Week 6 - CPS Challenges

Question 1

Challenges

Answer 1

1. Interoperability
2. Predictability
3. Reliability
4. Sustainability
5. Dependability
6. Security

Question 2

Interoperability

Answer 2

Ensuring systems adhere to standard designs and open specifications for improved compatibility, scalability, diversity, and efficiency.

Interoperable systems allow components to work together, exchange information, and provide services seamlessly.

Question 3

Predictability

Answer 3

Achieving predictability in terms of the system’s state, behavior, and functionality.

Precise timing, such as Precision Timing (PreT), is a key challenge in this area.

Question 4

Reliability

Answer 4

Ensuring the system performs its functionality correctly.

Components of reliability include robustness, validity, and maintainability.

Question 5

Sustainability

Answer 5

Establishing adaptive, resilient, and reconfigurable systems capable of functioning without compromising requirements.

Sustainable systems should be long-lasting, self-healing, and able to dynamically evolve.

Question 6

Dependability

Answer 6

Building trustworthy systems that are highly available to legitimate users while maintaining service integrity.

Key attributes of dependable systems include reliability, maintainability, availability, and safety/integrity.

Question 7

Security

Answer 7

Ensuring system security through the use of software and hardware to meet the required CIA (Confidentiality, Integrity, Availability).

Question 8

Security (Adversary Model)

Answer 8

Considerations regarding adversaries in an adversary model:

Adversary assumptions: identify potential attacker.

Adversary goals: identify attackers objectives,

Adversary capabilities: assess attackers expertise, knowledge, tools.

Question 9

Security (IT vs. CPS/OT)

Answer 9

Fundamental differences between IT security and CPS security:

CPS security prioritizes availability as the most critical aspect, while IT systems emphasize confidentiality.

CPS uses static configurations (not in the enterprise zone) compared to IT systems that use DHCP in their protocol.

IT systems require frequent updates and patches, while CPS systems experience infrequent updates.

Question 10

Countermeasure

Answer 10

Actions taken to offset an attack.

Understanding attacker’s intentions and attack consequences.

Designing new attack detection and resilient algorithms.

Question 11

Prevention

Answer 11

Developing security schemes for the CPS infrastructure.

Implementing regulations, standards, and best practices.

Question 12

Detection and Recovery

Answer 12

Detecting and recovering from attacks, especially when prevention fails.

CPS uses both network traffic and physical process monitoring.

Training human operators or intelligent agents for attack detection and recovery.

Question 13

Resilience

Answer 13

Designing CPS systems that can survive attacks.

Implementing redundancy.

Separation of privilege.

Using control loops (interruptible by humans in case of disturbance).

Question 14

Deterrence

Answer 14

Discouraging attacks through the fear of consequences.

Enforcing legislation.

Law enforcement.

International collaboration for tracking cybercrimes.

Question 15

Keeping CPS Secure

Answer 15

Safety
Protection
Reliability
Robust Control
Safety vs Security

Question 16

Safety

Answer 16

Consider the likelihood of failures and their consequences while designing safety requirements (or SIS).

Safety Instrumented Systems (SIS) are dedicated safety monitoring systems independent of the main control system.

SIS ensures a safe shutdown or predefined safe state in case of hardware malfunctions, even as simple as a pressure relief valve in boilers.

SIS implements one or more Safety Instrumented Functions (SIF) composed of sensors, logic solvers, and physical elements, often with varying safety integrity levels (SIL).

Question 17

Safety (Purpose of SIS)

Answer 17

SIS serves three main purposes:

Automatically take an industrial process to a safe state when specified conditions are violated.

Permit a process to proceed safely when specified conditions allow (permissive functions).

Take action to mitigate the consequences of an industrial hazard.

Question 18

Safety (Hazard Mitigation Layers)

Answer 18

Mitigating hazards through a layered approach:

Basic low-priority alarms sent to a monitoring station.

Activation of SIS systems.

Mitigation safeguards like physical protection systems (e.g., dikes).

Organizational response protocols for plant emergency response and evacuation.

Question 19

Defense-in-depth Strategy (DDS)

Answer 19

Refers to a cybersecurity approach that
uses multiple layers of security for holistic protection. A layered defense
helps security organizations reduce vulnerabilities, contain threats, and
mitigate risk

It is a holistic ICS security posture by stacking defenses, or in other
words, by creating multiple layers of backup security controls that cover
and overlap each other. Therefore, in defense-in-depth approach, if a
bad actor breaches one layer of defense, they might be contained by
the next layer

Question 20

Physical Security - DDS

Answer 20

Limit physical access to authorized personnel using locks, gates, key cards, and biometrics.

Implement policies, procedures, and technology to escort and track visitors.

Question 21

Network Security - DDS

Answer 21

Create security zones through network segmentation, switches, routers, VLANs, and firewall rules.

Implement AAA (Authentication, Authorization, and Accounting) and intrusion detection and prevention systems.

Question 22

Computer Security - DDS

Answer 22

Apply patch management, anti-malware software, and remove unused applications/protocols/services.

Protect physical and logical ports, and restrict access to unused communication ports.

Question 23

Control DIversity - DDS

Answer 23

Use diverse control mechanisms to protect against various threats.

Implement security policies on downloads, file attachments, and limit user privileges.

Question 24

Vendor Diversity - DDS

Answer 24

Use different security vendors for various devices and network components.

Reduce the risk of missing a particular malware by diversifying security vendors.

Question 25

Application Security - DDS

Answer 25

Prevent unauthorized interactions with programs and services.

Implement authentication, authorization, and auditing, keeping applications free from vulnerabilities.

Question 26

Device Security - DDS

Answer 26

Focus on the AIC triad of ICS Devices (Availability, Integrity, and Confidentiality).

Prioritize availability in ICS and implement device patching, hardening, access restrictions, and device lifecycle management.

Question 27

Safety vs Security

Answer 27

Adding new security defenses may raise safety concerns.

Example: A power plant shutdown occurred when a computer rebooted after a patch.

Software updates and patching might violate safety certifications.

Restricting unauthorized access to a CPS may hinder first responders during emergencies.

For instance, paramedics might need access to a medical device that prevents unauthorized connections.

Security solutions should consider CPS safety when implementing new security mechanisms.