摘要
Cyber-physical systems(CPSs) are integrations of networks, computation and physical processes, where embedded computing devices continually sense, monitor, and control the physical processes through networks. Networked industrial processes combining internet, real-time computer control systems and industrial processes together are typical CPSs. With the increasingly frequent cyber-attack, security issues have gradually become key problems for CPSs. In this paper, a cyber-physical system security protection approach for networked industrial processes, i.e., industrial CPSs, is proposed. In this approach, attacks are handled layer by layer from general information technology(IT) security protection, to active protection, then to intrusion tolerance and physical security protection. The intrusion tolerance implemented in real-time control systems is the most critical layer because the real time control system directly affects the physical layer. This novel intrusion tolerance scheme with a closed loop defense framework takes into account the special requirements of industrial CPSs. To illustrate the effectiveness of the CPS security protection approach, a networked water level control system is described as a case study in the architecture analysis and design language(AADL) environment. Simulation results show that 3 types of injected attacks can be quickly defended by using the proposed protection approach.
Cyber-physical systems(CPSs) are integrations of networks, computation and physical processes, where embedded computing devices continually sense, monitor, and control the physical processes through networks. Networked industrial processes combining internet, real-time computer control systems and industrial processes together are typical CPSs. With the increasingly frequent cyber-attack, security issues have gradually become key problems for CPSs. In this paper, a cyber-physical system security protection approach for networked industrial processes, i.e., industrial CPSs, is proposed. In this approach, attacks are handled layer by layer from general information technology(IT) security protection, to active protection, then to intrusion tolerance and physical security protection. The intrusion tolerance implemented in real-time control systems is the most critical layer because the real time control system directly affects the physical layer. This novel intrusion tolerance scheme with a closed loop defense framework takes into account the special requirements of industrial CPSs. To illustrate the effectiveness of the CPS security protection approach, a networked water level control system is described as a case study in the architecture analysis and design language(AADL) environment. Simulation results show that 3 types of injected attacks can be quickly defended by using the proposed protection approach.
基金
supported by Natural Science Foundation of China(Nos.61272204 and 61433006)
the Fundamental Research Funds for the Central Universities,China(No.2013ZZGH006)
