Runtime Integrity for Cyber-Physical Infrastructures

Abstract : Cyber-physical systems integrate cyber capabilities (e.g., communications and computing) with physical devices (e.g., sensors, actuators and control processing units). Many of these systems support safety-critical applications such as electric power grids, water distribution systems and transportation systems. Failures of these systems can cause irreparable damage to equipment and injury or death to humans. While most of the efforts to protect the systems have focused on reliability, there are urgent concerns regarding malicious attacks. Trusted computing is a security paradigm that enables platforms to enforce the integrity of execution targets (code and data). However, protection under this paradigm is restricted to static threats.This chapter proposes a dynamic framework that addresses runtime integrity threats that target software programs in cyber-physical systems. It is well known that the attack surface of a multi-functional program (Swiss-army knife) can be much larger than the sum of the surfaces of its single-function components (e.g., the composition of programs that are secure in isolation is not necessarily secure). The proposed framework addresses this issue using calibration techniques that constrain the functionality of programs to the strict specifications of the cyber-physical application, thus steering execution flow away from the attack surface. Integrity is assured by verifying the calibration, while the burden of validation rests with system designers. The effectiveness of the approach is demonstrated by presenting a prototype for call integrity.
Type de document :
Communication dans un congrès
Mason Rice; Sujeet Shenoi. 9th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2015, Arlington, VA, United States. IFIP Advances in Information and Communication Technology, AICT-466, pp.153-167, 2015, Critical Infrastructure Protection IX. 〈10.1007/978-3-319-26567-4_10〉
Liste complète des métadonnées

Littérature citée [29 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01431000
Contributeur : Hal Ifip <>
Soumis le : mardi 10 janvier 2017 - 14:55:53
Dernière modification le : mercredi 11 janvier 2017 - 16:01:50
Document(s) archivé(s) le : mardi 11 avril 2017 - 15:16:33

Fichier

978-3-319-26567-4_10_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Jonathan Jenkins, Mike Burmester. Runtime Integrity for Cyber-Physical Infrastructures. Mason Rice; Sujeet Shenoi. 9th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2015, Arlington, VA, United States. IFIP Advances in Information and Communication Technology, AICT-466, pp.153-167, 2015, Critical Infrastructure Protection IX. 〈10.1007/978-3-319-26567-4_10〉. 〈hal-01431000〉

Partager

Métriques

Consultations de la notice

39

Téléchargements de fichiers

26