Towards a Science of Attack Composition, Mitigation and Verification in Cyber Physical Systems- A Passivity Based Approach
Cyber-physical systems (CPS) have become increasingly prevalent in appli- cations including health care, energy, and transportation. The tight coupling between cyber and physical components of CPS implies that cyber attacks can degrade the safety, availability, and performance of physical components. The cyber components also introduce multiple entry points to the CPS, lowering the cost of attacks compared to purely physical systems. When one or more attacks occur simultaneously, a scientific approach is needed for modeling and composing the attacks and developing effective mitigation strategies. Currently, however, developing such an ap- proach is an open research problem in the Science and Technology of CPS domain.
We propose to research and develop a passivity-based framework for modeling, composing, and mitigating attacks on cyber-physical systems, as well as bisimulation verification of models and mitigation. Passivity is an energy dissipation property of dynamical systems that provides basic rules for composition and analysis of interconnected systems. The proposed effort will address the following problems: (a) Research and development of passive dynamical models of attacks, as well as characterization of the class of attacks that admit a passive representation; (b) Investigation and development of passivity-based composition rules and decomposition transformations, enabling identification of new attack variants and their mitigation strategies; (c) Research and development of approximate bisimulation techniques for verification of composed adversary models and miti- gation strategies; and (d) Validation and prototyping of the proposed models through experimental testbed.