Some of the material in is restricted to members of the community. By logging in, you may be able to gain additional access to certain collections or items. If you have questions about access or logging in, please use the form on the Contact Page.
With the advancement information and communication technologies, networked computing devices have been adopted to address real-world challenges due to their efficiency and programmability while maintaining scalability, sustainability, and resilience. As a result, computing and communication technologies have been integrated into critical infrastructures and other physical processes. Cyber physical systems (CPS) integrate computation and physical processes of critical infrastructure systems. Historically, these systems mostly relied on proprietary technologies and were built as stand-alone systems in physically secure locations. However, the situation has changed considerably in recent years. Commodity hardware, software, and standardized communication technologies are used in CPS to enhance their connectivity, provide better accessibility to costumers and maintenance personnel, and improve overall efficiency and robustness of their operations. Unfortunately, increased connectivity, efficiency, and openness have also signiﬁcantly increased vulnerabilities of CPS to cyber attacks. These vulnerabilities could allow attackers to alter the systems' behavior and cause irreversible physical damage, or even worse cyber-induced disasters. However, existing security measures cannot be eﬀectively applied to CPS directly because they are mostly for cyber only systems. Thus, new approaches to preventing cyber physical system disasters are essential. We recognize very diﬀerent characteristics of cyber and physical components in CPS, where cyber components are ﬂexible with large attack surfaces while physical components are inﬂexible and relatively simple with very small attack surfaces. This research focuses on the components where cyber and physical components interact. Securing cyber-physical interfaces will complete a layer-based defense strategy in the "Defense in Depth Framework". In this research we propose Trusted Security Modules (TSM) as a systematic solution to provide a guarantee to prevent cyber-induced physical damage even when operating systems and controllers are compromised. TSMs will be placed at the interface between cyber and physical components by adapting the existing integrity enforcing mechanisms such as Trusted Platform Module (static integrity), Control-Flow Integrity (dynamic integrity) to enhance its own security and integrity. Through this dissertation we introduce the general design and number of ways to implement the TSM. We also show the behaviors of TSM with a working prototype and simulation.
A Dissertation submitted to the Department of Computer Science in partial fulfillment of the requirements for the degree of Doctor of Philosophy.
Includes bibliographical references.
Xiuwen Liu, Professor Directing Dissertation; Daekwan Kim, University Representative; Michael Burmester, Committee Member; Zhenhai Duan, Committee Member.
Florida State University
Use and Reproduction
This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s). The copyright in theses and dissertations completed at Florida State University is held by the students who author them.