No icon

A Systems Theoretic Approach to the Security Threats in Cyber Physical Systems Applied to Stuxnet

A Systems Theoretic Approach to the Security Threats in Cyber Physical Systems Applied to Stuxnet


Cyber Physical Systems (CPSs) are increasingly being adopted in a wide range of industries such as smart power grids. Even though the rapid proliferation of CPSs brings huge benefits to our society, it also provides potential attackers with many new opportunities to affect the physical world such as disrupting the services controlled by CPSs. Stuxnet is an example of such an attack that was designed to interrupt the Iranian nuclear program. In this paper, we show how the vulnerabilities exploited by Stuxnet could have been addressed at the design level. We utilize a system theoretic approach, based on prior research on system safety, that takes both physical and cyber components into account to analyze the threats exploited by Stuxnet. We conclude that such an approach is capable of identifying cyber threats towards CPSs at the design level and provide practical recommendations that CPS designers can utilize to design a more secure CPS.

Existing System:

Traditional IT security methods can be applied to protect a CPS, such as a critical infrastructure system, against cyber threats or threats imposed by malicious insiders. However, due to the unique characteristics of a CPS, traditional IT security strategies and approaches are not sufficient enough to address the security challenges of a CPS. For example, installing security patches or numerous system updates that require taking the system offline is difficult, not economically justifiable, and often not feasible. Also, new updates or security patches may create other problems such as in a case where a nuclear power plant accidentally was shutdown after a software update. Recently, it has been shown that attackers can take control of air planes by having access to Wi-Fi services provided by the planes.



Proposed System:

The main components of a CPS are SCADA (supervisory control and data acquisition), DCS (distributed control system), and PLC (program logic controller). The main role of SCADA is to gather and control geographically dispersed assets ranging from controlling sensors within a plant to controlling power dissemination in a country. SCADAs are widely used in various critical infrastructures such as electrical power grids, water distribution systems, and oil refineries. DCS on the other hand, controls the controllers that are grouped together to carry out a specific task within the same geographically location. Both SCADA and DCS use PLC devices to control the industrial components and processes. PLCs are typically programmed from a Windows-based machine by an operator. The operator uses SCADA and DCS for various controlling tasks such as process monitoring and configuring control parameters.

Due to the critical nature of a CPS, strong security and privacy mechanisms are needed to restrict unauthorized access to the critical components of a CPS. Traditionally, industrial control systems were considered secured as long as they are air-gapped, not connected to outside world. This notion is not valid anymore as more and more industrial control systems are connecting to outside of their perimeter for various reasons such as providing better services similar to smart grids or updating their softwares. Futhermore, having a direct connection to outside world is not necessary to make a CPS vulnerable to cyber attacks. Cases like Stuxnet has shown that even without direct connections to outside cyber world, cyber physical systems are still vulnerable.

Comment As:

Comment (0)