Security in Cyber-Physical Systems

Security and Privacy in
Cyber-Physical Systems
Bob Marcus
Co-Chair NIST Big Data PWG
robert.marcus@et-strategies.com
Caveat: This is a rough ﬁrst cut and will be revised extensively!
Friday, April 29, 16

Key Points on CPS Security and Privacy - Initial Thoughts
• Security and privacy are essential for IoT applications
• Due to the ability to interact with physical systems, security breaches can be much worse
than unauthorized data access
• Due to the increasingly pervasive placement of IoT devices, privacy will be a major issue for
IoT
• Security and privacy will be required at all levels and across networks
• Regulatory and user requirements will often need to have localized data that is not available
for remote processing

Outline of Slides
・CPS Security Issues
・CPS Privacy
・CPS Security Frameworks
・Online Trust Alliance (OTA) Trust Framework and Resource Guide
・Open Web Application Security Project (OWASP) Slides
・CPS Use Cases Security

CPS Security Issues

Operational and Information Technology Security for IoT
From http://www.corporateperformancemanagement-hq.com/how-should-you-consider-the-iot-security-management-better-secure-the-application-layer/

CPS System of Systems Security Characteristics
From http://www.slideshare.net/pfroberts/cyber-physical-systems-boston-2015-1

CPS Security Topics
From http://icsd.i2r.a-star.edu.sg/cpss15/
• Adaptive attack mitigation for CPS
• Authentication and access control for CPS
• Availability, recovery and auditing for CPS
• Data security and privacy for CPS
• Embedded systems security
• EV charging system security
• Intrusion detection for CPS
• Key management in CPS
• Legacy CPS system protection
• Lightweight crypto and security
• SCADA security
• Security of industrial control systems
• Smart grid security
• Threat modeling for CPS
• Urban transportation system security
• Vulnerability analysis for CPS
• Wireless sensor network security

IoT Security Levels
From http://www.slideshare.net/DrDavidProbert/integrated-cybersecurity-and-the-internet-of-things

Recommended Interdisciplinary Design Areas from NIST
From https://s3.amazonaws.com/nist-sgcps/cpspwg/pwgglobal/CPS_PWG_Draft_Framework_for_Cyber-Physical_Systems_Release_0_8_September_2015.pdf

Cyber-Physical and Analog Design Layers from NIST

Recommended Design Considerations for CPS Security

Design Considerations for CPS Security continued

Challenges for Privacy and Security
From http://tinyurl.com/gv38c78

Responses toChallenges to Cyber-Physical System Security
mPCDs = Mobile Personal Communication Device
SNSS = Smart Networked Systems and Society

Online Trust Alliance’s (OTA)Vendor Best Practices for IoT Security
From https://otalliance.org/news-events/press-releases/internet-things-lacks-safety-today-opening-door-major-threats-tomorrow
• Making privacy policies readily available for review prior to product purchase,
download or activation.
• Encrypting or hashing all personally identiﬁable data both at rest and in motion.
• Disclosing prior to purchase a device’s data collection policies, as well as the impact
on the device’s key features if consumers choose not to share their data.
• Disclosing if the user has the ability to remove or make anonymous all personal
data upon discontinuing device or device end-of-life.
• Publishing a timeframe for support after the device/app is discontinued or replaced
by newer version.

From http://iot-datamodels.blogspot.com/2014/05/design-patterns-for-internet-of-things.html
Design Patterns for IoT Security from Michael Koster
• Access control using data models: semantic hyperlinks control access to resources
based on the embedded metadata
• Social to physical graph relationship: well deﬁned concepts of ownership and
access delegation between people, entities, and things
• PGP and asymmetric public-key cryptography on devices: ways of creating SSL
sessions and signing data between devices and applications
• DTLS over UDP: security for resource constrained devices
• End-to-end encryption: transmitting and storing encrypted data independent of
channel encryption
• Device Management: using device identity, registration, and secure key exchange

Device Level Security Requirements
From www.windriver.com/whitepapers/security-in-the-internet-of-things/wr_security-in-the-internet-of-things.pdf
• Secure Booting
• Access Control
• Device Authentication
• Firewalls or Intrusion Prevention System (IPS)
• Updates and Patches

