Cyber Physical Systems (CPS), like IoT and industrial control systems, are typically vulnerable to cyber threats due to a lack of cyber security measures and hard change management. Security monitoring is aimed at improving the situational awareness and the resilience to cyber attacks. Solutions tailored to CPS are required for greater effectiveness. This PhD work proposes a monitoring framework that leverages the knowledge of the CPS in order to specify, check, and predict known critical conditions. This approach is particularly suitable to CPS which are designed for a precise purpose, well documented, and predictable to a good extent. The framework uses a formal logical language to specify quantitative critical conditions and an optimisation linear programming and SMT-based engine. The framework computes a quantitative measure of the criticality of the current CPS system: checking how criticality changes in time enables to predict whether the system is approaching to a critical condition or reaching back a licit state. An important novelty of the approach is the capability of dealing with unobservable variables, for a greater feasibility for real cases, and the possibility to use observation times in critical specifications. This work presents the formal framework, a prototype, a testbed, and first experimental results that validate the feasibility of the approach.

Specification-based Predictive Continuous Monitoring for Cyber Physical Systems with Unobservables / Coletta, Alessio. - (2018), pp. 1-115.

Specification-based Predictive Continuous Monitoring for Cyber Physical Systems with Unobservables

Coletta, Alessio
2018-01-01

Abstract

Cyber Physical Systems (CPS), like IoT and industrial control systems, are typically vulnerable to cyber threats due to a lack of cyber security measures and hard change management. Security monitoring is aimed at improving the situational awareness and the resilience to cyber attacks. Solutions tailored to CPS are required for greater effectiveness. This PhD work proposes a monitoring framework that leverages the knowledge of the CPS in order to specify, check, and predict known critical conditions. This approach is particularly suitable to CPS which are designed for a precise purpose, well documented, and predictable to a good extent. The framework uses a formal logical language to specify quantitative critical conditions and an optimisation linear programming and SMT-based engine. The framework computes a quantitative measure of the criticality of the current CPS system: checking how criticality changes in time enables to predict whether the system is approaching to a critical condition or reaching back a licit state. An important novelty of the approach is the capability of dealing with unobservable variables, for a greater feasibility for real cases, and the possibility to use observation times in critical specifications. This work presents the formal framework, a prototype, a testbed, and first experimental results that validate the feasibility of the approach.
2018
29
Information and Communication Technology
Armando, Alessandro
Inglese
Settore INF/01 - Informatica
Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni
File in questo prodotto:
File Dimensione Formato  
PhD_thesis_Alessio_Coletta.pdf

Solo gestori archivio

Tipologia: Tesi di dottorato (Doctoral Thesis)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 1.57 MB
Formato Adobe PDF
1.57 MB Adobe PDF   Visualizza/Apri
DECLARATORIA_ITA_Alessio_Coletta_firmata.pdf

Solo gestori archivio

Tipologia: Tesi di dottorato (Doctoral Thesis)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 237.41 kB
Formato Adobe PDF
237.41 kB Adobe PDF   Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/367634
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact