检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:Cheah Huei Yoong Venkata Reddy Palleti Rajib Ranjan Maiti Arlindo Silva Christopher M Poskitt
机构地区:[1]Singapore University of Technology and Design,8 Somapah Road,487372 Singapore,Singapore [2]Indian Institute of Petroleum and Energy,2nd Floor,AU Engg College Main Block,Andhra University,530003 Visakhapatnam,India [3]Birla Institute of Technology and Science,Pilani,Hyderabad Campus Jawahar Nagar,Kapra Mandal Medchal District,500078 Telangana,India [4]Singapore Management University,80 Stamford Road,178902 Singapore,Singapore
出 处:《Cybersecurity》2021年第1期67-90,共24页网络空间安全科学与技术(英文)
基 金:the National Research Foundation,Singapore,under its National Satellite of Excellence Programme“Design Science and Technology for Secure Critical Infrastructure”(Award Number:NSoE DeST-SCI2019-0004).
摘 要:Cyber-physical systems(CPSs)in critical infrastructure face serious threats of attack,motivating research into a wide variety of defence mechanisms such as those that monitor for violations of invariants,i.e.logical properties over sensor and actuator states that should always be true.Many approaches for identifying invariants attempt to do so automatically,typically using data logs,but these can miss valid system properties if relevant behaviours are not well-represented in the data.Furthermore,as the CPS is already built,resolving any design flaws or weak points identified through this process is costly.In this paper,we propose a systematic method for deriving invariants from an analysis of a CPS design,based on principles of the axiomatic design methodology from design science.Our method iteratively decomposes a high-level CPS design to identify sets of dependent design parameters(i.e.sensors and actuators),allowing for invariants and invariant checkers to be derived in parallel to the implementation of the system.We apply our method to the designs of two CPS testbeds,SWaT and WADI,deriving a suite of invariant checkers that are able to detect a variety of single-and multi-stage attacks without any false positives.Finally,we reflect on the strengths and weaknesses of our approach,how it can be complemented by other defence mechanisms,and how it could help engineers to identify and resolve weak points in a design before the controllers of a CPS are implemented.
关 键 词:Cyber-physical systems Critical infrastructure Industrial control systems Systematic design framework Axiomatic design INVARIANTS Anomaly detection Supervised machine learning
分 类 号:TP181[自动化与计算机技术—控制理论与控制工程]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.143.247.141