commercial-devices/ • Mohan et al: S. Mohan, S. Bak, E. Betti, H. Yun, L. Sha, and M. Caccamo, “S3A: Secure system simplex architecture for enhanced security and robustness of cyber-physical systems,” in Proc. 2nd ACM Int. Conf. High Confidence Netw. Syst., Apr. 2013, pp. 65–74 • Shodan: https://www.shodan.io/host/216.173.131.201 • SURE: SURE: A Modeling and Simulation Integration Platform for Evaluation of SecUre and REsilient Cyber– Physical Systems • Yoon et al. : M. K. Yoon, B. Liu, N. Hovakimyan, and L. Sha, “VirtualDrone: Virtual sensing, actuation, and communication for attackresilient unmanned aerial systems,” in Proc. 8th ACM/IEEE Int. Conf. Cyber-Phys. Syst., Apr. 2017, pp. 143–154.

More Related