Deriving Cyber-security Requirements for Cyber Physical Systems
This addresses the need for automated cyber-security design in CPS to prevent attacks without compromising performance, timing, or cost, but it appears incremental as it builds on existing AI methods.
The paper tackles the problem of manually deriving cyber-security requirements for cyber physical systems (CPS), which often leads to vulnerabilities, by proposing DCRYPPS, a system that uses AI technologies like planning and model-based diagnosis to automate this process.
Today's cyber physical systems (CPS) are not well protected against cyber attacks. Protected CPS often have holes in their defense, due to the manual nature of today's cyber security design process. It is necessary to automate or semi-automate the design and implementation of CPS to meet stringent cyber security requirements (CSR), without sacrificing functional performance, timing and cost constraints. Step one is deriving, for each CPS, the CSR that flow from the particular functional design for that CPS. That is the task assumed by our system, Deriving Cyber-security Requirements Yielding Protected Physical Systems - DCRYPPS. DCRYPPS applies Artificial Intelligence (AI) technologies, including planning and model based diagnosis to an important area of cyber security.