Security for IoT in IERC
From www.internet-of-things-research.eu/pdf/IERC_Cluster_Book_2014_Ch.3_SRIA_WEB.pdf
DoS/DDOS attacks are already well understood for the current Internet, but the IoT is also
susceptible to such attacks and will require speciﬁc techniques and mechanisms to ensure that
transport, energy, city infrastructures cannot be disabled or subverted.
General attack detection and recovery/resilience to cope with IoT-speciﬁc threats, such as
compromised nodes, malicious code hacking attacks.
Cyber situation awareness tools/techniques will need to be developed to enable IoT-based
infrastructures to be monitored.Advances are required to enable operators to adapt the
protection of the IoT during the lifecycle
of the system and assist operators to take the most appropriate protective action during attacks.
The IoT requires a variety of access control and associated accounting schemes to support the
various authorisation and usage models that are required by users.The heterogeneity and diversity
of the devices/gateways that require access control will require new lightweight schemes to be
developed.
The IoT needs to handle virtually all modes of operation by itself without relying on human
control. New techniques and approaches e.g. from machine learning, are required to lead to a self-
managed IoT

Privacy for IoT from IERC
Cryptographic techniques that enable protected data to be stored processed and shared, without the
information content being accessible to other parties. Technologies such as homomorphic and
searchable encryption are potential candidates for developing such approaches.
Techniques to support Privacy by Design concepts, including data minimisation, identification,
authentication and anonymity.
Fine-grain and self-configuring access control mechanism emulating the real world. There are a
number of privacy implications arising from the ubiquity and pervasiveness of IoT devices where
further research is required, including
Preserving location privacy, where location can be inferred from things associated with people.
Prevention of personal information inference, that individuals would wish to keep private, through
the observation of IoT-related exchanges.
Keeping information as local as possible using decentralised computing and key management.
Use of soft Identities, where the real identity of the user can be used to generate various soft
identities for specific applications.Each soft identity can be designed for a specific context or
application without revealing unnecessary information, which can lead to privacy breaches

Trust for IoT from IERC
Lightweight Public Key Infrastructures (PKI) as a basis for trust management.Advances are expected in
hierarchical and cross certification concepts to enable solutions to address the scalability requirements.
Lightweight key management systems to enable trust relationships to be established and the distribution
of encryption materials using minimum communications and processing resources, as is consistent with
the resource constrained nature of many IoT devices.
Quality of Information is a requirement for many IoT-based systems where metadata can be used to
provide an assessment of the reliability of IoT data.
Decentralised and self-configuring systems as alternatives to PKI for establishing trust e.g. identity
federation, peer to peer.
Novel methods for assessing trust in people, devices and data, beyond reputation systems. One example
is Trust Negotiation.Trust Negotiation is a mechanism that allows two parties to automatically negotiate,
on the basis of a chain of trust policies, the minimum level of trust required to grant access to a service
or to a piece of information.
Assurance methods for trusted platforms including hardware, software, protocols, etc.
Access Control to prevent data breaches. One example is Usage Control, which is the process of
ensuring the correct usage of certain information according to a predefined policy after the access to
information is granted

IoT Security Concerns from HP
From http://www8.hp.com/h20195/V2/GetPDF.aspx/4AA5-4759ENW.pdf

Security Threats for IoT from Infineon
From http://www.slideshare.net/infineon/infineon-the-root-of-trust-for-the-internet-of-things

Attacks on IoT Devices
From https://www.researchgate.net/publication/252013823_Proposed_embedded_security_framework_for_Internet_of_Things_IoT

Potential Security Risks in IoT to Cloud Networks
From http://blog.imgtec.com/powervr/bringing-better-security-to-mobile-automotive-or-iot

Device Level Security Levels
From http://viodi.com/2015/04/26/summary-of-iot-sessions-at-2015-gsa-silicon-summit-part-i/

IoT Security Chain (Device to Data Center) from PRPL
From http://www.slideshare.net/axroh/cie-io-tsecurityarﬁnal

IoT Products Security Comparison by Veracode
From https://www.veracode.com/sites/default/ﬁles/Resources/Whitepapers/internet-of-things-whitepaper.pdf
1. User Facing Services Security
2. Device Facing Services Security
3. Mobile Application Interface Security
4. Device Debugging Interface Security

1. User Facing Cloud Services Security Comparison

2. Device Facing Cloud Services Security Comparison

3. Mobile Application Interface Security Comparison

4. Device Debugging Interface Security Comparison

CPS Privacy

Privacy Risks with IoT
From www.computerworld.com/article/3010626/internet-of-things/a-privacy-standard-for-internet-of-things-suppliers.html
• Prospective buyers of connected cars have heard the reports of hackers taking over
control of the vehicle, putting passengers at risk of an accident.They also worry about
others being able to remotely monitor conversations inside the vehicle, monitor
compliance with trafﬁc regulations and predict when and where they will be.
• Future consumers of smart homes — houses containing interconnected appliances,
smart meters and smart TVs — similarly worry about outside parties being able to
assume remote control of their living space, monitor activity, predict whereabouts and
also draw conclusions about what type of people they are based on their living
patterns.
• As wearables expand beyond tracking the number of steps per day into more
comprehensive health and wellness proﬁles integrated with smartphones and social
networks, users’ commentary and concern about the use and disclosure of their data
dossiers are increasing.

Industry Speciﬁc Privacy Standards with IoT
• Mobile-marketing industry’s Mobile Application Privacy Policy Framework
http://tinyurl.com/hjzwfnp
• Automaker’s Consumer Privacy Protection Principles forVehicle Technologies and Services
http://www.autoalliance.org/?objectid=865F3AC0-68FD-11E4-866D000C296BA163
• Agribusiness sector’s Privacy and Security Principles for Farm Data.
http://www.fb.org/tmp/uploads/PrivacyAndSecurityPrinciplesForFarmData.pdf

Required Privacy for IoT
1. Tested security. It’s one thing to adopt a set of security controls like the Payment Card Industry
Data Security Standard, designed to reduce credit card fraud. It’s another thing for those controls to
prevail in a sophisticated penetration test.The IoT would need to set the bar at this higher level to earn
maximum user trust.
2. Data minimization. IoT components should maintain default settings that use the minimum
amount of personal data to perform their service. Minimum can mean minimum types of data ﬁelds
collected and exposed to other devices as well as minimum periods of data retention.
3. Controlled and transparent disclosure. Law enforcement and national defense around the
world will seek to pursue their legitimate objectives within the IoT.Virtually every industry will seek to
track or analyze their end consumers as they move through the system.Trust in the whole enterprise
will collapse, however, if these pursuits are not counterbalanced with reliable disclosure controls that
are proportionate to the identiﬁed threat, and widely known and understood.
4. Data portability. Users won’t want any one node of the IoT ecosystem to accumulate too much
power by storing data in its own proprietary format.To bolster trust in the entire system, adopt a
common data format that allows users to port their data from one platform to the next.
5. Right to be forgotten.The IoT should be safe for the most vulnerable in society: children, victims
of crime and the poor.To protect their safety and thereby make the IoT the largest possible
marketplace, enable users to completely opt out by being able to withdraw their data.

CPS Security Frameworks

CPS Security Framework from China
From www.sersc.org/journals/IJSIA/vol9_no1_2015/17.pdf or
https://www.terraswarm.org/pubs/136/lu_newmultiframe_edge.pdf

Security Architecture Service Delivery Framework from Cap Gemini
From http://www.slideshare.net/JohnArnoldSec/security-architecture-frameworks

Architecture Reference Model based Security Framework for IoT
From http://www.mdpi.com/1424-8220/15/7/15611/htm

Architecture Interaction with Security Framework for IoT
From http://www.mdpi.com/1424-8220/15/7/15611/htm

Security Enclaves Management Structure from Cisco
From http://www.cisco.com/c/en/us/products/collateral/servers-uniﬁed-computing/ucs-manager/whitepaper-c07-731204.html

IoT Security Environment from Cisco
From http://www.cisco.com/web/about/security/intelligence/iot_framework.html

Secure IoT Framework from Cisco

Secure Features and Layering from IoT-A
From http://www.iot-a.eu/arm/d1.3/at_download/ﬁle

Security Framework from iCore Project
From http://www.sciencedirect.com/science/article/pii/S0167404815000887

Model-Based Security Kit (SecKit) based on ICore
From http://www.sciencedirect.com/science/article/pii/S0167404815000887

SecKit Metamodel and Dependencies
From http://www.internet-of-things-research.eu/pdf/Building_the_Hyperconnected_Society_IERC_2015_Cluster_eBook_978-87-93237-98-8_P_Web.pdf

Eurotech’s Security Approach
From http://www.slideshare.net/Eurotechchannel/iot-security-elements

EurotechEveryWareDeviceCloud(EDC)+SoftwareFramework(ESF)

EurotechEveryWareDeviceCloud+SoftwareFrameworkcontinued

Internet of Secure Things Framework
From http://embedded-computing.com/25942-leveraging-iot-security-to-improve-roi/

Floodgate Security Framework from Icon Labs
From http://www.iconlabs.com/prod/product-family/ﬂoodgate-security-framework

Secure Analytics for IoT Framework from Cisco
• This secure analytics layer defines the services by which all elements (endpoints and
network infrastructure, inclusive of data centers) may participate to provide telemetry
for the purpose of gaining visibility and eventually controlling the IoT/M2M ecosystem.
• With the maturity of big data systems, we can deploy a massive parallel database
(MPP) platform that can process large volumes of data in near real time.When we
combine this technology with analytics, we can do some real statistical analysis on the
security data to pick out anomalies.
• Further, it includes all elements that aggregate and correlate the information,
including telemetry, to provide reconnaissance and threat detection.Threat mitigation
could vary from automatically shutting down the attacker from accessing further
resources to running specialized scripts to initiate proper remediation.
• The data, generated by the IoT devices, is only valuable if the right analytics
algorithms or other security intelligence processes are defined to identify the threat.
We can get better analytical outcome by collecting data from multiple sources and
applying security profiles and statistical models that are built upon various layers of
security algorithms.

