All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, except as permitted by law. Advice on how to obtain permision to reuse material from this title is available at http://www.wiley.com/go/permissions.
The right of Houbing Song, Glenn A. Fink and Sabina Jeschke to be identified as the Editors of the editorial material in this work has been asserted in accordance with law.
Registered Offices
John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, USA
John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex, PO19 8SQ, UK
Editorial Office
The Atrium, Southern Gate, Chichester, West Sussex, PO19 8SQ, UK
For details of our global editorial offices, customer services, and more information about Wiley products visit us at www.wiley.com.
Wiley also publishes its books in a variety of electronic formats and by print-on-demand. Some content that appears in standard print versions of this book may not be available in other formats.
Limit of Liability/Disclaimer of Warranty
While the publisher and authors have used their best efforts in preparing this work, they make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives, written sales materials or promotional statements for this work. The fact that an organization, website, or product is referred to in this work as a citation and/or potential source of further information does not mean that the publisher and authors endorse the information or services the organization, website, or product may provide or recommendations it may make. This work is sold with the understanding that the publisher is not engaged in rendering professional services. The advice and strategies contained herein may not be suitable for your situation. You should consult with a specialist where appropriate. Further, readers should be aware that websites listed in this work may have changed or disappeared between when this work was written and when it is read. Neither the publisher nor authors shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.
Library of Congress Cataloging-in-Publication Data
Title: Security and privacy in cyber-physical systems : foundations, principles, and applications / edited by Houbing Song, Glenn A. Fink, Sabina Jeschke.
Description: First edition. | Chichester, UK ; Hoboken, NJ : John Wiley & Sons, 2017. | Includes bibliographical references and index. |
Identifiers: LCCN 2017012503 (print) | LCCN 2017026821 (ebook) | ISBN 9781119226055 (pdf) | ISBN 9781119226062 (epub) | ISBN 9781119226048 (cloth)
Subjects: LCSH: Computer networks-Security measures. | Data protection.
Institute for Communication Technologies and Embedded Systems
RWTH Aachen University
Aachen
Germany
Naim Bajcinca
University of Kaiserslautern
Kaiserslautern
Germany
Paolo Bellavista
Computer Science and Engineering Department (DISI)
University of Bologna
Bologna
Italy
Aida Čaušević
Mälardalen University
Västerås
Sweden
Antonio Celesti
Department of Engineering
University of Messina
Messina
Italy
Cary E. Crawford
Oak Ridge National Laboratory
Nuclear Science and Engineering Directorate
USA
Guido Dartmann
Environmental Campus Birkenfeld
University of Applied Sciences Trier
Hoppstädten-Weiersbach
Germany
Mehmet Ö. Demir
Faculty of Electrical and Electronics Engineering
Istanbul Technical University
Istanbul
Turkey
Jean Philippe Ducasse
Digital and Global Team
U.S. Postal Service Office of Inspector General
Arlington, VA
USA
Thomas W. Edgar
Pacific Northwest National Laboratory
National Security Directorate
USA
Maria Fazio
Department of Engineering
University of Messina
Messina
Italy
Glenn A. Fink
Pacific Northwest National Laboratory
National Security Directorate
USA
Hossein Fotouhi
Mälardalen University
Västerås
Sweden
Linqiang Ge
Department of Computer Science
Georgia Southwestern State University
USA
Nada Golmie
Wireless Network Division
National Institute of Standards and Technology
USA
David Griffith
Wireless Network Division
National Institute of Standards and Technology
USA
Md. Mahmud Hasan
School of Electrical Engineering and Computer Science
University of Ottawa
Ottawa, ON
Canada
Martin Henze
Communication and Distributed Systems
RWTH Aachen University
Aachen
Germany
Jens Hiller
Communication and Distributed Systems
RWTH Aachen University
Aachen
Germany
Christopher M. Hoxie
Georgetown University School of Law
Washington, DC
USA
René Hummen
Communication and Distributed Systems
RWTH Aachen University
Aachen
Germany
Jiong Jin
School of Software and Electrical Engineering
Swinburne University of Technology
Melbourne
Australia
Jaspreet Kaur
Department of Cyber Security
Fraunhofer FKIE
Bonn
Germany
Sye L. Keoh
School of Computing Science
University of Glasgow
Glasgow
UK
Hajoon Ko
Harvard John A. Paulson School of Engineering and Applied Sciences
Harvard University
Cambridge, MA
USA
Alexandra Kobekova
Department of Cyber Security
Fraunhofer FKIE
Bonn
Germany
Jeff Kosseff
Cyber Science Department
