Content uploaded by Ajeet Singh
Author content
All content in this area was uploaded by Ajeet Singh on Oct 12, 2019
Content may be subject to copyright.
Electronic copy available at: https://ssrn.com/abstract=3170288
3rd International Conference on Advances in Internet of Things and Connected Technologies (ICIoTCT) 2018
ELSEVIER-SSRN INFORMATION SYSTEMS & EBUSINESS NETWORK ISSN: 1556-5068
HTTPS://WWW.SSRN.COM/LINK/3RD-ICIOTCT-2018.
686
Study of Cyber Attacks on Cyber-Physical System
Ajeet Singha, Anurag Jainb
abUniversity School of Information & Communication Technology
Guru Gobind Singh Indraprastha University, Delhi, India
aajeetsinghiet@gmail.com, banurag@ipu.ac.in
Abstract:
Cyber-Physical Systems are the combination of the cyber world and physical world components in order to increase the physical performance. The usages
of cyber-physical systems (CPS) are increased, because of the more cyber and physical devices are connected to provide the state of the art technologies
and thereafter cyber threats and attacks are also happened and reported exponentially. The Security issues and challenges of the CPS have become a global
issue and appropriate mechanism for CPS is in urgent required. In this paper, an investigation about the relationship between the CPS and IoT, its
definitions, and some of its domains are discussed. Security challenges and issues are studied and discussed in the context of CPS. Various CPS
vulnerabilities, cyber threats, and cyber-attacks on the cyber-physical system are presented in this paper. Finally, suggested security measures, methods,
and security protocols for minimizing the cyber threat or attacks on the cyber-physical system.
Keyword: Threat, Attacks, cyber-physical systems, cybersecurity, protocols.
1. Introduction
Cyber-physical systems are a combination of cyber elements and physical
elements. The Cyber element means computing and communication
devices. Physical element means natural things, and human-made things
such as sensors, actuators. The computing and communication systems
integrated with the physical world are referred to as a cyber-physical
system. On March 13, 2012, S Shyam Sunder has given a standard
definition of CPS “cyber-physical systems are hybrid networked cyber
and engineered physical elements co-designed to create adaptive and
predictive systems for enhanced performance. Performance metrics
include safety and security, reliability, agility and stability, efficiency and
sustainability, privacy”. According to research (Rad et al., 2015), CPS is
similar to the IoT because both are sharing the same basic architecture and
also classified and explain few differences between CPS and IoT. The
cyber-physical system is presented a high combination and coordination
between physical components and computational components on IoT.
Figure 1 shows the relationship between cyber-physical systems, Internet
of things, and wireless sensor network and also presented similarities and
differences among them. They are correlated to each other and sharing the
same layer of the architecture. Three of them have shared common
technologies such as network, communication, and security, see in
figure1.
Figure 1: Cyber-Physical System model [ICRI, 2017]
The Internet of Things is a communication system of interconnected
computing devices, objects, and digital machines that are easily reached
through the internet. The devices are provided unique identifiers and have
the capability to send and receive more data over a network without any
human intervention. The basic architecture of IoT is shown in figure 2 and
every physical entity like appliances, machines, buildings, sensors, and
humans etc. are the things. The Internet of Things is defining the links
between the physical world and the internet by embedded sensors.
Figure 2: IoT shows the several computing devices are connected
efficiently with the internet.
As seen that the CPS has used in various domains including healthcare,
transportation, entertainment, power grids, smart buildings, shopping
mall, smart home, smart office, advanced communication systems, and
control systems(Kumar et al.,2016). Let us take the scenario of the smart
refrigerator if you keep milk and other groceries in the smart refrigerator
and forget the use of this stuff. The smart refrigerator will start alarming
when the stuff (milk or curd) is to expire. That with the growth of CPS
has increased day by day and the billions of users are connected to the
internet.
CPS is commonly used in engineering specializations mechanical
engineering, aeronautical engineering and aerospace engineering, while
IoT commonly used by telecommunication and network (Soldatos, 2015).
Another difference says that CPS has roots in the sensor network and
computer science while IoT in Mobile and wireless commutation (Goman,
2017) but the architecture of CPS and IoT share the same layer of
implantation and hence cyber-attacks and threats play the same role in the
same pattern.
