A Formal Approach to Cyber-Physical Attacks

Ruggero Lanotte; Massimo Merro; Riccardo Muradore; Luca; Vigan\`o

arXiv:1611.01377·cs.CR·April 24, 2017

A Formal Approach to Cyber-Physical Attacks

Ruggero Lanotte, Massimo Merro, Riccardo Muradore, Luca, Vigan\`o

PDF

TL;DR

This paper develops a formal framework using hybrid process calculus to model, analyze, and quantify the impact of cyber-physical attacks on CPSs, focusing on integrity, DoS, and timing aspects.

Contribution

It introduces a formal model for cyber-physical attacks, a threat assessment method, and impact quantification techniques for CPS security analysis.

Findings

01

Defined a hybrid process calculus for CPS and attacks

02

Provided a threat model to evaluate attack vulnerability

03

Demonstrated impact estimation with an engineering example

Abstract

We apply formal methods to lay and streamline theoretical foundations to reason about Cyber-Physical Systems (CPSs) and cyber-physical attacks. We focus on %a formal treatment of both integrity and DoS attacks to sensors and actuators of CPSs, and on the timing aspects of these attacks. Our contributions are threefold: (1) we define a hybrid process calculus to model both CPSs and cyber-physical attacks; (2) we define a threat model of cyber-physical attacks and provide the means to assess attack tolerance/vulnerability with respect to a given attack; (3) we formalise how to estimate the impact of a successful attack on a CPS and investigate possible quantifications of the success chances of an attack. We illustrate definitions and results by means of a non-trivial engineering application.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.