Introducing Cyber Security at the Design Stage of Public Infrastructures: A Procedure and Case Study

摘要

Existing methodologies for the design of complex public infrastructure are effective in creating efficient systems such as for water treatment, electric power grid, and transportation. While such methodologies and the associated design tools account for potential component and subsystem failures, they generally ignore the cyber threats; such threats are now real. This paper presents a step towards a methodology that incorporates cyber security at an early stage in the design of complex systems. A novel graph theoretic mechanism, named Dynamic State Condition Graph, is proposed to capture the relationships among sensors and actuators in a cyber physical system and the functions that are affected when the state of an actuator changes. Through a case study on a modern and realistic testbed, it is shown that introducing security at an early stage will likely impact the design of the control software; it may also lead to additional hardware and/or software requirements, e.g., sensors, or secure control algorithms. Such impact on the system design promises to improve the resilience of a system to cyber attacks.