1 / 25

Yuan Xue Vanderbilt University

Integrated Modeling, Simulation and Emulation Environment for Security Assessment of Cyber-Physical Systems. Yuan Xue Vanderbilt University. Cyber-Physical Systems. CPS has extraordinary significance for the future of the U.S. industry and military superiority.

gali
Download Presentation

Yuan Xue Vanderbilt University

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Integrated Modeling, Simulation and Emulation Environment for Security Assessment of Cyber-Physical Systems Yuan Xue Vanderbilt University

  2. Cyber-Physical Systems • CPS has extraordinary significance for the future of the U.S. industry and military superiority. • A 2007 report of the President’s Council of Advisors on Science and Technology highlights CPS as the number one priority for federal investments in networking and information technology. • Application Domains • Health-Care • Automotive Systems • Building and Process Controls • Defense and Aviation Systems • Critical Infrastructure Cyber-physical systems (CPS) are tight integrations of communications, computational and physical processes

  3. Security Issues of CPS • Trustworthiness of cyber‐physical systems is an essential concern • Formal analysis of CPS behavior is hard • There is a pressing need to evaluate both cyber- and physical systems together and holistically using simulation and/or emulation.

  4. Need for Security Assessment Tool and Experiment Environment • Evaluation of CPS security requires a sophisticated modeling and simulation, experiment infrastructure • Realistic assessment • Early assessment • Automatic and rapidly configured experiments • Support for physical environment simulation • Support for convenient system measurement and holistic CPS behavior analysis.

  5. Our Approach • Integration at two levels • Run-time: Integration of multiple tools/Environment • Simulation, emulation, real testbed so that they can interact in a coordinated way. • Modeling-time: Model integration • rapid configuration/deployment • Step I: Command and Control Wind Tunnel • Heterogeneous simulation integration • Step II, Integration of DeterLab and C2WT • Simulation and emulation integration

  6. C2 Wind Tunnel • Integration of multiple simulation tools • Matlab/Simulink, OMNeT++, DEVSJAVA, Delta3D, CPN, etc. • Follow HLA standard • Coordinate execution of distributed simulations via RTI C2 Wind Tunnel Integration Framework • Simulation Tools • Simulink • Omnet • DEVSJAVA • OGRE • CPN Tools • Java/C/C++ • etc. • Passive Federates • Data loggers • Monitors • Analysis • Prognostics • Projections Live components -UAVs -Command & Control -Live deployment feedback Run-Time Infrastructure (RTI)

  7. C2 Wind Tunnel • Model-integrated approach • Develop an overarching modeling environment based on GME • Integrate different platform-specific simulation models

  8. From Simulation to Emulation • Network components and policies are essential aspects of CPS • The impact of network on CPS system need to be accurately characterized • Think about the network attacks… • Limit of network simulator • Protocol implementation details are missing • Poor scalability Network simulation is insufficient in providing the level of accuracy required by the evaluation of CPS.

  9. From Simulation to Emulation • Benefit of network emulation • Greater realism and accuracy with truthful protocol implementation and real network traffic delivery • Providing a computing platform where prototypes of software components can be deployed • Network emulation platform • Emulab • DETERNet • Tools available for emulate network attacks

  10. Architecture Experiment Specification Model Integration Layer Network Models Controller Models Organization Models Environment Models Fusion Models Model Run-time Network Applications Emulation Federate Simulink Federate CPN Federate Delta3D Federate DEVS Federate Simulation- Emulation Tunnel Run-Time Infrastructure (RTI) Data communication Layer (TCP/IP) Emulation Platform Simulation Platform Emulab

  11. Design Consideration • Communication between simulated objects and real network objects • Time synchronization between simulated objects and real network objects

  12. Meta-Model and Models • Network Topology Model • Network Application Process Deployment and Communication Model • Network Interaction Model

  13. Meta-Model for Network Topology

  14. Topology Model UAV1 11M bps wireless link Control Station 10M bps Access Point UAV2 Capacity: 11Mbps Propagation Model: Free space MAC: IEEE 802.11 11M bps wireless link Bandwidth: 10Mbps Delay: 10ms Loss: 0.02 Bandwidth: 11Mbps Loss: 0.01 Delay: 20ms Bandwidth: 2Mbps Loss: 0.2 Delay: 20ms

  15. Deployment MetaModel

  16. Deployment Model Example UAV1 SendImage UDP ControlStation RecvCommand TCP RecvImage UDP SendCommand UAV2 SendImage TCP RecvCommand

  17. Network Interaction MetaModel

  18. RecvCommandFromNetwork • NodeName: TBD (UAV1) • ProcName: RecvCommand • Timestamp: TBD • PeerNodeName: TBD (ControlStation) • PeerProcPort: TBD • Parameter: Command (String) • SendImageToNetwork • NodeName: TBD (UAV1) • ProcName: SendImage • Timestamp: TBD • Parameter: ImageURL (String): • RecvImageFromNetwork • NodeName: TBD (ControlStation) • ProcName: RecvImage • Timestamp: TBD • PeerNodeName: TBD (UAV 1) • PeerProcPort:TBD • Parameter: PacketDelay(double) • SendCommandToNetwork • NodeName: TBD (ControalStation) • ProcName: SendCommand • Timestamp:TBD • Parameter: Command (String)

  19. Model Interpreter Modeling Environment Run-Time Environment C2WT Simulation Environment RTI Federates Involving network communication Network Interaction Model EmuGateway Federate Simulink Federate Tap Server … Tap Client Tap Client Tap Client Deployment Model Host Assignment … • Network File System Network Application Code Topology Model TCL script Configuration/Control Environment Deterlab Emulation Environment

  20. Emulation Host for ControlStation Emulation Host for UAV1 HostMap HostMap TCP RecvCommand SendCommand UDP SendImage RecvImage Time converter • Tap Client Tap Client Time converter Task buffer Task buffer Emulation Env Interaction Delivery Protocol Simulation Env EmuGateway federate UAV federate • ControlStation • federate HostMap NodeName: HostIP Tap Server LocalTask buffer Interaction Handler RTI

  21. Our Experiment Setup Simulated Applications • UAV Sim* • Simulink • Physics Simulation • Delta3D Network Object Network Object Deterlab

  22. Finally, a short demo

  23. Acknowledgement • NSF TRUST • NSF SDCI • C2WT team at Vanderbilt • Gabor Karsai, Janos Sztipanovits, Himanshu Neema • Collaborators from AFRL • Timothy Busch

  24. Thank youQuestions?

More Related