Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 11 of 11
Full-Text Articles in Entire DC Network
Constructing Cyber-Physical System Testing Suites Using Active Sensor Fuzzing, Fan. Zhang, Qianmei. Wu, Bohan. Xuan, Yuqi. Chen, Wei. Lin, Christopher M. Poskitt, Jun Sun, Binbin. Chen
Constructing Cyber-Physical System Testing Suites Using Active Sensor Fuzzing, Fan. Zhang, Qianmei. Wu, Bohan. Xuan, Yuqi. Chen, Wei. Lin, Christopher M. Poskitt, Jun Sun, Binbin. Chen
Research Collection School Of Computing and Information Systems
Cyber-physical systems (CPSs) automating critical public infrastructure face a pervasive threat of attack, motivating research into different types of countermeasures. Assessing the effectiveness of these countermeasures is challenging, however, as benchmarks are difficult to construct manually, existing automated testing solutions often make unrealistic assumptions, and blindly fuzzing is ineffective at finding attacks due to the enormous search spaces and resource requirements. In this work, we propose active sensor fuzzing , a fully automated approach for building test suites without requiring any a prior knowledge about a CPS. Our approach employs active learning techniques. Applied to a real-world water treatment system, …
Finding Causally Different Tests For An Industrial Control System, Christopher M. Poskitt, Yuqi Chen, Jun Sun, Yu Jiang
Finding Causally Different Tests For An Industrial Control System, Christopher M. Poskitt, Yuqi Chen, Jun Sun, Yu Jiang
Research Collection School Of Computing and Information Systems
Industrial control systems (ICSs) are types of cyber-physical systems in which programs, written in languages such as ladder logic or structured text, control industrial processes through sensing and actuating. Given the use of ICSs in critical infrastructure, it is important to test their resilience against manipulations of sensor/actuator inputs. Unfortunately, existing methods fail to test them comprehensively, as they typically focus on finding the simplest-to-craft manipulations for a testing goal, and are also unable to determine when a test is simply a minor permutation of another, i.e. based on the same causal events. In this work, we propose a guided …
Mitigating Adversarial Attacks On Data-Driven Invariant Checkers For Cyber-Physical Systems, Rajib Ranjan Maiti, Cheah Huei Yoong, Venkata Reddy Palleti, Arlindo Silva, Christopher M. Poskitt
Mitigating Adversarial Attacks On Data-Driven Invariant Checkers For Cyber-Physical Systems, Rajib Ranjan Maiti, Cheah Huei Yoong, Venkata Reddy Palleti, Arlindo Silva, Christopher M. Poskitt
Research Collection School Of Computing and Information Systems
The use of invariants in developing security mechanisms has become an attractive research area because of their potential to both prevent attacks and detect attacks in Cyber-Physical Systems (CPS). In general, an invariant is a property that is expressed using design parameters along with Boolean operators and which always holds in normal operation of a system, in particular, a CPS. Invariants can be derived by analysing operational data of various design parameters in a running CPS, or by analysing the system's requirements/design documents, with both of the approaches demonstrating significant potential to detect and prevent cyber-attacks on a CPS. While …
Physical Adversarial Attack On A Robotic Arm, Yifan Jia, Christopher M. Poskitt, Jun Sun, Sudipta Chattopadhyay
Physical Adversarial Attack On A Robotic Arm, Yifan Jia, Christopher M. Poskitt, Jun Sun, Sudipta Chattopadhyay
Research Collection School Of Computing and Information Systems
Collaborative Robots (cobots) are regarded as highly safety-critical cyber-physical systems (CPSs) owing to their close physical interactions with humans. In settings such as smart factories, they are frequently augmented with AI. For example, in order to move materials, cobots utilize object detectors based on deep learning models. Deep learning, however, has been demonstrated as vulnerable to adversarial attacks: a minor change (noise) to benign input can fool the underlying neural networks and lead to a different result. While existing works have explored such attacks in the context of picture/object classification, less attention has been given to attacking neural networks used …
Deriving Invariant Checkers For Critical Infrastructure Using Axiomatic Design Principles, Cheah Huei Yoong, Venkata Reddy Palleti, Rajib Ranjan Maiti, Arlindo Silva, Christopher M. Poskitt
Deriving Invariant Checkers For Critical Infrastructure Using Axiomatic Design Principles, Cheah Huei Yoong, Venkata Reddy Palleti, Rajib Ranjan Maiti, Arlindo Silva, Christopher M. Poskitt
Research Collection School Of Computing and Information Systems
Cyber-physical systems (CPSs) in critical infrastructure face serious threats of attack, motivating research into a wide variety of defence mechanisms such as those that monitor for violations of invariants, i.e. logical properties over sensor and actuator states that should always be true. Many approaches for identifying invariants attempt to do so automatically, typically using data logs, but these can miss valid system properties if relevant behaviours are not well-represented in the data. Furthermore, as the CPS is already built, resolving any design flaws or weak points identified through this process is costly. In this paper, we propose a systematic …
Adversarial Attacks And Mitigation For Anomaly Detectors Of Cyber-Physical Systems, Yifan Jia, Jingyi Wang, Christopher M. Poskitt, Sudipta Chattopadhyay, Jun Sun, Yuqi Chen
Adversarial Attacks And Mitigation For Anomaly Detectors Of Cyber-Physical Systems, Yifan Jia, Jingyi Wang, Christopher M. Poskitt, Sudipta Chattopadhyay, Jun Sun, Yuqi Chen
Research Collection School Of Computing and Information Systems
