A

SEMINAR REPORT
ON

CYBER PHYSICAL SYSTEM

Submitted in partial fulfillment of the requirements for the award of degree of

BACHELOR OF TECHNOLOGY
in
EE/EI/MT

Submitted by:
Sakshi
(1913512)

Supervised by:
Mr. Gaurav Kumawat

SCHOOL OF AUTOMATION
BANASTHALI VIDYAPITH RAJASTHAN

i
 September 2020

BANASTHALI VIDYAPITH RAJASTHAN

SCHOOL OF AUTOMATION

CERTIFICATE

I hereby submit the seminar entitled CYBER PHYSICAL SYSTEM in the School of
Automation of the Banasthali Vidyapith, under the supervision of Mr. Gaurav Kumawat,
School of Automation, Banasthali Vidyapith, Rajasthan, India.

Sakshi
(1913512)

The seminar report is hereby approved for submission.

Name of Mentor
(Mentor)

Date:

ii
 ABSTRACT

CYBER PHYSICAL SYSTEM refers to the interacting with the physical entities with
the cyber space. It is a new kind of digital technology that increases its attention across
academia, government, and industry sectors and covers a wide range of applications like
agriculture, energy, medical, transportation, etc.

There are some security and privacy issues also. Connectivity increases the attack points,
weaknesses in off-the shelf protocols and software and possibility of malicious agent
security issues can affect the physical world.

There are also some privacy issues like information sharing can lead to disclosure of
individual confidential data. For example google maps we share our location so our
location and travel schedules can be revealed and smart meter data can reveal daily
schedules of customers.

There is a need to develop and exploit this technology in service region and
manufacturing sectors in agriculture, water energy, traffic management, health
environment and infrastructure.in combating kind we need to develop an inter ministerial
national mission in the Cyber-Physical System to secure our future by creation of basic
R&D infrastructure manpower and skill.

iii
 ACNOWLEDGEMENTS
First of all, I am indebted to the God Almighty for giving me an opportunity to excel in
my effort to complete this seminar on time.

I am extremely grateful to Ms. Shailly Sharma, Head of department, school of

automation, for providing all the required sources for the successful completion of my
seminar.

My heart felt gratitude to my seminar guide Mr. Gaurav Kumawat, assistant professor,
for his valuable suggestions and guidance in the preparation of the seminar report.

I express my thanks to all the staff members and friends for all the help and coordination
extended in bringing out this seminar successfully in time.

I will be failing in duty, if I do not acknowledge with grateful thanks to the authors of the
references and other literatures referred to in this seminar.

Last but not the least, I am very much thankful to my parents ho guided me in every step
which I took.

Thanking you
Sakshi

iv
 CONTENTS
Pg. No.
CERTIFICATE ii
ABSTRACT iii
ACKNOWLEDGEMENTS iv
CONTENTS v
LIST OF FIGURES vii
LIST OF SYMBOLS viii
LIST OF TABLES ix

Chapter 1 INTRODUCTION 1
1.1 Background 1
1.2 Motivation 2
1.3 Work 3
1.4 Organisation of the Report 4

Chapter 2 PROBLEM FORMULATION 6

2.1 Introduction 6
2.2 Challenges and opportunities for cyber physical systems
2.2.1 non-zero automotive traffic facilities, minimal injuries and significantly
6
reduced traffic congestion and delays
2.2.2 sustainable and blackout free electricity generation and distribution 7
2.2.3 clean and energy aware buildings and cities 7
2.2.4 smart, reliable and flexible medical and healthcare system 7
2.2.5 other challenges 8
2.3 Security and privacy concern 9
2.4 Attacks against CPS 10
2.5 Preventing attacks 12
2.5.1 securing legacy system 12
2.5.2 retrofitting security in legacy communication 13
2.5.3 lightweight security 13
2.5.4 high assurance system 13
2.5.5 preventing transduction attack 13
2.6 Detecting attack 14
2.6.1 network specification 14
2.6.2 active detection 14
2.6.3 physics-based attack detection 14

v
 2.7 Mitigation attack 14
2.7.1 conservative control 15
2.7.2 security indices 15
2.7.3 resilient estimation 15
2.7.4 inertial resets 15
2.7.5 constraining actuation 16
2.7.6 virtual sensors 16
2.7.7 game theory 16
2.7.8 safe controls 16
2.8 Summary 17

CHAPTER 3 CONCLUSIONS AND FUTURE SCOPE 18

REFERENCES

vi
 LIST OF FIGURES

Fig. No. Figure Description Pg. No.

