Handbook on Securing Cyber-Physical Critical Infrastructure
eBook - ePub

Handbook on Securing Cyber-Physical Critical Infrastructure

  1. 848 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Handbook on Securing Cyber-Physical Critical Infrastructure

About this book

The worldwide reach of the Internet allows malicious cyber criminals to coordinate and launch attacks on both cyber and cyber-physical infrastructure from anywhere in the world. This purpose of this handbook is to introduce the theoretical foundations and practical solution techniques for securing critical cyber and physical infrastructures as well as their underlying computing and communication architectures and systems. Examples of such infrastructures include utility networks (e.g., electrical power grids), ground transportation systems (automotives, roads, bridges and tunnels), airports and air traffic control systems, wired and wireless communication and sensor networks, systems for storing and distributing water and food supplies, medical and healthcare delivery systems, as well as financial, banking and commercial transaction assets. The handbook focus mostly on the scientific foundations and engineering techniques – while also addressing the proper integration of policies and access control mechanisms, for example, how human-developed policies can be properly enforced by an automated system. - Addresses the technical challenges facing design of secure infrastructures by providing examples of problems and solutions from a wide variety of internal and external attack scenarios - Includes contributions from leading researchers and practitioners in relevant application areas such as smart power grid, intelligent transportation systems, healthcare industry and so on - Loaded with examples of real world problems and pathways to solutions utilizing specific tools and techniques described in detail throughout

Trusted by 375,005 students

Access to over 1.5 million titles for a fair monthly price.

Study more efficiently using our study tools.

Information

Publisher
Morgan Kaufmann
Year
2012
Print ISBN
9780124158153
eBook ISBN
9780124159105
Topic
Computer Science
Subtopic
Human Resource Management
Index
Computer Science