Security Cloud from Cisco
From https://techradar.cisco.com/pdf/cisco-technology-radar.pdf
Before
After

Security Options for Constrained Devices
From http://cnds.eecs.jacobs-university.de/slides/2013-im-iot-management.pdf

Security Boundaries from RTI
From http://www.slideshare.net/RealTimeInnovations/build-safe-and-secure-distributed-systems-39944271

Data Distribution ServiceTransport Security from RTI
From http://www.slideshare.net/RealTimeInnovations/build-safe-and-secure-distributed-systems-39944271

Open Trust Alliance (OTA)
Trust Framework and Resource Guid

Online Trust Alliance’s (OTA) Trust Framework
From https://otalliance.org/system/ﬁles/ﬁles/initiative/documents/iot_trust_framework_released_3-2-2016.pdf

Online Trust Alliance’s (OTA) Trust Framework continued
Security continued

Privacy, Disclosures, and Transparency Continued

Online Trust Alliance’s Trust Framework for IoT Resource Guide
From https://otalliance.org/system/ﬁles/ﬁles/initiative/documents/iot_trust_resource_guide_2-8.pdf

Online Trust Alliance’s Trust Framework for IoT Resource Guide
Security

OTA Trust Framework for IoT Resource Guide Continued
Security

OTA Trust Framework for IoT Resource Guide continued
Security

User Access and Credentials

Privacy, Transparency, & Disclosures

Privacy, Transparency, & Disclosures (16 continued)

Privacy, Transparency, & Disclosures (23 continued)

Open Web Application Security Project (OWASP)

SecurityNeedsfromOpenWebApplicationSecurityProject(OWASP)
From https://www.owasp.org/images/7/71/Internet_of_Things_Top_Ten_2014-OWASP.pdf
• The Internet of Things Device
• The Cloud
• The Mobile Application
• The Network Interfaces
• The Software
• Use of Encryption
• Use of Authentication
• Physical Security
• USB ports

OWASP Top Ten IoT Security Issues
1. Insecure Web Interface
2. Insufficient Authentication/Authorization
3. Insecure Network Services
4. Lack of Transport Encryption
5. Privacy Concerns
6. Insecure Cloud Interface
7. Insecure Mobile Interface
8. Insufficient Security Configurability
9. Insecure Software/Firmware
10. Poor Physical Security

1. Insecure Web Interface

2. Insufﬁcient Authentication/Authorization

3. Insecure Network Services

4. Lack of Transport Encryption

5. Privacy Concerns

6. Insecure Cloud Interface

7. Insecure Mobile Interface

8. Insufﬁcient Security Conﬁgurability

9. Insecure Software/Firmware

10. Poor Physical Security

CPS Use Cases Security

IoT Security Threats from Beecham Research
From http://www.smartgridnews.com/story/iot-presents-utilities-myriad-security-challenges/2015-05-12

Critical Cyber-Physical Systems Requiring Security
From www.slideshare.net/DrDavidProbert/integrated-cybersecurity-and-the-internet-of-things

Security Incidents by Sector in FY 2013 from DHS

IoT Use Case and Security from Infineon
From http://www.slideshare.net/infineon/infineon-the-root-of-trust-for-the-internet-of-things

Cyber Threats to Critical Infrastructure from GAO
From http://pserc.wisc.edu/documents/general_information/presentations/pserc_seminars/psercwebinars2012/Govindarasu_PSERC_Webinar_Slides_Feb_2012.pdf

Smart Grid Security = Info + Infrastructure + Application Security

Attacks on Smart Grid Cyber-Physical Systems

Smart City Multi-Layer Security Framework
From www.slideshare.net/DrDavidProbert/integrated-cybersecurity-and-the-internet-of-things

References
Inventory of all Bob Marcus CPS Slides on Slideshare
http://www.slideshare.net/bobmarcus/inventory-of-my-cps-slide-sets

