Cybersecurity for Cyber-Physical Systems

Report on Current Developments in Cybersecurity for Cyber-Physical Systems

General Direction of the Field

The recent advancements in cybersecurity for cyber-physical systems (CPS) are notably focused on enhancing resilience against a variety of sophisticated attacks, particularly those that exploit hardware vulnerabilities and communication channels. The field is moving towards more integrated and adaptive security frameworks that not only detect and mitigate known threats but also anticipate and defend against emerging attack vectors. Key areas of innovation include the development of novel detection mechanisms, the implementation of advanced control strategies, and the creation of software-driven solutions that address underlying hardware vulnerabilities.

One of the primary trends is the shift from reactive to proactive security measures. This involves the creation of systems that can dynamically adapt to new threats without human intervention, leveraging machine learning and other AI-driven techniques to identify anomalies and respond in real-time. Additionally, there is a growing emphasis on the development of covert channel detection and mitigation strategies, as these channels pose significant risks to the integrity and confidentiality of data in CPS.

Another significant development is the integration of multi-layered security approaches that combine hardware and software solutions. This hybrid approach aims to provide comprehensive protection by addressing vulnerabilities at both the physical and digital levels. For instance, new memory allocation strategies are being designed to prevent hardware-based exploits like Rowhammer, while simultaneously enhancing the system's overall security posture.

The field is also witnessing a surge in research on resilient control systems that can maintain functionality even under attack. These systems often incorporate redundancy and switching mechanisms to ensure continuous operation, even when some components are compromised. Furthermore, there is a strong focus on developing fault-tolerant control schemes that can detect and counteract both cyber and physical faults, thereby enhancing the overall robustness of CPS.

Noteworthy Innovations

  1. USBIPS Framework: Introduces a behavior-based detection mechanism and an allowlisting-based access control for USB peripherals, providing persistent protection against USB-based intrusions.

  2. Perfectly Undetectable False Data Injection Attacks: Highlights the vulnerability of bilateral teleoperation systems to undetectable attacks, emphasizing the need for advanced security measures in teleoperation systems.

  3. MeMoir: Presents a novel software-driven covert channel based on memory usage, along with a machine learning-based detector and a noise-based countermeasure to mitigate such attacks.

  4. Citadel: Proposes a low-cost, domain-aware memory allocation strategy to prevent Rowhammer exploits, offering a flexible and deployable solution with minimal overhead.

  5. Time Constant: Develops a unique actuator fingerprinting technique using transient response, enhancing resilience against command injection and replay attacks in CPS.

Sources

USBIPS Framework: Protecting Hosts from Malicious USB Peripherals

Perfectly Undetectable False Data Injection Attacks on Encrypted Bilateral Teleoperation System based on Dynamic Symmetry and Malleability

MeMoir: A Software-Driven Covert Channel based on Memory Usage

The system dynamics analysis, resilient and fault-tolerant control for cyber-physical systems

Combining Switching Mechanism with Re-Initialization and Anomaly Detection for Resiliency of Cyber-Physical Systems

Preventing Rowhammer Exploits via Low-Cost Domain-Aware Memory Allocation

Time Constant: Actuator Fingerprinting using Transient Response of Device and Process in ICS

Optimal Denial-of-Service Attacks Against Partially-Observable Real-Time Monitoring Systems

Built with on top of