Resilient Metro-scale Smart Structures: Challenges & Future Directions

Mike Burmester, Jorge Munilla

Abstract

Smart structures are highly inter-connected adaptive systems that are coordinated by cyber systems to optimize specific system objectives. In this paper we consider the challenges for securing metro-scale smart structures. We use a threat model that allows for untrusted behavior to capture realistic IoT scenarios, and discuss vulnerabilities, exploits and attack vectors. Resilience is defined in terms of stability, resistance to damage and self-healing. To illustrate the challenges of capturing resilience we consider two very different applications: supply chain logistics and smart grids. Both are mixed latency and throughput sensitive, each in their own particular way. The first involves scanning RFID tagged objects in pallets. An untrusted RFID reader is given a one-time authenticator to inspect a pallet and identify any missing objects; and, if there are no missing objects, compile a proof of integrity. The reader should not be able to trace objects via unauthorized inspections (privacy). This application uses RS erasure codes that are more appropriate for memory constrained RFID tags. The second application involves securing industrial substation automation systems. These are particularly vulnerable to cyber attacks, and HIL testbeds are used for real-time multilayer vulnerability analysis. For metro-scale applications we propose virtualized testbeds that are portable and suitable for onsite incidence response. For each application we show how metro-scale analytics are used to capture resiliency.