Reference Links (CPS Security)
Designed-In Cybersecurity for CPS from Cyber-Security Research Alliance
http://www.cybersecurityresearch.org/documents/CSRA_Workshop_Report.pdf
Designed-in Security for CPS from IEEE Panel
http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6924670
Security of Cyber-Physical Systems Papers from CMU CyLab
https://www.cylab.cmu.edu/research/projects/research-area/security-cyber-physical.html
CPS Security Research at ADSC in Singapore
http://publish.illinois.edu/cps-security/
NSF/Intel Partnership in CPS Security and Privacy
http://www.nsf.gov/pubs/2014/nsf14571/nsf14571.htm
Challenges for Securing Cyber-Physical Systems from Berkeley CHESS
https://chess.eecs.berkeley.edu/pubs/601/cps-security-challenges.pdf
Secure Control Towards Survivable CPS from Berkeley
https://www.truststc.org/pubs/345/cardenas-SecureControl-v1.pdf
Security Issues and Challenges for Cyber Physical Systems from China
http://people.cis.ksu.edu/~danielwang/Investigation/CPS_Security_threat/05724910.pdf
Challenges in Security from USC
http://cimic.rutgers.edu/positionPapers/CPS-Neuman.pdf
Systems Theoretic Approach to the Security Threats in CPS from MIT
http://web.mit.edu/smadnick/www/wp/2014-13.pdf

Reference Links (CPS Security)
CPS Security Challenges and Research Idea from BBN
http://cimic.rutgers.edu/positionPapers/CPSS_BBN.pdf
IoT Botnet
http://internetofthingsagenda.techtarget.com/deﬁnition/IoT-botnet-Internet-of-Things-botnet
Privacy Standards for IoT
http://www.computerworld.com/article/3010626/internet-of-things/a-privacy-standard-for-internet-of-things-suppliers.html
Building the Bionic Cloud
http://www.digitalgovernment.com/media/Downloads/asset_upload_ﬁle194_5802.pdf
How the Internet of Things could be fatal
http://www.cnbc.com/2016/03/04/how-the-internet-of-things-could-be-fatal.html
Hippocratic Oath for Medical Devices
https://www.iamthecavalry.org/wp-content/uploads/2016/01/I-Am-The-Cavalry-Hippocratic-Oath-for-Connected-Medical-Devices.pdf
Hierarchical Security Architecture for Cyber-Physical Systems
https://inldigitallibrary.inl.gov/sti/5144319.pdf
A Systematic View of Studies in Cyber-Physical System Security
http://www.sersc.org/journals/IJSIA/vol9_no1_2015/17.pdf
Why IoT Security is so Critical
http://techcrunch.com/2015/10/24/why-iot-security-is-so-critical/#.j1xovjh:VRMg
Open Web Application Security Project
https://www.owasp.org/index.php/Main_Page
PRPL Foundation
http://prplfoundation.org/overview/
OpenWrt
https://en.wikipedia.org/wiki/OpenWrt

Reference Links (CPS Security) continued
Online Trust Alliance (OTA) IoT Initiatives
https://otalliance.org/initiatives/internet-things
TerraSwarm
http://www.terraswarm.org/
Secure Internet of Things Project Publications
http://iot.stanford.edu/pubs.html
Internet of Things Privacy and Security in a Connected World Report from U.S. Federal Trade Commission(FTC)
https://www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf
Best Practices in CyberSecurity from the U.S. National Highway Traffic Safety Administration (NHTSA)
http://tinyurl.com/zhpojlp
Cybersecurity through Real-Time Distributed Control System
http://web.ornl.gov/sci/electricdelivery/pdfs/ORNL_Cybersecurity_Through_Real-Time_Distributed_Control_Systems.pdf
ISO/IEC 27108 Privacy Standard and Microsoft Support
http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=61498
http://blogs.microsoft.com/on-the-issues/2015/02/16/microsoft-adopts-first-international-cloud-privacy-standard/
Surveillance through IoT
http://www.theregister.co.uk/2016/02/09/clapper_says_iot_good_for_intel/
Nanotechnology, Ubiquitous Computing and the IoT - Challenges to the Rights of Privacy and Data Protection for Council of Europe
https://www.coe.int/t/dghl/standardsetting/dataprotection/Reports/Miller%20Kearnes%20-%20Nano%20privacy%20Draft%20report%20%2017%2005%202013.pdf
NIST supported research on IoT Security for Homes and Transit Systems by Galois
https://galois.com/news/tozny-awarded-nist-grant-to-secure-iot-enabled-smart-homes-and-transit-systems/

Security in Cyber-Physical Systems

Security in Cyber-Physical Systems

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados(20)

Similar a Security in Cyber-Physical Systems

Similar a Security in Cyber-Physical Systems(20)

Último

Último(20)

Security in Cyber-Physical Systems