Fig. 1.1 Cyber physical system 1
Fig. 2.1 Number of hungry people in the world (2010) 8
Fig. 2.2 General architecture of CPS 10
Fig. 2.3 Attack points in CPS 11
Fig.3.1 National Mission on Interdisciplinary Cyber-Physical Systems 21

vii
LIST OF SYMBOLS
The symbols used in the text have been defined at appropriate places, however for easy
reference. The list of principle symbols is given below.

Symbols Explanation

x(k+1) System’s state

Bu(k) Control input
Bac uac(k) Cyber attack
w(k) Gaussian noise
y(k) Measurement
Baouao(k) Cyber attack
v(k) Gaussian noise

viii
 LIST OF TABLES

Table No. Table Description Pg. No.

Table 1.1 Architecture for the Implementation of a Cyber-physical System 5

ix
 CHAPTER 1

INTRODUCTION

1.1 BACKGROUND

The term “cyber physical systems” emerged around 2006, when it was coined by
Helen Gill at National Science Foundation in the United State.
A cyber physical system (CPS) is a computer system in which a mechanism is
controlled or monitored by computer-based algorithms. In cyber physical systems,
physical and software components are deeply intertwined, able to operate on
different spatial and temporal scales, exhibit multiple and distinct behavioral
modalities, and interact with each other in ways that change with context.

Cyber-computation, communication and control that are discrete, logical and

switched.
Physical-natural and human made systems that are governed by the laws of physics
and operating in continuous time.

Fig. 1.1 cyber physical system

Examples- A real world example is distributed robot garden at MIT in which a team
of robots tend a garden of tomato plants. This system combines distributed sensing
1
 (each plant is equipped with a sensor node monitoring its status), navigation,
manipulation and wireless networking.
It is used in electric grids to perform advanced control, especially in the smart grid
context to enhance the integration of distribution renewable generation. Special
remedial action scheme is needed to limit the current flows in the grid when wind
farm generation is too high. Distributed CPS are the key solution for this type of
tissues.

Another example is MIT’s ongoing CarTel project where a fleet of taxis work by
collecting real-time traffic information in Boston areas. Together with historical data,
this information is then used for calculating fastest routes for a given time of the day.
A focus on the control system aspects of CPS that pervade critical infrastructure can
be found in the efforts of the Idaho Laboratory and collaborators researching resilient
control systems. This effort takes a holistic approach to next generation of design,
and consider the resilience aspects that are not well quantified, such as cyber
security, human interaction and complex interdependencies.

Evolution of CPS
There are two types of computing system
 Desktops, servers, PC’s and notebooks
 Embedded
The next frontier
 Mainframe computing (60’s-70’s)
 Desktop computing and internet (80’s-90’s)
 Embedded computing (21st century)

Importance
The US National science foundation (NSF) has identified cyber-physical systems as
a key area of research.

1.2 MOTIVATION

Currently available networked embedded systems, Internet-of-Things systems and

networks of wearable devices generally rely on sophisticated sensors to gather data from
an environment, communicate to exchange information and build services/applications on
the top of acquired sensor data. However, the acquired data are not rarely inaccurate due
to calibration problems, inefficiencies in the compensation mechanisms, presence of soft
and hard faults or changes in the environment in which the devices/embedded systems
are operating. These inaccuracies in the acquired data streams might heavily affect the
application/service leading to a (possibly relevant)
degradation of the performance and Quality-of-Service. Moreover, recent cyberattacks
and privacy leaks affecting IoT and distributed systems underscore the importance of
designing security and privacy policies for CPSs.

To address these critical issues, in recent years, research has focused on Intelligent
Cyber-Physical Systems (ICPSs) that are cyber-physical systems endowed with

2
intelligent abilities. The main characteristic of such a new generation of distributed
embedded systems is the ability to
interact with the environment and adapt to new working conditions through distributed
intelligent mechanisms operating at the unit (single device), cluster (groups of devices)
and network level (the network of devices). Such ICPSs rely on machine learning and
computational intelligent solutions to analyse and interpret the data acquired from the
environment and activate proper reaction/control mechanisms to guarantee the QoS of the
application. In addition, such ICPSs must consider privacy and security intelligent
mechanisms to support privacy-preserving learning (so as to avoid privacy leaks) and
intelligent cyber-security (machine learning based approaches to the security protection
and observation of ICPSs attacks).

