Unified IT&OT Modeling for Cybersecurity Analysis of Cyber-Physical Systems
Peer reviewed, Journal article
MetadataShow full item record
Original versionIEEE Open Journal of the Industrial Electronics Society (OJ-IES). 2022, 3 318-328. 10.1109/OJIES.2022.3178834
Cyber-Physical Systems (CPSs) engineering profoundly relies on modeling methods to represent the system and study the operation and cybersecurity of CPSs. The operation of a CPS is the result of the collaboration between Information Technology (IT) and Operational Technology (OT) components. While OT focuses on the system’s process physics, the emphasis of IT is on information flow. Consequently, different system models are utilized to study various aspects of CPSs, which may infer different views of the same system. The increasing complexity of CPSs and the high number of cyberattacks against Industrial Control Systems (ICSs) and CPSs in recent years have highlighted the necessity of considering these interrelations based on a unified model to analyze cybersecurity of CPSs. However, the diversity of engineering fields and implicit relations and dependencies between them have made it difficult to integrate the modeling methods towards a unified IT&OT model of CPSs.In this paper, we propose a comprehensive method, based on bond graphs, to model CPS and analyze their cybersecurity. Unlike existing methods, modeling the cyber layer along with the physical layer based on the system flow provides a holistic graphical representation of a CPS, which facilitates collaboration between IT and OT experts.