United States Naval Academy
Annapolis, MD
USA
Gunes K. Kurt
Faculty of Electrical and Electronics Engineering
Istanbul Technical University
Istanbul
Turkey
Hendrik Laux
Institute for Communication Technologies and Embedded Systems
RWTH Aachen University
Aachen
Germany
Don Llewellyn
Washington State University
Benton County Extension
USA
Francesco Longo
Department of Engineering
University of Messina
Messina
Italy
Volker Lücken
Institute for Communication Technologies and Embedded Systems
RWTH Aachen University
Aachen
Germany
Kristina Lundqvist
Mälardalen University
Västerås
Sweden
Douglas G. MacDonald
Pacific Northwest National Laboratory
National Security Directorate
USA
Sriharsha Mallapuram
Department of Computer & Information Sciences
Towson University
Maryland
USA
Roman Matzutt
Communication and Distributed Systems
RWTH Aachen University
Aachen
Germany
Jeffery A. Mauth
National Security Directorate
Pacific Northwest National Laboratory
USA
Giovanni Merlino
Department of Engineering
University of Messina
Messina
Italy
Rebecca Montanari
Computer Science and Engineering Department (DISI)
University of Bologna
Bologna
Italy
Hussein T. Mouftah
School of Electrical Engineering and Computer Science
University of Ottawa
Ottawa, ON
Canada
Paul Moulema
Department of Computer and Information Technology
Western New England University
USA
Jason Nikolai
College of Computing
Dakota State University
Madison, SD
USA
Pouya Ostovari
Department of Computer and Information Sciences
Temple University
Philadelphia, PA
USA
Paola Piscioneri
Digital and Global Team
U.S. Postal Service Office of Inspector General
Arlington, VA
USA
Antonio Puliafito
Department of Engineering
University of Messina
Messina
Italy
Jessica Raines
Digital and Global Team
U.S. Postal Service Office of Inspector General
Arlington, VA
USA
Theora R. Rice
Pacific Northwest National Laboratory
National Security Directorate
USA
Alan C. Rither
Pacific Northwest National Laboratory
operated by Battelle Memorial Institute for the United States Department of Energy
Richland, WA
USA
David Su
Wireless Network Division
National Institute of Standards and Technology
Maryland
USA
Hala Tawalbeh
Computer Engineering Department
Jordan University of Science and Technology
Irbid
Jordan
Lo'ai A. Tawalbeh
Computer Engineering Department
Umm Al-Qura University
Makkah
Saudi Arabia
and
Computer Engineering Department
Jordan University of Science and Technology
Irbid
Jordan
Jernej Tonejc
Department of Cyber Security
Fraunhofer FKIE
Bonn
Germany
Ely Walker
Department of Animal Sciences
Washington State University
USA
Yong Wang
College of Computing
Dakota State University
Madison, SD
USA
Klaus Wehrle
Communication and Distributed Systems
RWTH Aachen University
Aachen
Germany
Steffen Wendzel
Department of Cyber Security
Fraunhofer FKIE
Bonn
Germany
Jie Wu
Department of Computer and Information Sciences
Temple University
Philadelphia, PA
USA
Guobin Xu
Department of Computer Science and Information Technologies
Frostburg State University
USA
Wei Yu
Department of Computer and Information Sciences
Towson University
USA
Martina Ziefle
Human-Computer Interaction Center
RWTH Aachen University
Aachen
Germany
Jan H. Ziegeldorf
Communication and Distributed Systems
RWTH Aachen University
Aachen
Germany
Foreword
Over the past years, my students and I have been looking for a reference book that can provide comprehensive knowledge on security and privacy issues in cyber-physical systems (CPSs). Our fruitless search did not make us feel disappointed as we understand that the subject areas are full of unique challenges stemming from various application domains such as healthcare, smart grids, and smart homes, making nonexistent the “one-size-fits-all” type of solutions, and that the integration of “cyber” and “physical” worlds opens the doors for insidious and smart attackers to manipulate extraordinarily, leading to new cyber-attacks and defense technologies other than those originated from the traditional computer and network systems.
Thanks to this book edited by three distinguished scholars in cybersecurity and privacy, we finally get access to first-hand and state-of-the-art knowledge in security and privacy of CPSs. Dr. Houbing Song brings his multidisciplinary background spanning communications and networking, signal processing and control. He has worked on authentication, physical layer security, and differential privacy, and their applications in transportation, healthcare, and emergency response. Dr. Glenn A. Fink is a cybersecurity researcher who specializes in bioinspired security and privacy technologies. He has worked for the US government on a variety of military and national security projects. Dr. Sabina Jeschke is an expert in Internet of Things (IoT) and AI-driven control technologies in distributed systems. She has worked on safeguarding the reliability and trustworthiness of cyber manufacturing systems.