PART I

Theoretical Foundations

Introduction
Chapter 1 Security and Vulnerability of Cyber-Physical Infrastructure Networks
Chapter 2 Game Theory for Infrastructure Security
Chapter 3 An Analytical Framework for Cyber-Physical Networks
Chapter 4 Evolution of Widely Spreading Worms and Countermeasures
As discussed in the previous introductory chapter, we live in a cyber–physical world which we desire to understand (sense), serve (via computation and communication), and control. With the technological advances of wireless communications, sensors, smart devices, embedded computing/control, and pervasive computing, it is possible to build complex cyber–physical infrastructure and smart environments, and these systems indeed abound in our daily lives. Due to their scale and complexity, such systems are vulnerable to a variety of attacks and threats. Therefore, robust design and secure management (monitoring and control) of cyber–physical infrastructure are crucial albeit extremely challenging.
With the goal of understanding and analyzing uncertainty in securing complex systems, Part I of this handbook consisting of four chapters attempts to build a solid theoretical foundation for security of cyber–physical networks and systems. The underlying concepts are developed on foundations in control theory, graph theory, game theory, and epidemic theory, and aim to provide a holistic perspective on security that considers both the cyber and physical worlds (see Figure 1). Other traditional techniques that do not explicitly consider cyber and physical aspects together (like cryptography or encryption of communications [3, 4, 68], robust control of physical components [2], or stochastic theory) are not in the scope of this part.
image
Figure 1 Foundations of cyber–physical systems.
Chapter 1 titled “Security and Vulnerability of Cyber–Physical Infrastructure Networks: A Control-Theoretic Approach” is motivated by the increasing need for developing automated decision support tools for cyber–physical networks (e.g., transportation, electric power grid, and health care) that are subject to uncertainties and adversarial attacks at multiple spatial and temporal scales. This chapter develops a new control theoretic framework that defines and characterizes the interplay between security and vulnerability in such systems. More precisely, the framework proposes holistic definitions for security and vulnerability; broadly applicable models for natural adversaries (uncertainties), sentient adversaries, and their interactions with system planners; and pointers to network control theory tools that may help to evaluate security and vulnerability according to these definitions. In developing the framework, the adversaries are conceptualized as seeking to estimate and/or actuate the physical dynamics of the networks, through measurement or modification of only a few network components at the cyber or physical level. As such, the adversary's ability to estimate/actuate the network dynamics is critically dependent on its topology or graph structure, and understanding this dependence is central to mitigating the adversarial behavior. To this end, this chapter develops abstract linear dynamical network models specified on a graph, for the physical and information-flow dynamics of a network. Security and vulnerability are defined thereof, as an adversary's perhaps intertwined ability to estimate and actuate critical aspects of the network dynamics, respectively, using localized measurements. As a canonical case study, the proposed formalisms are applied to air traffic management systems, a prototypical complex cyber–physical network.
Chapter 2 titled “Game Theory for Infrastructure Security: The Power of Intent-Based Adversary Models” deals with game formulations for modeling adversarial threats in distributed information sharing involving autonomous entities. Traditional adversary models are assumed to be behavior based or semi-honest – those that run the protocol exactly as specified (i.e., without any deviations), but may try to learn about the input of other entities from their views of the protocol. However, it is rather hard to determine whether an entity has the capability to change its input database or deviate from the protocol in real-world applications, thus making it difficult to defend against arbitrarily behaving adversaries. This chapter eliminates the constraints on the behavior of entities, and thereby formulates and analyzes the power of intent-based adversary model to obtain more accurate results without compromising other entities' private information. The developed game theory solution is applied to two important infrastructure security applications, namely anomaly detection and anonymous communication.
Chapter 3 titled “An Analytical Framework for Cyber–Physical Networks” discusses an important class of detection, identification, and tracking of spatial phenomena (DITSP) tasks, whose network solutions are necessarily cyber–physical in nature. For these tasks, spatially distributed sensors “measure” the physical phenomenon in space and time, and a network of computation, communication, and data nodes process the measurements to generate actionable information for decision making. This chapter presents an analytical framework to guide the design and implementation of Cyber–Physical Networks (CPN) in the aspects of modality selection of sensors; placement of sensors and computation modules for effective coverage; fusion of multimodal data in a unifying projective space for consolidated information; and robust estimation and optimization of model parameters by Bayesian and empirical methods. The robustness of the CPN, in the face of natural disruptions and intentional attacks [9], is characterized and analyzed in this chapter by using a game-theoretic approach. Equilibrium strategies of the attackers and defenders provide guidance on the survivability of the CPN for different budgets and cost models. These game-theoretic models are static and discrete, and the analysis of several real-life infrastructures requires dynamic continuous models, based on possibly incomplete and/or false information [1]. This framework for DITSP tasks captures only a small set of cyber–physical interactions, and other applications may require a more unified integration of the physical dynamics and computations [5].
Chapter 4 titled “Evolution of Widely Spreading Worms and Countermeasures: Epidemic Theory and Application” is motivated by the facts that cyber–physical infrastructure is commonly relying on computers and networks, and worm propagation could cause a significant damage to the infrastructure. For example, in September 2010, “Stuxnet” worm was able to exploit a Microsoft Windows vulnerability to break into power grid control systems. A...

Table of contents

  1. Cover Image
  2. Content
  3. Title
  4. Copyright
  5. Dedication
  6. About the Authors
  7. Contributors
  8. Foreword
  9. Securing Cyber-Physical Infrastructure Perspectives and Overview of the Handbook
  10. PART I. Theoretical Foundations
  11. PART II. Security for Wireless Mobile Networks
  12. PART III. Security for Sensor Networks
  13. PART IV. Platform Security
  14. PART V. Cloud Computing and Data Security
  15. PART VI. Event Monitoring and Situation Awareness
  16. PART VII. Policy Issues in Security Management
  17. PART VIII. Security in Real-World Systems
  18. Index

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.5M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1.5 million books across 990+ topics, we’ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Handbook on Securing Cyber-Physical Critical Infrastructure by Sajal K Das,Krishna Kant,Nan Zhang in PDF and/or ePUB format, as well as other popular books in Computer Science & Human Resource Management. We have over 1.5 million books available in our catalogue for you to explore.