System and method for modeling and analyzing the impact of cyber-security events on cyber-physical systems
First Claim
1. A method for simulating a cyber-physical system, wherein the method is performed at one or more hardware processors configured to execute one or more programs stored in a memory of a computing system, the method comprising:
- receiving a definition of a scope of a simulation;
generating a mapping of a cyber simulation model to a control system simulation model,wherein the cyber simulation model is configured to model a software and hardware architecture of the cyber-physical system; and
wherein the control system simulation model is configured to model a physical behavior of the cyber-physical system;
selecting one or more fault models, wherein the selected fault models are based on the received definition of the scope of the simulation;
generating one or more attack plans for the cyber simulation model, wherein the one or more attack plans are based on the selected one or more fault models;
generating one or more attack hooks for the control system simulation model, wherein the one or more attack hooks are based on the generated mapping of the cyber simulation model to the control system model and based on the generated one or more attack packs for the cyber simulation model;
modifying the control system simulation model to include the one or more generated attack hooks; and
executing a simulation on the modified control system simulation model.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for systematically undertaking model-based security analysis of a cyber physical system (CPS) is provided. In one example, a cyber model simulation and a control system simulation are mapped using various methods to determine which portions of the cyber-model simulation and the control system simulation are correlated with one another. Using the determined correlation, when a cyber-attack is generated on the cyber model simulation, a corresponding attack hook can be generated for the control system model. The attack hook is configured to be integrated into the control system model so as to mimic the effect on the control system that a cyber-attack can engender. Once one or more attack hooks are generated, the user can place the hooks into the control system simulation schemas and run a series of simulations to determine the effects of a cyber event on the control system in a CPS.
-
Citations
40 Claims
-
1. A method for simulating a cyber-physical system, wherein the method is performed at one or more hardware processors configured to execute one or more programs stored in a memory of a computing system, the method comprising:
-
receiving a definition of a scope of a simulation; generating a mapping of a cyber simulation model to a control system simulation model, wherein the cyber simulation model is configured to model a software and hardware architecture of the cyber-physical system; and wherein the control system simulation model is configured to model a physical behavior of the cyber-physical system; selecting one or more fault models, wherein the selected fault models are based on the received definition of the scope of the simulation; generating one or more attack plans for the cyber simulation model, wherein the one or more attack plans are based on the selected one or more fault models; generating one or more attack hooks for the control system simulation model, wherein the one or more attack hooks are based on the generated mapping of the cyber simulation model to the control system model and based on the generated one or more attack packs for the cyber simulation model; modifying the control system simulation model to include the one or more generated attack hooks; and executing a simulation on the modified control system simulation model. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer readable storage medium having stored thereon a set of instructions for simulating a cyber-physical system that when executed by a computing device, cause the computing device to:
-
receive a definition of a scope of a simulation; generate a mapping of a cyber simulation model to a control system simulation model; wherein the cyber simulation model is configured to model a software and hardware architecture of the cyber-physical system; and wherein the control system simulation model is configured to model a physical behavior of the cyber-physical system; select one or more fault models, wherein the selected fault models are based on the received definition of the scope of the simulation; generate one or more attack plans for the cyber simulation model, wherein the one or more attack plans are based on the imported one or more fault models; generate one or more attack hooks for the control system simulation model, wherein the one or more attack hooks are based on the generated mapping of the cyber simulation model to the control system model and based on the generated one or more attack packs for the cyber simulation model; modify the control system simulation model to include the one or more generated attack hooks; and execute a simulation on the modified control system simulation model. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A computing system comprising:
-
a memory; one or more hardware processors; and one or more programs configured to simulate a cyber-physical system, wherein the one or more programs are stored in the memory and configured to be executed by the one or more hardware processors, the one or more programs when executed by the one or more hardware processors cause the hardware processor to; receive a definition of a scope of a simulation; generate a mapping of a cyber simulation model to a control system simulation model; wherein the cyber simulation model is configured to model a software and hardware architecture of the cyber-physical system; and wherein the control system simulation model is configured to model a physical behavior of the cyber-physical system; select one or more fault models, wherein the selected fault models are based on the received definition of the scope of the simulation; generate one or more attack plans for the cyber simulation model, wherein the one or more attack plans are based on the imported one or more fault models; generate one or more attack hooks for the control system simulation model, wherein the one or more attack hooks are based on the generated mapping of the cyber simulation model to the control system model and based on the generated one or more attack packs for the cyber simulation model; modify the control system simulation model to include the one or more generated attack hooks; and execute a simulation on the modified control system simulation model. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
Specification