Cyber-physical System Experimentation Using DETER

DeterLab provides the capability to conduct risk evaluations of cyber-physical systems where the controllable variables range from IP level dynamics to introduction of malicious entities such as DDoS attacks. I recently co-authored an article published in the IEEE Magazine that discusses how the cyber aspects and the physical aspects of such systems can be integrated together to provide a CPS risk assessment environment.

In our article, titled "In the Quest of Benchmarking Security Risks to Cyber-Physical Systems",  we present a generic yet practical framework for assessing security risks to cyber-physical systems. Our framework can be used to benchmark security risks when information is less than perfect, and interdependencies of physical and computational components may result in correlated failures. We focus on the risks that arise from interdependent reliability failures (faults) and security failures (attacks).

We advocate that a sound assessment of these risks requires explicit modeling of the effects of both technology-based defenses and institutions necessary for supporting them. Our game-theoretic approach to estimate security risks allows designing defenses that consider fault-tolerant control along with institutional structures.

Click here for a copy of the article.