The project “Framework to Cyber-Physical System Security (CyPhySec)” concerns the emerging topic of security for physical systems which are connected to the world of computing – so-called cyber-physical systems. This interconnection makes it possible that cyber-launched attacks directly strike physical systems which can cause enormous harm to the physical environment or even people. In general, cyber-physical systems face three different types of attacks: software-based attacks exploiting software shortcomings, malware in silicon being an undesired malicious functionality added in hardware by an adversary, and mathematical attacks exploiting shortcomings of system models or mathematical algorithms. While the first types have been thoroughly addressed in research, this project goes the logical next step of performing consistent and comprehensive research on mathematical vulnerabilities.
However, system models, control and estimation algorithms are traditionally allotted to traditional engineering originating the system’s physical part while cyber-security has been treated by information technology. Thus, this project faces the challenge of combining two diverging points of view: engineers are able to predict the system’s reaction on an event, while informatics is able to define these events regarding the security issues. Therefore, a multidisciplinary and consistent framework focusing on the impact of mathematical attacks on the system’s physical part will be created within the project at hand. In detail, we will (1) create consistent attack descriptions from the knowledge in classical engineering disciplines and IT security, (2) evaluate and classify the attack’s aftermath on the physical-systems by means of a self-created test-bed, (3) develop thereon proper countermeasures and (4) refine the results so that they become a valuable basis for further research in the related disciplines.