The CPSSEC project is taking a layered approach to these challenges as illustrated in the CPS Security Pyramid. At the pyramid’s base, DHS is working with other agencies such as the National Science Foundation (NSF) to address fundamental and crosscutting challenges. No single agency can tackle these areas alone. Further, these areas share crosscutting issues of cybersecurity, economics, interoperability, privacy, safety and reliability and social aspects. The Cyber Physical Systems Vision Statement from the Networking Information Technology Research and Development (NITRD) Program identifies nine areas of critical importance to government: agriculture, building controls, defense, energy, emergency response, health care, manufacturing and industry, society and transportation. The CPS and IoT space is vast and covers many distinct sectors. Security issues must be analyzed, understood and addressed in the early stages of design and deployment. Addressing security issues by bolting solutions onto widely deployed systems is not viable. Cybersecurity only becomes more challenging if billions of devices with security vulnerabilities are added. If security is overlooked, we run the risk of unintentional faults or malicious attacks changing how cars brake, how medical devices adapt and how buildings and the smart grid respond to events. In fact, it is anticipated billions of new IoT devices will be connected to the internet. Modern cars can automatically brake to avoid a collision, medical devices can monitor conditions in real-time and adapt to changes, and buildings and the energy grid are being enhanced with a number of new smart services. To understand the scope of the challenge, consider the recent advances in the cars we drive, the medical devices we depend on, the systems that operate our buildings, the power grid and a vast number of new IoT devices. Many devices now being deployed have lifespans measured in decades, so current design choices will impact the next several decades in the transportation, health care, building controls, emergency response, energy and other sectors. Designs are evolving rapidly and standards are only now emerging. Industry is driven by functional requirements and fast-moving markets. These systems are being designed and deployed now, however, security often is left for later. This is a critical time in the design and deployment of CPS and IoT. Advances in networking, computing, sensing and control systems have enabled a broad range of new devices. Proactive and coordinated efforts are needed to strengthen security and reliance for CPS and IoT. At the same time, CPS and IoT also increase cybersecurity risks and attack surfaces. The consequences of unintentional faults or malicious attacks could have severe impact on human lives and the environment. Whether referencing the forward-collision prevention capability of a car, a medical device’s ability to adapt to circumstances in real-time or the latest IoT innovation, these systems are a source of competitive advantage in today’s innovation economy and provide vast opportunities for DHS and Homeland Security Enterprise missions. The closely related area of IoT continues to emerge and expand as costs drop and the confluence of sensors, platforms and networks increases. Each includes smart networked systems with embedded sensors, processors and actuators that sense and interact with the physical world and support real-time, guaranteed performance in safety-critical applications. Automobiles, medical devices, building controls and the smart grid are examples of CPS. CPS and IoT play an increasingly important role in critical infrastructure, government and everyday life. The Cyber Physical Systems Security (CPSSEC) project addresses security concerns for cyber physical systems (CPS) and internet of things (IoT) devices.
0 Comments
Leave a Reply. |