short-paper

Ontology-Based Security Tool for Critical Cyber-Physical Systems

Authors:

Abdelkader Magdy Shaaban,

Thomas Gruber, and

Christoph SchmittnerAuthors Info & Claims

SPLC '19: Proceedings of the 23rd International Systems and Software Product Line Conference - Volume B

September 2019

Pages 207 - 210

https://doi.org/10.1145/3307630.3342397

Published: 09 September 2019 Publication History

Get Access

Abstract

Industry 4.0 considers as a new advancement concept of the industrial revolution, which introduces a full utilization of Internet technologies. This concept aims to combine diverse technological resources into the industry field, which enables the communication between two worlds: the physical and the cyber one. Cyber-physical Systems are one of the special forces that integrate and build a variety of existing technologies and components. The diversity of components and technologies creates new security threats that can exploit vulnerabilities to attack a critical system. This work introduces an ontology-based security tool-chain able to be integrated with the initial stages of the development process of critical systems. The tool detects the potential threats, and apply the suitable security requirements which can address these threats. Eventually, it uses the ontology approach to ensure that the security requirements are fulfilled.

References

[1]

Zhendong Ma, Aleksandar Hudic, Abdelkader Shaaban, and Sandor Plosz. Security viewpoint in a reference architecture model for cyber-physical production systems. In 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pages 153--159. IEEE.

Google Scholar

[2]

Abdelkader Magdy Shaaban, Christoph Schmittner, Thomas Gruber, A. Baith Mohamed, Gerald Quirchmayr, and Erich Schikuta. CloudWoT - a reference model for knowledge-based IoT solutions. In Proceedings of the 20th International Conference on Information Integration and Web-based Applications & Services - iiWAS2018, pages 272--281. ACM Press.

Digital Library

Google Scholar

[3]

ISO/IEC. Information security management systems: Overview and vocabulary. International standard, International Organization for Standardization - ISO and International Electrotechnical Commission - IEC, Geneva-Switzerland, January 2014.

Google Scholar

[4]

IEC 62443-4-2. Industrial communication networks - network and system security -part 4-2: Technical security requirements for iaas components. Technical report, International Electrotechnical Commision, 2018.

Google Scholar

[5]

Austrian Institute of Technology. Threatget - threat analysis and risk management. https://www.threatget.com. Accessed: 29.06.2019.

Google Scholar

[6]

Adam Shostack. Threat modeling: Designing for security. John Wiley & Sons, 2014.

Digital Library

Google Scholar

[7]

Abdelkader Magdy Shaaban, Erwin Kristen, and Christoph Schmittner. Application of iec 62443 for iot components. In International Conference on Computer Safety, Reliability, and Security, pages 214--223. Springer, 2018.

Crossref

Google Scholar

[8]

IEEE 1686. Ieee 1686-2013 - ieee standard for intelligent electronic devices cyber security capabilities. Technical report, Institute of Electrical and Electronics Engineers, 2013.

Google Scholar

[9]

ISA. Ansi/isa-62443-4-2-2018, security for industrial automation and control systems, part 4-2: Technical security requirements for iacs components, 2018. {accessed on: 2019.06.28}.

Google Scholar

Cited By

View all

Nguyen G(2023)A configurable approach to cyber-physical systems fuzzingProceedings of the 27th ACM International Systems and Software Product Line Conference - Volume B10.1145/3579028.3609005(1-5)Online publication date: 28-Aug-2023
https://dl.acm.org/doi/10.1145/3579028.3609005
Javaid MHaleem ASingh RSuman R(2023)An integrated outlook of Cyber–Physical Systems for Industry 4.0: Topical practices, architecture, and applicationsGreen Technologies and Sustainability10.1016/j.grets.2022.1000011:1(100001)Online publication date: Jan-2023
https://doi.org/10.1016/j.grets.2022.100001
May R(2022)Security and Configurable Storage Systems in Industry 4.0 Environments: A Systematic Literature StudyOpen Conference Proceedings10.52825/ocp.v2i.1492(151-156)Online publication date: 15-Dec-2022
https://doi.org/10.52825/ocp.v2i.149
Show More Cited By

Recommendations

Dependency-based security risk assessment for cyber-physical systems
Abstract
A cyber-physical attack is a security breach in cyber space that impacts on the physical environment. The number and diversity of such attacks against Cyber-Physical Systems (CPSs) are increasing at impressive rates. In times of Industry 4.0 and ...
Read More
Cyber-physical systems security: Limitations, issues and future trends
Abstract
Typically, Cyber-Physical Systems (CPS) involve various interconnected systems, which can monitor and manipulate real objects and processes. They are closely related to Internet of Things (IoT) systems, except that CPS focuses on the ...
Read More
POSTER: Defense against False Data Injection Attack in a Cyber-Physical System
ASIA CCS '24: Proceedings of the 19th ACM Asia Conference on Computer and Communications Security