The term “cyber-physical systems,” CPSs in short, was coined 10 years ago (in 2006) by several program officers at the National Science Foundation (NSF) in the United States. According to the NSF CPS program solicitation, CPS is defined to be “engineered systems that are built from, and depend upon, the seamless integration of computational algorithms and physical components.” It is strongly connected to the popular term IoT, which emphasizes more on implementation than on foundation of the conjoining of our physical and information worlds. One can use three words to summarize CPS as “connected,” “sensing,” and “control,” corresponding to the three intermingled aspects of CPSs: the physical world itself is connected via networking technologies and it is integrated with the cyberspace via sensing and control, typically forming a closed loop. Just like the Internet, which has been suffering from various attacks from the very beginning (an early warning of intrusion was raised in 1973, only 4 years after ARPANET was built), the system vulnerabilities of CPSs can be easily exploited maliciously, threatening the safety, efficiency, and service availability of CPSs.
Security and privacy are the most critical concerns that may hinder the wide deployment of CPSs if not properly addressed, as highlighted in the Federal Cybersecurity Research and Development Strategic Plan (RDSP) and the National Privacy Research Strategy (NPRS) released by the National Science and Technology Council (NSTC) in 2016. The connected physical world suffers from not only the attacks targeting today's networked systems but also new ones such as sensitive device (e.g., a controller of a power plant) discovery; the fine-grained, heterogeneous, and massive sensing data are vulnerable to various inference attacks, causing privacy disclosure and data safety violations; and the control signals can be manipulated to launch various attacks such as the device state inference attack, leading to system instability. Therefore, any effort toward securing the emerging CPSs and protecting their data privacy is of paramount importance. Nevertheless, to the larger CPS community, building economically successful CPSs seems to be the priority, since traditionally security and privacy issues can be resolved via patching. This obviously is inappropriate as security and privacy protection must be considered from the very beginning when building a CPS – an important lesson we have learned from the evolution of the Internet. To educate today's CPS engineers as well as the next-generation CPS players, materials summarizing the state-of-the-art techniques and potential challenges in security and privacy of CPS are desperately needed.
This timely book provides a comprehensive overview on security and privacy of CPSs. It positions itself uniquely from the following aspects based on its contents/technical contributions:
It is the most far-ranging one that covers all-around knowledge of CPS cyber-attacks and defenses, from both technical and policy/operational perspectives, making it suitable for all readers with diverse backgrounds and interests.
It stresses the importance of privacy protection in CPSs, covering privacy-preserving algorithms and privacy metrics for modern CPS and IoT applications.
It addresses the impact of security and privacy on the quality of data in CPSs, which is strongly related to the system performance and user experience.
It covers traditional CPSs such as smart grids and smart cities as well as emerging CPSs such as postal infrastructures and precision agriculture, investigating their unique cybersecurity challenges and trade-offs between service availability and security.
This book contains 19 self-contained chapters authored by experts in academia, industry, and government. By reading this book, readers can gain thorough knowledge on security and privacy in CPSs, preparing them for furthering their in-depth security and privacy research, enhancing the attack resistance of their own CPS, and enabling them to identify and defend potential security violations and system vulnerabilities.
Xiuzhen (Susan) Cheng
Professor, IEEE Fellow,
Department of Computer Science,
The George Washington University
Preface
The idea of automation is as old as mankind and has produced a wide range of artifacts from simple tools to complex robotic control systems. In the 1940s, work-saving machinery began to evolve from the purely mechanical to information systems, starting with the birth of computers and the emerging discipline of cybernetics. The idea behind cybernetics was to have machines conduct sensing and control operations that exceeded human capabilities for warfare applications. Robotics (machines to semiautonomously manipulate the physical world) was the natural outgrowth of this field of inquiry. In the 1960s, the Internet was conceived, bringing new ways for humans to communicate worldwide across computer networks. The blending of mechanical power, information processing, and global communications was perhaps inevitable, but the applications and implications of this merger are yet to be fully understood.
Cyber-physical systems (CPSs) are engineered systems that are built from, and depend upon, the seamless integration of sensing, computation, control, and networking in physical objects and infrastructures. This integration of communication, sensing, and control is enabling highly adaptable, scalable, resilient, secure, and usable applications whose capabilities far exceed stand-alone embedded systems. The CPS revolution is transforming the way people interact with engineered systems and is driving innovation and competition in sectors such as agriculture, energy, transportation, building design and automation, healthcare, and manufacturing.