A Cisco and Ericcson have been expected that 50 billion devices will be
connected to the internet in 2020. According to 2015, Machine Research
report predicted that total number connections of between machine-to-
machine (M2M) will increase from 5 billion in 2014 to 27 billion in 2024
( Abomhara and Køien, 2014). Another report of CERT-India, the number
Electronic copy available at: https://ssrn.com/abstract=3170288
3rd International Conference on Advances in Internet of Things and Connected Technologies (ICIoTCT) 2018
ELSEVIER-SSRN INFORMATION SYSTEMS & EBUSINESS NETWORK ISSN: 1556-5068
HTTPS://WWW.SSRN.COM/LINK/3RD-ICIOTCT-2018.
687
of cybersecurity incidents occurred last 3 years are 44679 (2014), 49455
(2015) 5036 (2016), and 27482 (2017 till June) (CERT-India, 2017). This
statistical data presented that the number of cybersecurity cases has been
growing steadily in India, need a design and implement security
techniques or methods to protect the cyber-physical system from
unauthorized usages, modification, and access system.
The main aim of this paper is to study the various challenges, issues,
vulnerability, and cyber-attacks of the cyber-physical system. Cyber-
security measures and security protocol to defend the cyber-attack on the
cyber-physical system are suggested.
This paper is organized as follows. Section 2 describes crucial security
issues and challenges in the cyber-physical system. Section 3 explains the
vulnerability identification in the cyber-physical system & Section 4
explains the various cyber threats and attacks on the cyber-physical
system. Section 5 discusses cybersecurity measures for CPS and
concludes in section 6.
2. Crucial Challenges And Issues
The Cyber-physical System challenges are called technical and non-
technical challenges in environment system. The CPS has faced sensing,
connecting, power management, cloud, complexity, privacy, reliability,
data management and security challenges, see figure 3 (Bedi et al., 2016).
We observed the privacy and security are the major challenges or issues in
CPS. Another key challenge of CPS is to manage big data because
numerous devices are connected with each other through the internet and
a large amount of data has generated by each connected device. Keep this
fact in mind, a good solution required for storing, identifying, analyzing,
and making sense of the generated large data and protect them from any
cyber attacks. Keeping this point, security issues are discussed.
Figure 3: List of different challenges of CPS
The security has been classified as a data security and control security.
Data security is called as an information security emphasis on data
protection sharing in the network using a cryptographic technique against
attacks. Control security emphases on protecting the dynamics of control
systems against attacks. The following security issues are described and
measure how to defend from attacks (Ashibani and Mahmoud, 2017).
2.1 Security for devices
There are many types of devices are available or used in CPS such
as smartphone, sensors, etc. Our goal to secure these devices from
unauthorized access and device disable. The computer security
methods can be protecting the system services, hardware resources,
and data, both in transit and storage. The smartphone device
contains new and existing mobile banking applications for making
an online payment. The hackers have targeted these devices and take
over access to a smartphone for making frauds. For this, should use
a strong security approach to secure a various mobile device.
2.2 Secure data transmissions
It is essential, in order to detect fakes and malicious activities in a
secure communication network and stop unauthorized access. Data
should be secure between sender and receiver devices from
intrusions, malicious attacks, distributed denial of service,
eavesdropping and unauthorized modification.
2.3 Secure data storage
Know that the data have stored on a system or server. The security is
an important issue of data storage in CPS. Username and password
are required for accessing system data. The cryptographic
techniques can use to encrypt data in such device which store a large
amount of data.
3. Vulnerability Identification In Cyber-Physical System
The vulnerability means a violation of a security policy of the cyber-
physical system. The vulnerability occurs due to the weakness of security
rules, system design, or software/hardware problem itself. The
Vulnerability is a weakness in a cyber-physical system which allows an
attacker to decrease a system's information assurance. The Vulnerabilities
have been found in hardware, software, design policies, procedures, users
themselves and misconfiguration of the cyber-physical system that a
malicious single could exploit. Definition:“In computer security, a
weakness in the physical layout, organization, procedures, personnel,
management, administration, hardware or software that may be exploited
to cause harm to the ADP system or activity” [Source:
http://www.springer.com]. Well, known categories of vulnerabilities of a
cyber-physical system are hardware vulnerabilities, software
vulnerabilities, network vulnerabilities, platform vulnerabilities,
management vulnerabilities, and technical vulnerabilities (Lu et al., 2013),
(Ahmed et al., 2013). Vulnerabilities can be detected by using static and
dynamic techniques.