The threats faced by cyber-physical systems (CPSs) in critical infrastructure have motivated research into a multitude of attack detection mechanisms, including anomaly detectors based on neural network models. The effectiveness of anomaly detectors can be assessed by subjecting them to test suites of attacks, but less consideration has been given to adversarial attackers that craft noise specifically designed to deceive them. While successfully applied in domains such as images and audio, adversarial attacks are much harder to implement in CPSs due to the presence of other built-in defence mechanisms such as rule checkers (or invariant checkers). In this work, we …
Code Integrity Attestation For Plcs Using Black Box Neural Network Predictions, Yuqi Chen, Christopher M. Poskitt, Jun Sun
Code Integrity Attestation For Plcs Using Black Box Neural Network Predictions, Yuqi Chen, Christopher M. Poskitt, Jun Sun
Research Collection School Of Computing and Information Systems
Cyber-physical systems (CPSs) are widespread in critical domains, and significant damage can be caused if an attacker is able to modify the code of their programmable logic controllers (PLCs). Unfortunately, traditional techniques for attesting code integrity (i.e. verifying that it has not been modified) rely on firmware access or roots-of-trust, neither of which proprietary or legacy PLCs are likely to provide. In this paper, we propose a practical code integrity checking solution based on privacy-preserving black box models that instead attest the input/output behaviour of PLC programs. Using faithful offline copies of the PLC programs, we identify their most important …
Deep-Learning-Based App Sensitive Behavior Surveillance For Android Powered Cyber-Physical Systems, Haoyu Ma, Jianwen Tian, Kefan Qiu, David Lo, Debin Gao, Daoyuan Wu, Chunfu Jia, Thar Baker
Deep-Learning-Based App Sensitive Behavior Surveillance For Android Powered Cyber-Physical Systems, Haoyu Ma, Jianwen Tian, Kefan Qiu, David Lo, Debin Gao, Daoyuan Wu, Chunfu Jia, Thar Baker
Research Collection School Of Computing and Information Systems
Android as an operating system is now increasingly being adopted in industrial information systems, especially with Cyber-Physical Systems (CPS). This also puts Android devices onto the front line of handling security-related data and conducting sensitive behaviors, which could be misused by the increasing number of polymorphic and metamorphic malicous applications targeting the platform. The existence of such malware threats therefore call for more accurate identification and surveillance of sensitive Android app behaviors, which is essential to the security of CPS and IoT devices powered by Android. Nevertheless, achieving dynamic app behavior monitoring and identification on real CPS powered by Android …
Towards Systematically Deriving Defence Mechanisms From Functional Requirements Of Cyber-Physical Systems, Cheah Huei Yoong, Venkata Reddy Palleti, Arlindo Silva, Christopher M. Poskitt
Towards Systematically Deriving Defence Mechanisms From Functional Requirements Of Cyber-Physical Systems, Cheah Huei Yoong, Venkata Reddy Palleti, Arlindo Silva, Christopher M. Poskitt
Research Collection School Of Computing and Information Systems
The threats faced by cyber-physical systems (CPSs) in critical infrastructure have motivated the development of different attack detection mechanisms, such as those that monitor for violations of invariants, i.e. properties that always hold in normal operation. Given the complexity of CPSs, several existing approaches focus on deriving invariants automatically from data logs, but these can miss possible system behaviours if they are not represented in that data. Furthermore, resolving any design flaws identified in this process is costly, as the CPS is already built. In this position paper, we propose a systematic method for deriving invariants before a CPS is …
Active Fuzzing For Testing And Securing Cyber-Physical Systems, Yuqi Chen, Bohan Xuan, Christopher M. Poskitt, Jun Sun, Fan Zhang
Active Fuzzing For Testing And Securing Cyber-Physical Systems, Yuqi Chen, Bohan Xuan, Christopher M. Poskitt, Jun Sun, Fan Zhang
Research Collection School Of Computing and Information Systems
Cyber-physical systems (CPSs) in critical infrastructure face a pervasive threat from attackers, motivating research into a variety of countermeasures for securing them. Assessing the effectiveness of these countermeasures is challenging, however, as realistic benchmarks of attacks are difficult to manually construct, blindly testing is ineffective due to the enormous search spaces and resource requirements, and intelligent fuzzing approaches require impractical amounts of data and network access. In this work, we propose active fuzzing, an automatic approach for finding test suites of packet-level CPS network attacks, targeting scenarios in which attackers can observe sensors and manipulate packets, but have no existing …
Learning-Guided Network Fuzzing For Testing Cyber-Physical System Defences, Yuqi Chen, Christopher M. Poskitt, Jun Sun, Sridhar Adepu, Fan Zhang
Learning-Guided Network Fuzzing For Testing Cyber-Physical System Defences, Yuqi Chen, Christopher M. Poskitt, Jun Sun, Sridhar Adepu, Fan Zhang
Research Collection School Of Computing and Information Systems
The threat of attack faced by cyber-physical systems (CPSs), especially when they play a critical role in automating public infrastructure, has motivated research into a wide variety of attack defence mechanisms. Assessing their effectiveness is challenging, however, as realistic sets of attacks to test them against are not always available. In this paper, we propose smart fuzzing, an automated, machine learning guided technique for systematically finding 'test suites' of CPS network attacks, without requiring any knowledge of the system's control programs or physical processes. Our approach uses predictive machine learning models and metaheuristic search algorithms to guide the fuzzing of …