[MUSIC] Hello, welcome back. In the previous lesson, we looked at security requirements of cyber-physical systems. In this video lecture, we will learn about fundamental security concepts and methods that provide security for cyber physical systems. Confidentiality is one of the most important aspect of security. Confidentiality refers to protecting personal privacy and proprietary information from unauthorized access. It is very important to protect such information from being disclosed to people who are not eligible to access it. In most of the cases, confidentiality is roughly equivalent to privacy. In cyber-physical systems due to the heterogeneous nature of the system and physically observable outputs or events, information flow is complex, resulting in a greater risk of confidentiality and privacy violations. Encryption is one of the most efficient methods of protecting confidentiality of data in systems. Cryptographic solutions, however, involves complex computations that require sufficient amount of computing power to be applicable in the system. Using encryption in cyber-physical systems has some restrictions due to limited computing and storage capacity of devices. And in some cases, also limited energy available for devices. So in order to deal with this problem, lightweight cryptographic mechanisms should be applied. Data and cyber-physical systems must be encrypted when it is stored or transferred. In addition to encrypting data, it is also important to limit access to data. The proper access control system will guarantee that data is accessible only to authorized people or devices. Besides controlling logical access to computings, resources, network and data. Also physical access to system components, such as computing hardware, sensors, actuators and even monitor environment if possible needs to be restricted. Logical access control is accomplished by an access control policy. Some well-known access control policies are Role Based Access Control or RBAC. Mandatory Access Control or MAC and Identity based Access Control or IBAC. Confidentiality could be compromised in different ways. For example, a physical network line could be attacked by wire tapping the line to monitor and record network communication. In this case, if the communication is not encrypted, the data will be accessible to the attacker. A password attack is another type of confidentiality attack, which exploits passwords using different cracking tools. Such tools try several different combinations of most commonly used words to crack a password. This is why choosing a strong password is very important. A strong password is more difficult to crack for the tools. You can find some good tips on choosing a strong password on the internet. Phishing or pharming is another way of acquiring passwords and other sensitive information. In a phishing attack, the victim receives an email or another type of message that appears to be send by unknown contact. The email might contain malware infected attachments or provide a link to a fake looking page Integrity is another aspect of security. Integrity involves maintaining the consistency, accuracy and trustworthiness of data over its entire lifecycle. Integrity ensures that information is not modified by unauthorized entities. In addition to data, integrity is also required for physical components of systems. Physical integrity of a system ensures that the physical devices composing a system cannot be modified. Tamper proof hardware is one way of ensuring physical integrity in cyber-physical systems. Such hardware is resistant against tampering or deliver a changes. Physical tamper resistant systems are developed to process or store critical information. One way of ensuring data integrity is hashing. Hashing is transforming a large amount of data, for example, text into a short and a fixed length piece of data called a hash value. The idea is that the initial data cannot be obtained based on the hash value. This means that the hash function which does the transformation is a one way algorithm. If a single bit is changed in data, the hash function will probably use a totally different hash value. In order to ensure integrity of data, the hash value of data is computed and kept secret. To check if data has been modified at some point, the hash value is computed and compared to the initial hash value. If the two hash values are identical, then the data has not been altered. Another aspect of integrity is configuration integrity. We assume here that a system has a set of functional parameters that can take different values in different operating scenarios. For example, a sensor could be set to be read every ten seconds or data could be set to be streamed to the cloud sever every five minutes. If such configuration parameters are tampered with, the system may behave unexpectedly or even crash. Therefore, configuration integrity is a very important requirement for security of cyber-physical systems. A reliable way of ensuring configuration integrity is to implement a dedicated secure configuration management system. Code integrity is also of utmost importance. It means ensuring that the embedded program code running on the components of the system cannot be altered by an attacker. Software at this station is a challenge response technique that enables checking the integrity of the memory contents of devices against malicious modifications. It could be used, for example, to verify code integrity of sensors and actuators. Integrity attacks can have a significant impact on cyber-physical system. A single integrity attack might be a minor attack, as such. But if it runs over a long period of time or on multiple devices simultaneously, it results in a larger and severe attack overall. For example, in a salami attack, only various small changes are made at the time. But if such small changes are made in a large amount of data or devices, it will have a severe impact. A man-in-the-middle attack is another type of integrity attack in which the attacker tries to intercept the communication between two devices in order to manipulate data. The man-in-the-middle attack can also be considered a confidentiality attack. Availability is another important aspect of information security in cyber-physical systems. Availability refers to ensuring that authorized parties are able to access information and resources whenever needed. This means that all components of a cyber-physical system, including the sensors, actuators, computing and storage systems, security solutions and communication channels must be functioning correctly, so that the system is available when needed. In critical applications, systems need to be available basically all the time. In some critical systems, the tolerated system downtime can be less than a few seconds. Imagine the impact of an interruption caused by availability attacks to a critical infrastructure, such as a nuclear power plant. Availability attacks can target different parts of the system. Regarding cyber-physical systems, availability attacks can be highly critical, because of the unsupervised and autonomous nature of such systems. The most common availability attack is called a Denial of Service attack or DoS attack. DDoS attack, which stands for Distributed Denial of Service attack is a more advanced form of DoS attack. It is carried out from multiple sources, simultaneously. DDoS has a higher impact and is more difficult to track, and tackle. Another way of attacking availability of a system is to interrupt electrical power of the system. Lastly, since several physical systems are exposed to physical environments and interact with them, physical protection of these systems is also very important to avoid availability problems. In this lesson, we discuss the basic security concepts in cyber-physical systems. Namely, confidentiality, integrity and availability. We also learn about potential attacks against them. In the next video lecture, we will learn more about attack modules in the cyber-physical systems context. [MUSIC]
