Thumbnail Image
Publication

On the interplay between cyber and physical spaces for adaptive security

Date
2018
Abstract
Ubiquitous computing is resulting in a proliferation of cyber-physical systems that host or manage valuable physical and digital assets. These assets can be harmed by malicious agents through both cyber-enabled or physically-enabled attacks, particularly ones that exploit the often ignored interplay between the cyber and physical world. The explicit representation of spatial topology is key to supporting adaptive security policies. In this paper we explore the use of Bigraphical Reactive Systems to model the topology of cyber and physical spaces and their dynamics. We utilise such models to perform speculative threat analysis through model checking to reason about the consequences of the evolution of topological configurations on the satisfaction of security requirements. We further propose an automatic planning technique to identify an adaptation strategy enacting security policies at runtime to prevent, circumvent, or mitigate possible security requirements violations. We evaluate our approach using a case study concerned with countering insider threats in a building automation system.
Supervisor
Description
peer-reviewed
Publisher
IEEE Computer Society
Citation
IEEE Transactions on Dependable and Secure Computing;15 (3), pp. 466-480
Collections
Lero - The Science Foundation Ireland Research Centre for Software
Show all metadata
Files
Thumbnail Image
Nuseibeh_2018_Interplay.pdf
Adobe PDF2.76 MB
Keywords
security, topology, cloud computing, adaptation models, planning, wireless networks, servers
ULRR Identifiers
https://researchrepository.ul.ie/handle/10344/7423
 https://doi.org/10.34961/601
Funding code
Funding Information
European Research Council (ERC), Science Foundation Ireland (SFI)
Sustainable Development Goals
External Link
Type
Article
Rights
https://creativecommons.org/licenses/by-nc-sa/1.0/
License