3.1 Hardware vulnerability
The hardware vulnerability is exploitable of weakness in a CPS.
This vulnerability is very hard to identify, and also fix. This
vulnerability can be reduced by locking labs and hardware
equipment for securing physical access and stolen.
3.2 Software vulnerabilities
The Software vulnerabilities are found in application software,
operating systems, and control software (“like communication
protocols and devices drives”), even a fault in the cyber-physical
system that could be exploited by an intruder in order to modify and
alter the normal activities of running the system. The systems are
more affected by the software vulnerabilities.
3.3 Technical vulnerabilities
The Technical vulnerabilities commonly occur due to human
weaknesses.
3.4 Network vulnerability
The Network vulnerability comprises configuration, hardware and
monitoring vulnerabilities.
3.5 Platform vulnerability
This vulnerability comprises configuration, hardware and software
vulnerabilities in addition to lack of protection measures.
Electronic copy available at: https://ssrn.com/abstract=3170288
3rd International Conference on Advances in Internet of Things and Connected Technologies (ICIoTCT) 2018
ELSEVIER-SSRN INFORMATION SYSTEMS & EBUSINESS NETWORK ISSN: 1556-5068
HTTPS://WWW.SSRN.COM/LINK/3RD-ICIOTCT-2018.
688
3.6 Management vulnerability
Management vulnerability occurred due to the lack of security
policies standard.
Another common software security vulnerability has been defined by
Common Weakness Enumeration in 2011 are Missing data encryption,
OS command injection, SQL injection, Buffer overflow, Missing
authentication for critical function, Missing authorization, Unrestricted
upload of dangerous file types, Reliance on not trust inputs in a security
decision, Cross-site scripting and forgery, Download of codes without
integrity checks, Use of broken algorithms, URL redirection to not trust
sites, Path traversal, Bugs, Weak passwords, and Software that is
already infected with virus [Source : https://cwe.mitre.org].
4. Cyber Attack (Threat) On Cyber-Physical System
Nowadays, security and privacy have become the major concern among
users and companies because of cyber-attacks are increasing around the
globe. The protection of sensitive information is also concerned when
information is traveling on the open network from source to destination.
There is the possibility of cyber-attack on this open network or system
devices to breach information or disable devices, for personal misuse. The
hackers have penetrated connected objects such as cars, shopping mall,
smart homes, and smart bank, etc. for collecting money, hacking system,
and breach the personal information. The various organizations focused
on cybersecurity in order to maintain the privacy, safety of data and
devices. In this section, discussed the various categories of cyber-attacks
on CPS (Dong et al., 2015), (Humayed et al., 2017).
4.1 Network Attacks
The data might be exposed to an attack due to short of security and
controls. The Networks attacks are classified two types such as
active attack means the data are altered, and passive attack means
data is monitored or not alters.
The networks and data are vulnerable to any of the following types
of attacks if you have not a security plan in the organization. These
attacks commonly occur on networks and devices. The common
network attacks are network eavesdropping, data modification,
identity spoofing (IP address spoofing), password-based attacks,
denial-of-service, man-in-the-middle, compromised key attack,
sniffer, application layer attack, access attacks, reconnaissance
attacks, attacks on privacy, and destructive attacks. The top 8, types
of network attacks are represented below in the chart (figure 4)
based on McAfee Labs -Threat report from April to June 2017
which was published in the September 2017. These network attacks
are highlighted in 2nd quarter 2017. McAfee Labs -Threat report is
based on data collected from millions of sensors, across file, web,
message, networking devices and network vectors, managed by
McAfee. Figure 4 presented various network attacks with their
percent of attacks on the network, i.e. Brower, and Brute force
attacks are 20 %.
Figure 4: Top 8 network attacks occur in 2017 till June [Source:
McAfee Labs, 2017]
4.2 Cryptographic attacks
A cryptographic attack is a procedure for avoiding the security of a
system by discovery a weakness in a cipher, security algorithm,
cryptographic protocol or key management pattern, and operating
systems. This practice is also called "cryptanalysis". Cryptanalysis
can be cracked into a number of classes of attacks (Chris, 2010).
These attacks are brute force attacks, chosen plaintext; adaptive
chose plaintext attacks, known plaintext, known ciphertext, chosen
ciphertext, chosen a key, rubber cryptanalysis, and crypto locker.