Cyber-physical systems (CPSs) are closed-loop feedback systems that efficiently control the physical processes through cyber-systems. Security threats like false data injection (FDI) attacks are increasing in CPSs. FDI attacks disrupt the system's ...
Read More

Comments

Information & Contributors

Information

Published In

SPLC '19: Proceedings of the 23rd International Systems and Software Product Line Conference - Volume B

September 2019

252 pages

ISBN:9781450366687

DOI:10.1145/3307630

Editors:
Carlos Cetina
University San Jorge, Spain
,
Oscar Díaz
University of the Basque Country, Spain
,
Laurence Duchien
University Lille, France
,
Marianne Huchard
University of Montpellier, France
,
Rick Rabiser
Johannes Kepler University Linz, Austria
,
Camille Salinesi
University Paris 1 Panthéon-Sorbonne, France
,
Christoph Seidl
TU Braunschweig, Germany
,
Xhevahire Tërnava
Sorbonne University, France
,
Leopoldo Teixeira
Federal University of Pernambuco, Brazil
,
Thomas Thüm
TU Braunschweig, Germany
,
Tewfik Ziadi
Sorbonne University, France

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 September 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

SPLC 2019

SPLC 2019: 23rd International Systems and Software Product Line Conference

September 9 - 13, 2019

Paris, France

Acceptance Rates

Overall Acceptance Rate 167 of 463 submissions, 36%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
273
Total Downloads

Downloads (Last 12 months)35
Downloads (Last 6 weeks)3

Other Metrics

View Author Metrics

Citations

Cited By

View all

Nguyen G(2023)A configurable approach to cyber-physical systems fuzzingProceedings of the 27th ACM International Systems and Software Product Line Conference - Volume B10.1145/3579028.3609005(1-5)Online publication date: 28-Aug-2023
https://dl.acm.org/doi/10.1145/3579028.3609005
Javaid MHaleem ASingh RSuman R(2023)An integrated outlook of Cyber–Physical Systems for Industry 4.0: Topical practices, architecture, and applicationsGreen Technologies and Sustainability10.1016/j.grets.2022.1000011:1(100001)Online publication date: Jan-2023
https://doi.org/10.1016/j.grets.2022.100001
May R(2022)Security and Configurable Storage Systems in Industry 4.0 Environments: A Systematic Literature StudyOpen Conference Proceedings10.52825/ocp.v2i.1492(151-156)Online publication date: 15-Dec-2022
https://doi.org/10.52825/ocp.v2i.149
Qaswar FRahmah MRaza MNoraziah AAlkazemi BFauziah ZHassan MSharaf A(2022)Applications of Ontology in the Internet of Things: A Systematic AnalysisElectronics10.3390/electronics1201011112:1(111)Online publication date: 27-Dec-2022
https://doi.org/10.3390/electronics12010111
Tkachenko OTkachenko KTkachenko O(2022)CLOUD TECHNOLOGIES IN LEARNING: ONTOLOGICAL APPROACHCybersecurity: Education, Science, Technique10.28925/2663-4023.2022.17.1121271:17(112-127)Online publication date: 2022
https://doi.org/10.28925/2663-4023.2022.17.112127
Varela-Vaca ÁRosado DSánchez LGómez-López MGasca RFernández-Medina E(2021)CARMENComputers in Industry10.1016/j.compind.2021.103524132:COnline publication date: 1-Nov-2021
https://dl.acm.org/doi/10.1016/j.compind.2021.103524
Guskov GRomanov AFilippov A(2021)The Knowledge Base for Automating the Architecting of Software SystemsComputational Science and Its Applications – ICCSA 202110.1007/978-3-030-86970-0_20(272-287)Online publication date: 11-Sep-2021
https://doi.org/10.1007/978-3-030-86970-0_20
Varela-Vaca ÁRosado DSánchez LGómez-López MGasca RFernández-Medina E(2020)Definition and Verification of Security Configurations of Cyber-Physical SystemsComputer Security10.1007/978-3-030-64330-0_9(135-155)Online publication date: 17-Dec-2020
https://doi.org/10.1007/978-3-030-64330-0_9
Yamada DBernardi FMiyoshi Nde Lima IVinci AYoshiura VAlves D(2020)Ontology-Based Inference for Supporting Clinical Decisions in Mental HealthComputational Science – ICCS 202010.1007/978-3-030-50423-6_27(363-375)Online publication date: 15-Jun-2020
https://doi.org/10.1007/978-3-030-50423-6_27

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Recommendations

Dependency-based security risk assessment for cyber-physical systems

Cyber-physical systems security: Limitations, issues and future trends

POSTER: Defense against False Data Injection Attack in a Cyber-Physical System