Publication

Abstract

Modeling Cyber-Physical Systems (CPS) presents a unique challenge due to their numerous heterogeneous components, complex physical interactions, and disjoint communication networks. Modeling CPS to aid security analysis further adds to these challenges, because securing CPS requires not only understanding of the system architecture, but also the system’s role within its broader mission. This is due to the infeasibility of completely securing every single component, network, and part within a CPS. As such it is necessary to be cognizant of the system’s expected service, or mission, so the effects of an exploit can be mitigated and the system can at least perform its mission in a partially degraded manner. A security analysis methodology based on this philosophy is greatly aided by the creation of a model that combines system architecture information, its admissible behaviors, and its mission context. This paper presents a technique for creating such a model using the Systems Modeling Language.