References

  1. Abadi, M., Budiu, M., Erlingsson, Ý ., and Ligatti, J. (2009). Control-flow integrity principles, implementations, and applications. ACM Transactions on Information and System Security (TISSEC), 13(1):4.
  2. Redwood, W.O., Reynolds, J., and Burmester, M. (2016). Soft ICS Testbeds: A Simulated Physics and Embedded Virtualization Integration (SPAEVI) Methodology. In Rice, M. and Shenoi, S. editors, Critical Infrastructure protection X, Springer.
  3. Burmester, M. and Munilla, J. (2016). An Anonymous RFID Grouping-Proof with Missing Tag Identification. 10th IEEE International Conference on RadioFrequency Identification, 3-5 May, Orlando. U.S.A.
  4. Beaver, D. (1989). Multiparty protocols tolerating half faulty processors. In Brassard, G., editor, Advances in Cryptology - CRYPTO 7889, 9th Annual International Cryptology Conference, Santa Barbara, California, USA, August 20-24, 1989, Proceedings, volume 435 of Lecture Notes in Computer Science, pages 560-572. Springer.
  5. Ben Mabrouk, N. and Couderc, P. (2015). EraRFID: Reliable RFID systems using erasure coding. In RFID, 2015 IEEE International Conference, pages 121-128.
  6. Burmester, M., de Medeiros, B., and Motta, R. (2008). Provably Secure Grouping-Proofs for RFID Tags. In Grimaud, G. and Standaert, F.-X., editors, CARDIS, volume 5189 of Lecture Notes in Computer Science, pages 176-190. Springer.
  7. Burmester, M., Magkos, E., and Chrissikopoulos, V. (2012). Modeling Security in Cyber-Physical Systems. International Journal of Critical Infrastructure Protection (IJCIP), 5(3-4):118-126.
  8. Burmester, M. and Munilla, J. (2013). Security and Trends in Wireless Identification and Sensing Platform Tags: Advancements in RFID, chapter RFID Grouping-Proofs. IGI Global.
  9. Canetti, R. (2001). Universally composable security: a new paradigm for cryptographic protocols. Proceedings, 42nd IEEE Symposium on In Foundations of Computer Science, Foundations of Computer Science, pages 136-145.
  10. Chien, H.-Y., Yang, C.-C., Wu, T.-C., and Lee, C.-F. (2009). Two rfid-based solutions to enhance inpatient medication safety. Journal of Medical Systems.
  11. EPC-Global (2015). Radio-Frequency Identity Protocols, Generation-2.V2. UHF RFID. Technical report.
  12. Guidry, D., Burmester, M., Yuan, X., Liu, X., Jenkins, J., and Easton, S. (2012). Techniques for securing substation automation systems. In 7th Int. Workshop on Crit. Inform. Infrastr. Secur.(CRITIS).
  13. Huang, H.-H. and Ku, C.-Y. (2008). A RFID grouping proof protocol for medication safety of inpatient. Journal of Medical Systems.
  14. ICS-CERT (2015). Cyber Threat Source Descriptions. Industrial Control Systems, Cyber Emergency Response Team.
  15. IEC61850 (2007). Parts 1-10, Power Utility Automation. http://www.iec.ch/smartgrid/standards/.
  16. IEC62351 (2015). Parts 1-8, Information Security for Power System Control Operations. http://www.iec.ch/ smartgrid/standards/.
  17. Juels, A. (2004). “Yoking-proofs” for RFID tags. In PERCOMW 7804: Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, pages 138-142, Washington, DC, USA. IEEE Computer Society.
  18. Juels, A. (2006). Generalized “yoking-proofs” for a group of RFID tags. In MOBIQUITOUS 2006.
  19. Kapoor, G. and Piramuthu, S. (2012). Single RFID Tag Ownership Transfer Protocols. IEEE Transactions on Systems, Man, and Cybernetics, Part C, 42(2):164- 173.
  20. Langer, R. (2011). Cracking Stuxnet, a 21st-century cyber weapon. Entertainment and Design.
  21. Liu, H., Ning, H., Zhang, Y., He, D., Xiong, Q., and Yang, L. T. (2013). Grouping-proofs-based authentication protocol for distributed RFID systems. IEEE Trans. Parallel Distrib. Syst., 24(7):1321-1330.
  22. Miller, J. H. and Page, S. E. (2009). Complex Adaptive Systems: An Introduction to Computational Models of Social Life. Princeton University Press.
  23. Munilla, J., Guo, F., and Susilo, W. (2013). Cryptanalysis of an EPCC1G2 Standard Compliant Ownership Transfer Protocol. Wireless Pers Commun, (72):245-258.
  24. Piramuthu, S. (2006). On existence proofs for multiple RFID tags. IEEE Int. Conf. Pervasive Services, Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing - SecPerU 2006, Lyon, France. IEEE, IEEE Computer Society Press.
  25. RAE (2012). Smart infrastructure: the future, The Royal Academy of Engineering. ISBN 1-903496-79-9.
  26. RFC6816 (2013). Simple Low-Density Parity Check (LDPC) Staircase Forward Error Correction (FEC) Scheme for FECFRAME.
  27. RFC6865 (2013). Simple Reed-Solomon Forward Error Correction (FEC) Scheme for FECFRAME.
  28. Roemer, R., Buchanan, E., Shacham, H., and Savage, S. (2012). Return-oriented programming: Systems, languages, and applications. ACM Transactions on Information and System Security (TISSEC), 15(1):2.
  29. Saito, J. and Sakurai, K. (2005). Grouping proof for RFID tags. In 19th International Conference on Advanced Information Networking and Applications, AINA 2005., volume 2, pages 621-624.
  30. Sato, Y., Igarashi, Y., Mitsugi, J., Nakamura, O., and Murai, J. (2012). Identification of missing objects with group coding of RF tags. In RFID, 2012 IEEE International Conference on, pages 95-101.
  31. SP800-115 (2008). NIST, Technical Guide to Information Security Testing and Assessment.
  32. Standaert, F.-X., Malkin, T. G., and Yung, M. (2009). A unified framework for the analysis of side-channel key recovery attacks. In Advances in CryptologyEUROCRYPT 2009, pages 443-461. Springer.
  33. Su, Y. and Wang, C. (2015). Design and analysis of unequal missing protection for the grouping of rfid tags. Communications, IEEE Transactions on, PP(99):1-1.
  34. Su, Y.-S. (2014). Extended Grouping of RFID Tags Based on Resolvable Transversal Designs. Signal Processing Letters, IEEE, 21(4):488-492.
  35. Su, Y.-S., Lin, J.-R., and Tonguz, O. K. (2013). Grouping of RFID Tags via Strongly Selective Families. IEEE Communications Letters, 17(6):1120 - 1123.
  36. Su, Y.-S. and Tonguz, O. K. (2013). Using the Chinese Remainder Theorem for the Grouping of RFID Tags. Communications, IEEE Transactions on, 61(11): 4741-4753.
  37. The White House (2013). Executive Order, Improving Critical Infrastructure Cybersecurity. Office of the Press Secretary.
  38. Yampolskiy, M., Horvath, P., Koutsoukos, X. D., Xue, Y., and Sztipanovits, J. (2013). Taxonomy for description of cross-domain attacks on cps. In Proceedings, 2nd ACM International Conference on High Confidence Networked Systems, pages 135-142. ACM.
Download


Paper Citation


in Harvard Style

Burmester M. and Munilla J. (2016). Resilient Metro-scale Smart Structures: Challenges & Future Directions . In Proceedings of the International Conference on Internet of Things and Big Data - Volume 1: IoTBD, ISBN 978-989-758-183-0, pages 137-147. DOI: 10.5220/0005922501370147


in Bibtex Style

@conference{iotbd16,
author={Mike Burmester and Jorge Munilla},
title={Resilient Metro-scale Smart Structures: Challenges & Future Directions},
booktitle={Proceedings of the International Conference on Internet of Things and Big Data - Volume 1: IoTBD,},
year={2016},
pages={137-147},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005922501370147},
isbn={978-989-758-183-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Internet of Things and Big Data - Volume 1: IoTBD,
TI - Resilient Metro-scale Smart Structures: Challenges & Future Directions
SN - 978-989-758-183-0
AU - Burmester M.
AU - Munilla J.
PY - 2016
SP - 137
EP - 147
DO - 10.5220/0005922501370147