Visual Analytics in Support of Secure Cyber-Physical Systems

Homeland Security Presidential Directive 7 (HSPD-7) [1], released in 2003, firmly established the term critical infrastructure protection and directed action be taken to identify, prioritize, and address the vulnerabilities to the systems and services that have relevance to the American way and quality of life. Cyber Physical Systems (CPS) – are integral to the functioning of not only critical infrastructure (CI) sectors, but extend all the way down to the scale of the human body. Two of the more commonly discussed types of CPS are the Supervisory Control and Data Acquisition (SCADA) devices that are the subject of much media attention, and Industrial Control Systems (ICS). However, CPS encompasses far more than just SCADA or ICS systems. Other CPS applications include: automotive and aeronautic control; border traffic monitoring and radiation detection sensing; wearable devices used in health care (e.g., pace-makers, glucose monitors, and bionics); automated manufacturing; electricity generation, distribution, consumption monitoring, and energy conservation; water and nutrient control in agriculture. In short, CPS can include any computing device used in sensing and/or manipulation of the physical world, in real-time, by way of an interface to a physical object. HSPD-7 assigned specific government agencies with responsibility for securing specific critical infrastructures, responding to attacks and disasters, and initiating cooperative response through a number of information sharing mechanisms including sector-specific Information Sharing and Analysis Centers (ISACs). The report of the Obama administration’s 60-day review of cybersecurity policy [2] discusses the limits of what has been accomplished by government and industry since HSPD-7, and cites reports by organizations such as the Government Accountability Office (GAO) who have been evaluating the effectiveness of laws and regulations aimed at improving cybersecurity. The report stresses the need to build new, more effective public/private partnerships to both raise awareness of security vulnerabilities and to develop an integrated, action-oriented approach to ensuring “a trusted and resilient information and communications infrastructure.” The 60-day policy review itself drew in part from recommendations made by the Center for Strategic and International Studies (CSIS) Commission on Cybersecurity for the 44th Presidency. [3] The CSIS report also notes the limited success to date in securing critical infrastructures, and while it calls for actions to secure ICS and SCADA systems (recommendations 11 and 12), it also focuses on finding new ways to secure networks, increase response capacity, and develop new sociotechnical solutions to the problems of securing cyberspace. All three of these efforts call for effective public/private partnerships, investment of R&D funding, and implementation of a trustworthy networked foundation in order to provide critical services to the public. As the CSIS put it, “the United States has begun to take the steps needed to defend and to compete effectively in cyberspace, but there is much to do.” So what are the special needs of CPS security, and more importantly what are the new “socio-technical” solutions? This paper lays the groundwork for new strategies to secure cyber-physical systems that are more pro-active, holistic, and require more collaborative partnerships among researchers, designers, managers, operators, and policy makers. The task will not be easy, but achieving the highest goals requires the greatest effort and commitment. While we must guard against scope creep into areas that fall outside of our ability to affect change, what is clear is that the interdependencies of the various critical infrastructure sectors require a more inclusive model. It is incumbent on members of all CI sectors to work more closely and cross-functionally in order to respond in a systemic way to attacks on one or more CI targets The motivation for trying to achieve a more collaborative response capacity cannot be more clearly put than it was by the CSIS: “losing this struggle will wreak serious damage on the economic health and national security of the United States.”