Midterm Prep

Question 1

Examples of Cyber Systems

Answer 1

PCs, Mobile Phones, Embedded Devices

Question 2

Examples of Physical Systems

Answer 2

Motors, Pumps, Lights, Generators, Valves, Relays

Question 3

Definitions of Cyber Physical Systems

Answer 3

Integration of computing and physical processes.

Embedded systems together with their physical environment.

Complex, multi-disciplianary, physically aware next gen engineered systems. Include observation, communication, and control aspects of physical systems.

Question 4

Special Interest Organization to Foster Collaboration between Industry, Education, and Government.

Answer 4

CPSVO (CPS Virtual Organization)

Question 5

System Components of CPS

Answer 5

Elements of physical world, networks, sensors, actuators, and the cyber system.

Question 6

Physical World

Answer 6

Physical phenomenon that will me monitored or controlled.

Question 7

Cyber Systems

Answer 7

Standard computing and embedded devices which process information and communicate with their distributed environment.

Question 8

Important difference between most CPS and Cyber Systems?

Answer 8

Irreversibility or pre-emption of actuator operations. Physical actions taken by the actuators generally cannot be reversed.

Question 9

Example of CPS IOT in my home?

Answer 9

Ecobee

Question 10

Definition of Smart Manufacturing

Answer 10

the use of embedded software and hardware technologies to optimize productivity in the manufacture of goods or delivery of services.

Question 11

Benefits of Smart Manufacturing

Answer 11

Improved safety, productivity, efficiency, more flexible

workflow and new forms of collaboration.

Question 12

CPS Examples

Answer 12

Robots, building automation,, emergency response, air transportation, intelligent transportation, critical infrastructure

Question 13

CPS Channelges

Answer 13

Interoperability, Security, Dependability, predictability, reliability, sustainability

Question 14

Interoperability

Answer 14

Ability of systems to work together and exchange information.
Attributes: Composability, Scalability, Heterogeneity

Question 15

Predictability

Answer 15

The degree of foreseeing of a system state behavior functionality, either qualitatively or quantitatively.

Attributes: Accuracy, compositionality

Question 16

Reliability

Answer 16

Degree of correctness which a system provides to perform its function.

Question 17

Sustainability

Answer 17

Being capable of enduring without compromising requirements to the system while renewing the systems resources and
using them efficiently.

A highly sustainable system should be long lasting, it should be self healing,
and actually dynamic, and able to evolve under various circumstances.

Question 18

Dependability

Answer 18

The property of a system to perform required
functionalities during its operation, without significant degradation in its performance and outcome.

Dependability reflects a degree of trust put into the entire system.

Question 19

Security

Answer 19

Security has several different

attributes, including integrity and confidentiality.

Question 20

Challenges for Securing CPS

Answer 20

They are fundamentally different than standard IT systems

Question 21

Possible CPS Adversaries

Answer 21

Cybercriminals, disgruntled employees, terrorists, activists, and organized criminal groups, and nation states

Question 22

Security objective for CPS and IT: Availability and Confidentiality

Answer 22

CPS: Available
IT: Confidential

Question 23

Network Topology for CPS and IT: Static or DHCP

Answer 23

CPS: Static
IT: DHCP

Question 24

Patching for CPS and IT: Frequent or Infrequent

Answer 24

CPS: Infrequent
IT: Frequent

Question 25

Countermeasures

Answer 25

Design novel attack detection and attack resilient algorithms and architectures

Question 26

Moving target defense

Answer 26

For example, if we can detect
then an attack is on the way,
we may be able to change the meaning of
the control commands in the system to
increase the resiliency of the system.

Question 27

Body that has cybersecurity standards for the power grid

Answer 27

NERC (North American Electric Reliability Corporation) authorized to enforce compliance of the standards.

NIST published a guide too for Industrial Control Systems Security.

Question 28

Detection of Anomalies

Answer 28

May be able to detect anomalies on the physical system that are undetectable from the IT side.

Question 29

Resilience

Answer 29

Designing control systems that can survive attacks. e.g. redundancy, separation of privileges, operate using open loop control.

Question 30

Deterrance

Answer 30

Successful legislation,
law enforcement,
intentional cooperation

Question 31

Power Ecosystem Levels

Answer 31

Generation- Where the electrons are generated using coal or whatever

Transmission system- wheelbarrow from generation to distribution

Distribution- Last stop before it gets to your home

Load- Your home

Question 32

Power Grid Equipment: Transformer

Answer 32

Step voltage up or down

Question 33

Power Grid Equipment: Circuit breaker

Answer 33

Sits ahead of the transformer and protects all the downline equipment from inrush currents that would burn the line down.

Question 34

Power Grid Equipment: Recloser

Answer 34

Protects the line that goes to your neighborhood and comes to your house.

Question 35

Type of Network: BAN

Answer 35

Body Area Network like bluetooth.

Question 36

Security of a system is relative to what two things?

Answer 36

A set of desired properties.

An adversary with specific capabilities.

Question 37

CIA

Answer 37

Confidentiality, Integrity, and Availability

Question 38

Tools for Confidentiality

Answer 38

Encryption, Access Control, Authentication, Physical Security

Question 39

What is assurance?

Answer 39

How trust is provided and managed in computer systems.

Question 40

Anonymity

Answer 40

Property that certain records or transactions are not to be attributable to any individual.

Aggregation (combining data of many individuals), mixing (intertwining of transactions, information communications in a way that cannot be trace to an individual), proxies, pseudonyms.

Question 41

“Industrial Network”

Answer 41

is referring to any network operating some sort of automated control system that communicates digitally over a network

Question 42

“Critical Infrastructure”

Answer 42

is referring to critical network infrastructure, including any network used in the direct operation of any system upon which one of the defined “critical infrastructures” depends.

Question 43

smart grid

Answer 43

an update to traditional electrical transmission and distribution systems to accommodate digital communications for metering and intelligent
delivery of electricity

Question 44

Which regulation attempts to distinguish the critical versus noncritical systems.

Answer 44

HSPD-7

Question 45

NIST’s 800

Answer 45

series documents provide best practices and information of general interest to information security.