Premium
Systems‐theoretic security requirements modeling for cyber‐physical systems
Author(s) -
Carter Bryan T.,
Bakirtzis Georgios,
Elks Carl R.,
Fleming Cody H.
Publication year - 2019
Publication title -
systems engineering
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.474
H-Index - 50
eISSN - 1520-6858
pISSN - 1098-1241
DOI - 10.1002/sys.21504
Subject(s) - cyber physical system , exploit , computer science , component (thermodynamics) , computer security , domain (mathematical analysis) , context (archaeology) , service (business) , system of systems , complex system , systems engineering , systems modeling , physical system , modeling language , architecture , computer security model , distributed computing , systems design , software engineering , engineering , artificial intelligence , operating system , art , mathematics , economy , software , mathematical analysis , visual arts , biology , paleontology , quantum mechanics , thermodynamics , programming language , physics , economics
Cyber‐physical systems (CPS) present a unique modeling challenge due to their numerous heterogeneous components, complex physical interactions, and disjoint communication networks. Modeling CPS to aid security analysis further adds to these challenges, because securing CPS requires not only understanding of the system architecture, but also the system's role within its broader expected service. This is due to the infeasibility of completely securing every single component, network, and part within a CPS. As such it is necessary to be cognizant of the system's expected service, or mission, so that the effects of an exploit can be mitigated and the system can perform its mission at least in a partially degraded manner—in other words, a mission‐aware approach to security. As such, a security analysis methodology based on this philosophy is greatly aided by the creation of a model that combines system architecture information, its admissible behaviors, and its mission context. This paper presents a technique for creating such a model using the Systems Modeling Language.