The number of Internet-connected devices already outnumbers the human population of the planet. By 2020, some expect the number of these devices to exceed 50 billion. Many of these devices are CPSs that control automobiles, airplanes, appliances, smart electric grids, dams, industrial systems, and even multinational infrastructures such as pipelines, transportation, and trade. This trend toward distributed systems of Internet-connected smart devices has recently accelerated with the rise of the Internet of Things (IoT) as its backbone. A goal of the IoT is to connect any device to any other at any time via any protocol from anywhere in the world. Today this goal is only partially realized.
CPS technologies blur the lines between infrastructural and personal spaces. This blurring is being engineered into the IoT where personal CPSs (such as phones, appliances, and automobiles) bearing personal data can reach up into public infrastructures to access services. Infrastructural technologies such as smart roads, e-government, and city services have become personal by providing private portals into public services. Thus, personal technologies, enabled by the IoT, have vastly extended the scope of critical infrastructures and even created new ones. Unlike the embedded systems of a decade ago, modern CPSs incorporate components from different providers using interface standards that specify communication protocols and physical operation requirements.
While a CPS can be thought of as a blend of cybernetics and telecommunications, every CPS is much greater than the sum of its parts. The cyber and physical components cannot be analyzed separately. Malfunctions in the software portion of the system may cause unexpected physical behaviors. Unanticipated physical sensations may trigger untested parts of the system software. Beyond cyber or physical failures, problems can arise from communications between devices that are allowed to interact in ways that will be harmful or allow sensitive data to fall into the wrong hands. Further, a CPS typically involves real-time sensing and human operators who make their decisions informed by real-time data. Thus, humans, too, can be a major source of failure in these complex systems. Holistic system analysis is critical to ensure security, integrity, and conformance to the expected behavior profile.
The blended nature of CPSs simultaneously offers new uses of technology and enables new abuses of it. The increasing intelligence and awareness of physical devices such as medical devices, cars, houses, and utilities can dramatically increase the adverse consequences of misuse. Cybersecurity and privacy have emerged as major concerns in human rights, commerce, and national security that affect individuals, governments, and society as a whole. New degrees of connectivity between personal and infrastructural systems can result in leakage of personal data producing serious privacy concerns. Integration with private devices may threaten infrastructure by expanding its attack surface. CPSs are subject to security threats that exploit their increased complexity and connectivity to critical infrastructure systems and may introduce new societal risks to economy, public safety, and health. Some of these concerns are “existential threats” to individual lives and society. The potentially global nature of CPSs has produced a need for trust in cyber-physical (and other) systems that transcend national regulatory authorities.
To address these cybersecurity and privacy challenges, novel, transformative, and multidisciplinary approaches are needed at the confluence of cybersecurity, privacy, and CPSs. We are at a critical juncture where the growth and ubiquity of CPSs is accelerating exponentially. We must understand these systems and engineer them thoughtfully to prevent anticipated and unknown problems.
The purpose of the book is to help readers expand and refine their understanding of the key technical, social, and legal issues at stake, to understand the range of technical issues affecting hardware and software in infrastructure components, and to assess the impacts of the blended nature of these systems on individuals, infrastructures, and society. Especially, this book will present the state of the art and the state of the practice of how to address a number of unique security and privacy challenges facing CPSs including the following:
1. The irreversible nature of the interactions of CPSs with the physical world
2. The rapidly increasing scale of deployment
3. The amalgamated nature of CPS-enabled infrastructures
4. The deep embedding and long projected lifetimes of CPS components
5. The interaction of CPSs with users at different scales, degrees of control, and expertise levels
6. The economic and policy constraints that are needed to govern CPS design and deployment
7. The accelerated degree of sensing and collection of information related to a large range of everyday human activities
8. The asymmetric ability of adversaries to attack physical-world targets through cyber means and vice versa.
This edited book aims at presenting the scientific foundations and engineering principles needed to ensure cybersecurity and privacy in CPSs in general and in various innovative domain-specific applications. The reader will gain an understanding of how the principles of security and privacy must be rethought for Internet-connected CPSs. Our hope is that this book will enhance the capability of the technical workforce to understand the less obvious implications of CPSs and to improve civil and economic security.
This book will challenge the research community to advance research and education at the confluence of security, privacy, and CPSs and to transition its findings into engineering practice. However, our desire is to provide useful information even for readers without any prior domain knowledge. Thus, most chapters are in tutorial/survey style. We anticipate many of our readers will be involved in research and development of technologies to better the lives of others, and, thus, they would be interested to gain an understanding of the security and privacy implications of their work. We also address the CPS design workforce and aim to provide an important source of comprehensive foundations and principles of cybersecurity and privacy as it applies to CPSs. Toward these goals, this book is organized into three parts: Foundations, Principles, and Applications.