For the aforementioned reasons, the TF on “Intelligent Cyber-Physical Systems”

perfectly it’s the scope of the SWTC by studying CI techniques meant to operate in
distributed (embedded) devices characterized by constraints on memory, computation,
energy and communication bandwidth and are designed to deal with uncertainties related
to the interaction (gathering data/actions) with a real environment through
sensors/actuators. The TF is meant to operate
vertically on the main four aspects of the SMTC (i.e., Smart Objects and Interactions,
Smart Systems and Services, Smart Environments and Applications, Smart Things related
to Personalization and Social Aspects) by studying the use of intelligent mechanisms on
all levels of a CPS (from the object-layer through the system-layer up to the application
layer).

1.3 WORK

CPSs make applications more faster, highly efficient, autonomous and precise,
consequently there is an extraordinary significance for the future of CPS applications.
Smart grids are a new paradigm for energy supply and are typical CPSs, which employ
computing, communication and control technologies to deliver secure, efficient, effective
and reliable energy supply and improve operation efficiency for generators and
distributors. Smart grids regard the power network infrastructure as physical systems,
sensing, transmitting, processing, fusion and control as cyber systems, and seamlessly
integrate the cyber systems with the physical systems. They exhibit typical characteristics
of CPSs, such as self-adaption, self-organization and self-learning. Smart grids also
require six key functionalities, namely, high dependability, high reliability, high
predictability, high sustainability, high security and high interoperability.

Medical devices have become distributed systems that simultaneously monitor and
control multiple aspects of the patient’s physiology. Modern medical device systems
integrate embedded software, physical devices and networks. They can be regarded as
typical cyber-physical systems, which are called medical cyber-physical systems
(MCPSs). MCPSs have been applied in hospitals to provide high-quality continuous care
for patients. CPSs can also be employed to model implantable cardiac medical devices.
CPS applications in both automobile sectors and aviation are discussed in the high-
confidence transportation CPS workshop.

3
In recent years, German government has proposed the term Industry 4.0 that can be
regarded as the 4th industrial revolution. Industry 4.0 is driven by CPSs and Internet of
things. CPSs can bridge the gaps among isolated devices and have promising potential
applications in manufacturing. Through CPSs, we can monitor manufacturing systems
in real time and acquire the real-time data from the physical world. We transmit the data
to the cyber world to save, process and make decisions. CPSs improve the flexibility of
manufacturing systems to meet new market demands.

The advanced manufacturing paradigms originated from data analytics consist of

sustainable manufacturing, smart manufacturing, social manufacturing, nano-
manufacturing, semiconductor manufacturing, additive manufacturing and cloud
manufacturing. Manufacturing based on CPSs is one of the new manufacturing
paradigms, which can employ prediction tools to process data and make real-time
decisions. Data security is very important for manufacturing based on CPSs and requires
further research.

The cyber-physical interfaces are important for cyber security in cyber manufacturing,
and a fundamental framework for cyber manufacturing systems is proposed. CPSs
provide supporting methods and tools to cost-efficiently design and develop the future
manufacturing systems. Some examples of CPSs in manufacturing are illustrated.
Song and others propose a service-oriented manufacturing cyber-physical system that
aims to provide high-quality products for customers. Babiceanua and Seker propose
manufacturing cyber-physical systems (M-CPS) that process operations in the physical
world and monitor them in the cyber world, and review the use of big data analytics
for planning and control operations in M-CPS. As M-CPS operations are close to the
cloud manufacturing paradigm, cyber-attacks may occur. The cyber-physical devices in
M-CPS are potential access points for intruders perpetuating to the entire systems. Cyber
threats may attack on sensors, actuators, communication networks, maintenance
mechanisms and physical equipment. To make M-CPS become a reality in real world
manufacturing systems, the modelling guidelines for developing M-CPS are presented.
Liu and Jiang present a CPS architecture for the shop floor to make manufacturing
systems more intelligent. The proposed architecture guides developers to construct a
CPMS from physical parts and cyber parts. A small-scale flexible automated production
line is studied based on the proposed CPS architecture. Putnik and others study the design
and operation scalability in manufacturing systems. CPSs are introduced to improve the
scalability to meet challenges of manufacturing systems. Jiang and others introduce CPSs
and social media into manufacturing industry, and present a new social manufacturing
paradigm.

