Model-based Testing and Analysis of the Cyber-Resiliency of Cyber-Physical Systems: The SCAPS Project
• Presentation
Publisher
Software Engineering Institute
Subjects
Watch
Abstract
AADL/ACVIP User Days 2021 was hosted by the Software Engineering Institute (SEI) and held virtually on February 3-4, 2021. AADL/ACVIP User Days is a free two-day virtual forum to present the latest on the Architecture Analysis and Design Language (AADL), the Architecture-Centric Virtual Integration Process (ACVIP), and associated tools.
This presentation by Roshan K. Thomas was given virtually at AADL/ACVIP User Days 2021. The Secure Control System Architectures in Cyber-Physical Systems (SCAPS) research project at MITRE is developing model-based technologies to analyze the effect of cyber-attacks on process-safety in cyber-physical systems (CPS). The SCAPS Workbench tools allow an experimenter to import the AADL model of a target system to be analyzed, and inject cyber-attack effects on the hardware and software elements in the AADL schemas. The effects are then mapped to corresponding control system simulation model components in Simulink, enabling an analyst to run multiple simulation scenarios and observe how the control systems can be perturbed by the injected cyber effects. The approach also integrates fault trees, hazard analysis, and resiliency measures. System designers, forensic analysts, organizations that do certifications, and red teams will find the Workbench to be a useful and vital tool to analyze process safety design flaws and vulnerabilities in control systems.
Dr. Roshan K. Thomas is a Principal Infosec Scientist at the MITRE Corporation where he leads cyber security research and innovations related to model-based security engineering as well as assurance and trust management in cyber-physical systems and autonomous computing. Prior to MITRE, he served as a Principal Investigator and researcher on a variety of projects funded by DARPA, IARPA, DHS, ARL, and NSF. Dr. Thomas served as the co-founder of the First IEEE International Workshop on Pervasive Computing and Communication Security (PerSec 2004) and as the PC co-chair for the second workshop (PerSec 2005). He is also a co-founder of the 2015 ACM CCS Workshop on Cyber-Physical Systems Security and Privacy and served on the steering committee of subsequent workshops as well as the recently held 2020 Joint Workshop on CPS&IoT Security and Privacy.