4.3 Cyber Threats
A Cyber threat is called a malicious attack. These attacks are finding
out the security weaknesses in a cyber-physical system for
interrupting the integrity of an organization or personal systems. The
aim of the cyber threat is to damage or disabling system operation.
There are many types of cyber threats available, and it can originate
from primary sources: nature (earthquakes, hurricanes, floods, and
fire) and humans, physical attacks, equipment failure, line fault
(failure node power lines), electromagnetic leakage, and
electromagnetic interference (Zhang et al., 2013).
4.4 Malicious software
Malicious software (Malware) is used to compromise cyber-physical
system function, steal information, and bypass access controls of the
cyber-physical system. The main objective of malicious software is
causing harm to the host computer (Shi et al., 2011). Malicious
software is a broad term that referred to a variety of malicious codes.
The most common malware are adware, bots, ransomware, bugs,
rootkits, spyware, spyware, hackers, wabbits, dialer, blue sniffing,
phishing, bluejacking, mouse trapping, pharming, browser hijackers,
Trojan horses, viruses, and worms (Application security, 2017).
Figure 5 presents the percentage of top eight malware attacks in
quarter 2nd, 2017 (i.e. waponi malware 39%).
3rd International Conference on Advances in Internet of Things and Connected Technologies (ICIoTCT) 2018
ELSEVIER-SSRN INFORMATION SYSTEMS & EBUSINESS NETWORK ISSN: 1556-5068
HTTPS://WWW.SSRN.COM/LINK/3RD-ICIOTCT-2018.
689
Figure 5: Top Malware attack in quarter 2nd, 2017 [Source: McAfee
Labs, 2017].
5. Cyber Security Measures For Cyber-Physical System
The cyber-physical system has affected by various types of network
attacks, malware, cryptographic attacks. Due to this reason, we need to
apply and implement strong cybersecurity measures, techniques,
protocols, process, and required training to prevent computer system, our
network, communication channel, devices, and information from
unauthorized accessing our resources, data modification, disclosure,
destruction and also minimizes of cyber-attacks. The cybersecurity
measures are discussed below based on secure need in different layers,
(Humayed et al., 2017).
5.1 Cyber Security Measures for the Perception layer (or Physical
Layer)
The physical layer of the cyber-physical system primarily related to
physical security of the organization. The CPS devices such as
sensors, actuators, RFID devices, image capture are requirements to
protect. The system administrator/user should be the following the
recommended practices to protect against attacks.
Should take files backup regularly.
Should be educated network users.
Should monitor and inspect network traffic periodically.
Should use threat intelligence data feeds.
Should control administrative and system access.
Should eliminate local administrative rights.
Should update software and maintenance.
Should use website security scans.
Should install antivirus and anti-malware software on a
system.
Safeguards should be implemented against natural disasters.
Should flow disaster recovery plans.
To strengthen legislation if user violations security policies of
CPS.
Should track the activity of threats.
5.2 Cyber Security Measures for the transmission layer
The aim of it is to protect the communication data and the system.
For the transmission layer security, should apply three most
applicable approaches on CPS such as point-to-point encryption;
end-to-end encryption and firewall installing to secure transmission
data.
Point-to-point encryption methods ensure the security of the
data. Security methods are including node certification, hop-
by-hop encryption, and internetwork authentication.
End-to-end encryption methods are to achieve end-to-end
confidentiality data. The security methods include end-to-end
authentication, key negotiation, and key management, etc.
Installing software or hardware firewall.
Use security protocols, including internet protocol security,
transport layer security, datagram transport layer security, and
secure socket layer.
5.3 Cyber Security measures for the application layer
Decision making is the main part of this layer in the cyber-physical
system. Because it has many applications and each contains its own
vulnerability that can affect cyber-physical system security. Have to
consider data security and user privacy at this layer. The
Cybersecurity measures for the application layer of the cyber-
physical system are:
To enhance system access control policies and procedures.
Should implement strong identification, authentication, and
encryption mechanisms.
Should use Network forensics mechanism.
Should Apply Secure Electronic Transaction (SET) Protocol
for secure payment.
Should follow Secure Payment (S/PAY) Protocol.
Should use Secure Hypertext Transfer Protocol (S/HTTP).
