Autonomous Defenses for Security Attacks in Pervasive CPS Infrastructure

Cyber-physical systems (CPS) integrate computation with sensing, control, and physical systems and will enable development of next-generation services and smart infrastructure across many application domains. However, a significant impediment to the use of CPS in trusted and trustworthy systems is their vulnerability to security attacks. Some properties of CPS that exacerbate security concerns are intrinsic to the systems, and so cannot be deferred for later reconciliation with an already functional system. First, risk of security threats grows with the value and criticality of the assets under control of the CPS. Second, an open, distributed, pervasive system has a large attack surface because it is easily accessible by attackers. These concerns are exacerbated by the long lifetimes of CPS that guarantee the evolution of unforeseen attacks after the systems are fielded. Finally, as a platform for CPS, wireless sensor networks (WSN) also have resource constraints that increase asymmetries between the system and its attackers. In this article, we first describe examples of active and passive attacks on CPS security and then propose design requirements and solution approaches based on results from our previous work. We argue that trustworthy CPS must be designed for robustness using autonomous defenses, clusters of solutions, and the right mix of randomization and regularization to allow continued operation despite unforeseen attacks.