| dc.contributor.advisor | Wolthusen, Stephen Dirk Bjørn | |
| dc.contributor.advisor | Heegaard, Poul Einar | |
| dc.contributor.author | Nweke, Livinus Obiora | |
| dc.date.accessioned | 2022-05-30T10:48:08Z | |
| dc.date.available | 2022-05-30T10:48:08Z | |
| dc.date.issued | 2022 | |
| dc.identifier.isbn | 978-82-326-5875-6 | |
| dc.identifier.issn | 2703-8084 | |
| dc.identifier.uri | https://hdl.handle.net/11250/2996740 | |
| dc.description.abstract | The recent years have witnessed an increasing integration of physical systems with information and communication technology (ICT). This emerging field is usually referred to as cyber-physical systems (CPS) and has generated a lot of attention. These systems are sometimes called real-time systems because they have stringent quality of service (QoS) requirements. Also, the coupling of the physical and the cyber components entails that any malicious activity in the cyber components would have a devastating effect on the physical components which in turn may endanger the lives of the humans and the environment. For this reason, some CPS are also known as safety-critical systems. The application of CPS spans through several domains including power stations, large interconnected infrastructure, traffic systems, etc. Thus, this thesis explored how these physical systems can be incorporated and formally modelled to be able to capture the behaviour of CPS, specifically under attack.
First, this research focused on the communication channel while treating the internal state of CPS as a black box. The communication channel has been shown to be vulnerable to cyber attacks and for a number of these types of attacks, the timing behaviour and particularly the buffering capacity of the communication channel is critical. To address this problem, we employed queueing networks because they are appropriate models for capturing this sort of error conditions that leads to breaching of real-time constraints. We extended the existing models to include ways of representing the interaction of the different types of traffic and to understand how that can breach the QoS requirements. This is because the probability density function for the adversarial flow need not be the same as that of the regular traffic. We then applied one of the proposed models to study the effect of adversarial flow in software-defined industrial control networks.
Moreover, there are scenarios where it is necessary to study the internal state for the internal behaviour of the CPS, which means this cannot be captured using a queueing network type of model. Our interest in this regard was to describe the internal behaviour of CPS in such a way that the asynchronous communication takes a prominent role. Hence, instead of having a model that relies on state machine, where we have global knowledge of the state; we employed process calculus model which effectively allowed us to look at the distributed state and how one state can influence another process including the uncertainty of the distributed state. We first developed an adversary model based on the process calculus model which allows reasoning over process states, placement of adversarial entities and communication behaviour. Then we extended the process calculus model by embedding an algebraic representation of Attack-Defence Trees (ADT) and augmenting this by the addition of a partial ordering over the constituents of the ADT within the embedding, offering an elegant mechanism to extend ADT to ordering and time-related attacks. Lastly, we expanded on the process calculus model to provide a finer grain model of the actual interactions inside the physical systems of CPS. | en_US |
| dc.language.iso | eng | en_US |
| dc.publisher | NTNU | en_US |
| dc.relation.ispartofseries | Doctoral theses at NTNU;2022:169 | |
| dc.relation.haspart | Chapter 2: Nweke, Livinus Obiora; Wolthusen, Stephen. Resilience Analysis of Software-Defined Networks Using Queueing Networks. I: 2020 International Conference on Computing, Networking and Communications (ICNC). IEEE conference proceedings 2020 s. 536-542 https://doi.org/10.1109/ICNC47757.2020.9049712 | en_US |
| dc.relation.haspart | Chapter 3: Nweke, Livinus Obiora; Wolthusen, Stephen. Modelling Adversarial Flow in Software-Defined Industrial Control Networks Using a Queueing Network Model. I: 2020 IEEE Conference on Communications and Network Security (CNS). IEEE conference proceedings 2020 s. 1-6 https://doi.org/10.1109/CNS48642.2020.9162191 | en_US |
| dc.relation.haspart | Chapter 4: Nweke, Livinus Obiora; Weldehawaryat, Goitom Kahsay; Wolthusen, Stephen. Adversary Model for Attacks Against IEC 61850 Real-Time Communication Protocols. I: 16th International Conference on the Design of Reliable Communication Networks DRCN 2020. IEEE conference proceedings 2020 s. 1-8 https://doi.org/10.1109/DRCN48652.2020.1570604241 | en_US |
| dc.relation.haspart | Chapter 5: Nweke, Livinus Obiora; Wolthusen, Stephen. A Review of Asset-Centric Threat Modelling Approaches. International Journal of Advanced Computer Science and Applications (IJACSA) 2020 ;Volum 11.(2) s. 1-6 https://doi.org/10.14569/IJACSA.2020.0110201 This is an open access article licensed under a Creative Commons Attribution 4.0 International License (CC BY 4.0) | en_US |
| dc.relation.haspart | Chapter 6: Nweke, Livinus Obiora; Weldehawaryat, Goitom Kahsay; Wolthusen, Stephen Dirk Bjørn. Threat Modelling of Cyber-Physical Systems Using an Applied Pi-Calculus. International Journal of Critical Infrastructure Protection 2021 ;Volum 35. https://doi.org/10.1016/j.ijcip.2021.100466 This is an open access article under the CC BY licens (CC BY 4.0) | en_US |
| dc.relation.haspart | Chapter 7: Nweke, Livinus Obiora; Weldehawaryat, Goitom Kahsay; Wolthusen, Stephen Dirk Bjørn. Corrigendum to Threat Modelling of Cyber-Physical Systems Using an Applied π-Calculus (International Journal of Critical Infrastructure Protection (2021) 35, (S1874548221000536), (10.1016/j.ijcip.2021.100466)). International Journal of Critical Infrastructure Protection 2022 ;Volum 36. https://doi.org/10.1016/j.ijcip.2021.100506 | en_US |
| dc.relation.haspart | Chapter 8:
Nweke, Livinus Obiora; Wolthusen, Stephen Dirk Bjørn.
A process algebraic approach to modelling cyber-physical systems security | en_US |
| dc.title | Using Formal Methods for Modelling Cyber-Physical Systems Security | en_US |
| dc.type | Doctoral thesis | en_US |
| dc.subject.nsi | VDP::Technology: 500::Information and communication technology: 550 | en_US |
