Learn Ethical Hacking and Penetration Testing Online

Learn ethical hacking, penetration testing, cyber security, best security and web penetration testing techniques from best ethical hackers in security field.

Menu

CPS Cybersecurity Challenges – Bridging the Gaps

Cyber Physical System (CPS) is the merger of Cyber and Physical domain. CPS involves integration of physical devices, networks, and computations. The physical devices are capable of sensing, monitoring, computing, and communicating within the defined premises. Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) system are true examples of a typical CPS. Although CPS sounds more like an industrial domain, it faces serious Cybersecurity challenges due to the involvement of Cyber technology in CPS infrastructure. In this article, we shall discuss the CPS infrastructure and the Cybersecurity threats that can destroy the industries if CPS vulnerabilities are not addressed properly.

CPS Components

A CPS may consist of the following five components.

  1. Sensors
  2. Actuators
  3. Computers
  4. Network Devices
  5. Physical Processes

These components can be divided into three categories based on their resemblance or working in similar domain. Sensors and Actuators can be placed in one category due to their working relation. A sensor can sense the environment and convert the findings into an electrical signal. The actuator on the other hand can take this signal as input to generate a physical action.  Computers and network devices can constitute the second category. The Physical processes can be placed into a separate category in Cyber Physical System.

CPS Model

To understand the CPS Cybersecurity challenges, it is important to know the CPS model. The CPS model can break down the CPS infrastructure into pieces, making it easier to understand the CPS layers that are exposed to Cyberattacks. In layman terms, the CPS is a two-layer model i-e Cyber and Physical layer. However, in actual it is a three-layer model. These layers can be classified into the following zones.

  1. Enterprise zone
  2. Control zone
  3. Field zone

Enterprise Zone: It is the topmost layer in CPS architecture. Enterprise zone is responsible for business and administrative functions management. Examples include Enterprise Resource Management (ERM) and Customer Relationship Management (CRM) functions. Since enterprise zone contains computers and endpoint network devices, frequent updates and traditional cybersecurity solutions deployment is possible in this zone.

Control Zone:  Control zone is the second layer of CPS architecture which is responsible for CPS operations management. It includes systems like Supervisory Control and Data Acquisition (SCADA), Programmable Logic Control (PLC), and Distributed Control System (DCS). These instruments are responsible for controlling, monitoring, and managing real-time processes in CPS. Normal cybersecurity solutions may not work well in control zone.

Field Zone: Field zone is the third layer in CPS which represents the physical area where physical processes are performed. Sensors, actuators, transducers, etc. are deployed in field zones which interact with the physical environment and communicate back with the control zone. Thes instruments installed in field zone are managed by control zone elements like SCADA and PLC. Normal cybersecurity solutions can’t be used in field zone devices.

CPS Cybersecurity Challenges

Although CPS is not 100% exposed to internet infrastructure, it is still vulnerable to high risk cyberattacks. Some critical CPS cybersecurity challenges in this regard are mentioned below.

Enterprise Zone Exposure

If we sum up the CPS layered architecture, we can conclude that the topmost layer (enterprise zone) is the only layer that is linked with the outer world. The control zone and field zone are interlinked with each other. However, the enterprise zone acts as an entry point for attackers. If attackers manage to compromise the enterprise zone, they can breach into control zone and eventually field zone devices. Ukraine power grid hack in 2015 is an example of a similar cyber-attack where hackers initially compromised the enterprise zone computers through phishing techniques. Later, they managed to get into control zone devices responsible for power outage in the country.

Use of Legacy Systems

There are many CPS examples where legacy systems are still in use to perform certain tasks. These legacy systems were built with productivity in mind. The induction of cybersecurity features in these legacy systems were not the primary choice of manufacturers. Therefore, these legacy systems with no or little cyber defense mechanism can create cybersecurity issues for CPS infrastructure.

Complex Infrastructure

CPS is a combination of Cyber and Physical domain where different devices merge to perform desired functions. The merger of these devices creates complexity in terms of management, maintenance, and security. A CPS may contain software and devices manufactured by multiple vendors. Since each vendor has a different manufacturing goal, it is near to impossible to have software and devices with 100% cybersecurity features. The complex nature of a CPS also makes it hard for experts to deploy cybersecurity solutions that can cover all the diverse components and services that constitute a CPS architecture.

Real Time Operations

A CPS involves real time processes where machines operate continuously to perform certain operations. Since different machines in a CPS environment are interconnected operating in combination, it is a challenging task to monitor, diagnose, or respond to   individual machines without interrupting the running processes. The complete shutdown of processes for cybersecurity purpose can negatively impact the performance of a Cyber Physical System.

 State Level Cyberwar

State Level Cyberwar is a major threat to Cyber Physical Systems. State sponsored hackers target CPS to gain social, political, or financial objectives. Power grids, gas pipelines, nuclear facilities, transport systems, healthcare units, etc. are the well-known CPS examples that have been attacked in the past with diverse objectives.

Human Factor

Human factor plays an important role in CPS security.  Many cyberattacks on critical infrastructure succeed either with negligence or deliberate intentions of the people working in CPS environment. Lack of training and cybersecurity skills of employees allow hackers to target humans to break into CPS. Hackers use techniques like social engineering, phishing, and spear phishing for this purpose. Disgruntled employees are another challenge in CPS security.  The world has witnessed many cybersecurity breaches in the past which involves insiders as the key players of cyber-attacks.

Conclusion

Cyber Physical Systems play an important role in economic growth and development of a country. Infrastructure modernization, business development, enhanced security, disaster management etc. are a few example benefits associated with CPS domain. On the other hand, CPS is also a key target of hackers to create chaos and impact a country in many ways. Due to heterogeneity and the complex nature of CPS infrastructure, cybersecurity is not an easy task. State-level Cyberthreats require a proactive approach to overcome the challenge. Employees training and monitoring can play a major role in CPS security enhancement.

Did you enjoy this post?

Would you like to join our Insider's List and be notified when we post something or get FREE exclusive content?

Join Our Insider's List

Leave a Reply

Contact Us
Privacy Policy

Disclaimer
500 Westover Dr #8208 Sanford NC 27330