6. Conclusion
The cyber-physical system is a link of physical and engineered systems
with cyber ability to increase the physical performance. The CPS is
widely used in the many areas such mechanical engineering, smart home,
etc., but same time period the security problem has raised due to the
system vulnerabilities and cyber threats. In this paper, the relationship
between the CPS and IOT with their application has identified and
explained. The current security issues and challenges on the CPS are
discussed. The Cyber-physical systems are suffered by the cyber threats
and attacks has explained in details one by one, and also recommend a
corresponding solution for defending and safeguard of them. This paper
precise security vulnerability, cyber threats, and attacks on CPS to provide
a theoretical reference. Finally, this paper suggested and recommended
security measures, and security protocols have to be followed by the CPS
users for all categories of security threats, attacks.
Acknowledgments
The authors would like to thanks the University Grants Commission
(UGC) provided National Fellowship. We thank our colleagues of USICT,
GGSIPU who provided insight and expertise that greatly assisted the
research.
REFERENCES
Rad, C. R., Hancu, O., Takacs, I. A., & Olteanu, G. (2015). Smart
monitoring of potato crop: a cyber-physical system architecture model
in the field of precision agriculture. Agriculture and Agricultural
Science Procedia, 6, 73-79.
Kumar, S. A., Vealey, T., & Srivastava, H. (2016, January). Security in
Internet of things: Challenges, solutions, and future directions. In
System Sciences (HICSS), 49th Hawaii International Conference on
(pp. 5772-5781). IEEE.
Soldatos,J.IoTvs.M2(2015,December-15),https://www.linkedin.com/pulse
/iot-vs-m2m-cps-wot-terms-synonyms-john-soldatos, [Accessed Date:
01 Nov 2017]
3rd International Conference on Advances in Internet of Things and Connected Technologies (ICIoTCT) 2018
ELSEVIER-SSRN INFORMATION SYSTEMS & EBUSINESS NETWORK ISSN: 1556-5068
HTTPS://WWW.SSRN.COM/LINK/3RD-ICIOTCT-2018.
690
Goman,W.The difference between IoT and CPS,
https://www.researchgate.net/post/What_is_the_difference_between_
cyber-physical_systems_CPS_and_Internet_of_Things_IoT_systems,
[Accessed Date: 05 Nov 2017.
Abomhara, M., & Køien, G. M. (2014, May). Security and privacy in the
Internet of Things: Current status and open issues. In Privacy and
Security in Mobile Systems (PRISMS), 2014 International
Conference on (pp. 1-8). IEEE
Indian Computer Emergency Response Team,http://www.cert-in.org.in,
[Accessed Date: 5 Nov 2017].
Bedi, G., Venayagamoorthy, G. K., & Singh, R. (2016, March).
Navigating the challenges of the Internet of Things (IoT) for power
and energy systems. In Power Systems Conference (PSC), 2016
Clemson University (pp. 1-5). IEEE.
Ashibani, Y., & Mahmoud, Q. H. (2017). Cyber-physical systems
security: Analysis, challenges, and solutions. Computers & Security,
68, 81-97.
Lu, T., Xu, B., Guo, X., Zhao, L., & Xie, F. (2013). A New Multilevel
Framework for Cyber-Physical System Security.
Ahmed, S. H., Kim, G., & Kim, D. (2013, November). Cyber-Physical
System: Architecture, applications, and research challenges. In
Wireless Days (WD), 2013 IFIP (pp. 1-5). IEEE.
Dong, P., Han, Y., Guo, X., & Xie, F. (2015). A systematic review of
studies on cyber-physical system security. Int. J. Secure. Appl, 9(1),
155-164.
Humayed, A., Lin, J., Li, F., & Luo, B. (2017). Cyber-physical systems
security—A survey. IEEE Internet of Things Journal, 4(6), 1802-
1831.
Chris Northwood whilst, the University of York and University of
Sheffield, http://www.pling.org.uk/cs/cry.html,2010, [Accessed Date:
10 Nov 2017].
Zhang, L., Qing, W. A. N. G., & Bin, T. I. A. N. (2013). Security threats
and measures for the cyber-physical systems. The Journal of China
Universities of Posts and Telecommunications, 20, 25-29.
Shi, J., Wan, J., Yan, H., & Suo, H. (2011, November). A survey of cyber-
physical systems. In Wireless Communications and Signal Processing
(WCSP), 2011 International Conference on (pp. 1-6). IEEE.
Application Security Tools, https://www.veracode.com. [Accessed Date:
15 Nov 2017].
ICRI (2013, May 12). Cyber-Physical Systems, http://www.cities.io
/project/cps/ [Accessed Date: 16 Nov 2017].