The exponential growth of information and communication technologies have caused a profound shift in the way humans engineer systems leading to emergence closed-loop involving strong integration coordination physical cyber components, often referred as cyber-physical (CPSs). Because these disruptive changes, can now be attacked through cyberspace means. paper considers security resilience system properties emerging from intersection dynamics computing architecture. A modeling simulation...

The underwater medium is an extreme environment for achieving accurate localization due to its many challenges, some of which includes propagation delay, multipath, rough surfaces, and more. Localization relies on ranging information such as time arrival, difference angle arrival (AOA). In the environment, these measurements will be prone errors especially when algorithm stability line-of-sight (LOS) link. This error mainly attributed multipath nature medium, most notably in shallow water...

One step involved in the security engineering process is threat modeling. Threat modeling involves understanding complexity of system and identifying all possible threats, regardless whether or not they can be exploited. Proper identification threats appropriate selection countermeasures reduces ability attackers to misuse system. This paper presents a quantitative, integrated approach that merges software attack centric techniques. The model composed representing physical network...

Traffic signals were originally standalone hardware devices running on fixed schedules, but by now, they have evolved into complex networked systems. As a consequence, traffic become susceptible to attacks through wireless interfaces or even remote the Internet. Indeed, recent studies shown that many lights deployed in practice easily exploitable vulnerabilities, which allow an attacker tamper with configuration of signal. Due hardware-based failsafes, these vulnerabilities cannot be used...

Traffic signals were originally standalone hardware devices running on fixed schedules, but by now, they have evolved into complex networked systems. As a consequence, traffic become susceptible to attacks through wireless interfaces or even remote the Internet. Indeed, recent studies shown that many lights deployed in practice easily exploitable vulnerabilities, which allow an attacker tamper with configuration of signal. Due hardware-based failsafes, these vulnerabilities cannot be used...

Owing1 to an immense growth of internet-connected and learning-enabled cyber-physical systems (CPSs) [1], several new types attack vectors have emerged. Analyzing security resilience these complex CPSs is difficult as it requires evaluating many subsystems factors in integrated manner. Integrated simulation physical communication network can provide underlying framework for creating a reusable configurable testbed such analyses. Using model-based integration approach the IEEE High-Level...

Cyber-Physical Systems (CPS) consist of embedded computers with sensing and actuation capability, are integrated into tightly coupled a physical system. Because the cyber components system coupled, cyber-security is important for ensuring functions properly safely. However, effects cyberattack on whole may be difficult to determine, analyze, therefore detect mitigate. This work presents model based software development framework hardware-in-the-loop (HIL) testbed rapidly deploying CPS attack...

Steady advancement in Artificial Intelligence (AI) development over recent years has caused AI systems to become more readily adopted across industry and military use-cases globally. As powerful as these algorithms are, there are still gaping questions regarding their security reliability. Beyond adversarial machine learning, software supply chain vulnerabilities model backdoor injection exploits emerging potential threats the physical safety of reliant CPS such autonomous vehicles. In this...

Cyber-Physical Systems (CPS) have been increasingly subject to cyber-attacks including code injection attacks. Zero day attacks further exasperate the threat landscape by requiring a shift defense in depth approaches. With tightly coupled nature of cyber components with physical domain, these potential cause significant damage if safety-critical applications such as automobiles are compromised. Moving target techniques instruction set randomization (ISR) commonly proposed address types...

In the past couple of years, railway infrastructure has been growing more connected, resembling a traditional Cyber-Physical System [1] model. Due to tightly coupled nature between cyber and physical domains, new attack vectors are emerging that create an avenue for remote hijacking system components not designed withstand such attacks. As such, best practice cybersecurity techniques need be put in place ensure safety resiliency future designs, as well already field. However, large-scale...

The last decade has seen an influx of digital connectivity, operation automation, and remote sensing control mechanisms in the railway domain. management operations through use distributed sensors controllers with programmable remotely controllable signals switches led to gains system efficiency as well operational flexibility. However, network connectivity opened up cyber communication networks cyber-attacks. These are a class cyber-physical systems (CPS) interconnected physical,...

In-depth consideration and evaluation of security resilience is necessary for developing the scientific foundations technology Cyber-Physical Systems (CPS). In this demonstration, we present SURE [1], a CPS experimentation testbed focusing on transportation networks. The includes (1) heterogeneous modeling simulation integration platform, (2) Web-based tool in adversarial environments, (3) framework evaluating using attacker-defender games. Users such as designers operators can interact with...

In-depth consideration and evaluation of security resilience is necessary for developing the scientific foundations technology Cyber-Physical Systems (CPS). In this demonstration, we present SURE [1], a CPS experimentation testbed focusing on transportation networks. The includes (1) heterogeneous modeling simulation integration platform, (2) Web-based tool in adversarial environments, (3) framework evaluating using attacker-defender games. Users such as designers operators can interact with...

Autonomous and connected vehicle technologies are rapidly emerging being introduced to society. Traditional vehicles becoming more sophisticated with integrated driver-assist features incorporating AI algorithms, control systems, communication interfaces. Modern tightly-coupled into a system of systems robust than the commonly leveraged physical world simulations used in research community industry today. This means that components beyond just model effect safety security operating vehicles....

Moving Target Defenses (MTD) have become a popular and emerging defense strategy for the protection of traditional information technology systems. By their very nature, MTD strategies are designed to protect against adversary reconnaissance efforts on static platforms, essentially sitting back having unlimited time identify, craft, execute, scale an exploit. With rapid adoption distributed automotive Cyber-Physical Systems (CPS) ranging from self driving cars, connected transportation...

Non-control data attacks have become widely popular for circumventing authentication mechanisms in websites, servers, and personal computers. Moreover, the context of Cyber-Physical Systems (CPS) can be executed against not only but also safety. With tightly coupled nature between cyber components physical dynamics, any unauthorized change to safety-critical variables may cause damage or even catastrophic consequences. Moving target defense (MTD) techniques such as space randomization (DSR)...

Memory corruption attacks such as code injection, reuse, and non-control data have become widely popular for compromising safety-critical Cyber-Physical Systems (CPS). Moving target defense (MTD) techniques instruction set randomization (ISR), address space (ASR), (DSR) can be used to protect systems against attacks. CPS often use time-triggered architectures guarantee predictable reliable operation. MTD cause time delays with unpredictable behavior. To memory attacks, implemented in a mixed...

In 2016, the Cyber Grand Challenge (CGC) provided key foundations and motivations for navigating towards an autonomous cybersecurity approach. Since that time, novel strides have been made in areas of static analysis, vulnerability discovery, patching, exploit generation. However, a majority these efforts focused on enterprise systems, leaving gap Cyber-Physical System (CPS) domain. With rise connected infrastructure introduction 5G communications, CPS are becoming more ingrained within...

Traditional underwater localization relies on line-of-sight (LOS) links to properly utilize ranging information. Unfortunately, the accuracy of techniques such as time arrival (TOA), difference (TDOA) and angle (AOA) can be significantly degraded by LOS instabilities in medium due increased multipath effects. This paper proposes a novel signal reflection-enabled acoustic-based scheme (UNREAL) that employs both surface-reflected non-line-of-sight (NLOS) information locate node has drifted...

Autonomous and connected vehicle technologies are rapidly emerging in the modern railway domain. Traditional standalone systems now becoming more sophisticated, resulting distributed interfaces, a larger attack surface. As such, there exists tightly coupled cyber-physical nature that makes cyber-attack capable of not only exfiltrating sensitive data, but also manipulating safety-critical operations system. This manipulation can cause train to experience unsafe conditions, potentially leading...