Part 1 is composed of six chapters. In addition to presenting an overview of the opportunities and challenges of cybersecurity and privacy (Chapter 1), this part presents scientific foundations of cybersecurity and privacy in various subdomains, including networks (Chapter 2), information theory (Chapter 3), national security (Chapter 4), legal aspects (Chapter 5), and cryptographic key management (Chapter 6).
Part 2 is composed of six chapters. This part presents engineering principles of cybersecurity and privacy as applied to the IoT (Chapter 7), access control (Chapter 8), privacy (Chapters 9 and 10), network coding (Chapter 11), and lightweight cryptography (Chapter 12).
Part 3 is composed of seven chapters. This part presents application areas of CPSs along with domain-specific cybersecurity and privacy recommendations. The several diverse application areas include smart cities (Chapter 13), energy (Chapters 14 and 19), healthcare (Chapter 15), building design and automation (Chapter 16), postal infrastructure (Chapter 17), and agriculture (Chapter 18).
This book presents a collection of research results and real-world deployment experiences that provide examples of CPSs across multiple sectors of society. It is our desire that our book would illustrate not only the state of the art and practice in cybersecurity and privacy for CPSs but also the foundations and principles of CPS security and privacy that will educate and prepare designers of these technologies to meet societal desires and needs safely. Our hope is that by reading this book you, the reader, will be better equipped to shape our world with these new technologies in a way that enhances safety, security, and privacy for all.
July 2016
Houbing Song, Daytona Beach, Florida, USA Glenn A. Fink, Richland, Washington, USA Sabina Jeschke, Aachen, Germany
Acknowledgments
This book would not have been possible without the help of many people. First, we would like to thank all the contributors and reviewers of the book from all over the world. We would also like to thank our editorial assistants, Wendy M. Maiden and Katherine E. Wolf, both at Pacific Northwest National Laboratory, and Ruth Hausmann, Alicia Dröge and Pia Bresenitz, at RWTH Aachen University, who provided essential support at all stages of the editorial process of the book. Also we would like to thank Preethi Belkese and Sandra Grayson, at Wiley, who shepherded us through the book-editing process. Finally, we would like to acknowledge the support of the Cluster of Excellence Integrative Production Technology for High-Wage Countries at RWTH Aachen University, German Research Foundation, and German Federation of Industrial Research Associations – AiF.
Special thanks go out to the following reviewers:
Mohammed Aazam (Jinnah University, Islamabad)
Syed Hassan Ahmed (Kyungpook National University)
David Archer (Galois)
Lane Arthur (John Deere)
Safdar H. Bouk (Kyungpook National University)
Ismail Butun (Bursa Technical University)
Zhi Chen (Arkansas Tech University)
Michael Crouse (Harvard University)
Qinghe Du (Xi'an Jiaotong University)
Melike Erol-Kantarci (University of Ottawa)
Glenn Fink (Pacific Northwest National Laboratory)
Errin Fulp (Wake Forest University)
Carlos Gómez Gallego (Aruba, a Hewlett Packard Enterprise Company)
Jon Green (Aruba, a Hewlett Packard Enterprise)
Hudson Harris (ADAPT of America, Inc.)
Arlett Hart (US Federal Bureau of Investigation)
Md. Mahmud Hasan (University of Ottawa)
Martin Henze (RWTH Aachen University)
Yu Jiang (Tsinghua University)
Burak Kantarci (University of Ottawa)
Wenjia Li (New York Institute of Technology)
Chi Lin (Dalian University of Technology)
Jaime Lloret (Universidad Politecnica de Valencia)
Rongxing Lu (Nanyang Technological University)
Volker Lücken (RWTH Aachen University)
Kevin Nesbitt (US Federal Bureau of Investigation)
Kaoru Ota (Muroran Institute of Technology)
Antonio Puliafito (Università Degli Studi Di Messina)
Devu Manikantan Shila (United Technologies Research Center)
Mohammad Shojafar (University Sapienza of Rome)
Siddharth Sridhar (Pacific Northwest National Laboratory)
Eric Swanson (Cisco)
Lo'ai A. Tawalbeh (Umm Al-Qura University)
Hasan Tercan (RWTH Aachen University)
Huihui Wang (Jacksonville University)
Steve Weingart (Aruba, a Hewlett Packard Enterprise Company)
Justin Wolf (Cisco)
Katherine Wolf (Pacific Northwest National Laboratory)