CPMSs integrate cyber and physical components to promote the interactions among
different entities. To make CPMSs produce desired products, cyber security is a critical
aspect of CPMSs. Consequently, it is important to develop trustworthy CPMSs to address
cyber-attacks.

1.4 ORGANISATION OF REPORT

4
Cyber-Physical Systems (CPS) are systems of collaborating computational entities which
are in intensive connection with the surrounding physical world and its on-going
processes, providing and using, at the same time, data-accessing and data-processing
services available on the internet. It is a new kind of digital technology that increases its
attention across academia, government, and industry sectors and covers a wide range of
applications like agriculture, energy, medical, transportation, etc. The traditional power
systems with physical equipment as a core element are more integrated with information
and communication technology, which evolves into the Cyber-Physical Power System
(CPPS).

Cyber-physical systems (CPSs) are where greening of computing and

greening by computing meet. In these systems, computing is utilized to fortify and
increase the efficiency of traditionally physical systems—smart grids for power
generation and distribution are commonly cited examples. CPSs, especially when used in
critical infrastructure systems, require three fundamental attributes: safety, security,
and sustainability—collectively denoted as S3. The three are conflicting design
objectives; e.g., reducing the environmental footprint of a CPS may make it less safe.
CPSs are significantly less deterministic than even cloud computing, as a CPS by
definition is closely coupled to its physical environment. The unpredictability of this
physical environment creates challenges such as intermittent power supply and unknown
load characteristics. Cyber-Physical System has become the key infrastructure supporting
the development of smart manufacturing.

Table 1.1 Architecture for the Implementation of a Cyber-physical System

Levels Description
Smart Connection Acquiring accurate and reliable data from machines and their
components is the first step
Data-to-information Meaningful information has to be inferred from data.
Conversion
Cyber This level acts as a central information hub in this architecture.
Having massive information gathered, specific analytics have to
be conducted to extract additional information for providing
better insight.
Cognition Implementing CPS upon this level generates a thorough
knowledge of the monitored system. A proper presentation of
the acquired knowledge to expert users supports a correct
decision
Configuration This level is the feedback from the cyber space to the physical
space and acts as a supervisory control to make machines self-
configure and self-adaptive. This stage acts as a resilience
control system (RCS) to apply corrective and preventive
decisions.

5
 CHAPTER 2

PROBLEM FORMULATION

2.1 INTRODUCTION

Despite their numerous advantages, CPS systems are prone to various cyber and/or
physical security threats, attacks and challenges. This is due to their heterogeneous
nature, their reliance on private and sensitive data, and their large-scale deployment. As
such, intentional or accidental exposures of these systems can result into catastrophic
effects, which makes it critical to put in place robust security measures. However, this
could lead to unacceptable network overhead, especially in terms of latency. Also, zero-
day vulnerabilities should be minimized with constant software, applications and
operating system updates.

Cyber-physical systems (CPS) are heterogeneous, because they tightly couple

computation, communication, and control along with physical dynamics, which are
traditionally considered separately

System dynamics: stochastic linear time invariant model

x(k+1) = Ax(k)+Bu(k)+Bac uac(k)+w(k)
y(k) = Cx(k)+Baouao(k)+v(k)

2.2 CHALLENGES AND OPPORTUNITIES FOR CYBER-

PHYSICAL SYSTEMS

Among the many challenging issues related to society, economy, and environment, CPS
research is particularly relevant vis-a-vis safety, stability, performance, reliability,
robustness, and efficiency, in areas such as transportation, energy, medical and
healthcare, defense, manufacturing, and agriculture

2.2.1 Near-zero automotive traffic fatalities, minimal injuries, and

significantly reduced traffic congestion and delays

From the statistics of the National Highway Traffic Safety Administration, there are more
than 5 million car accidents annually in the United States and more than 2 million injuries
or fatalities. The total number of vehicles including passenger cars, trucks, buses, and
motorcycles has been continuously increasing for the past several decades, with growth
accelerating in China and India. The latter two numbers are expected to increase
dramatically for the next several decades or so. In several aspects, today’s transportation
infrastructure has reached its capacity limit causing congestion and delays on roads. At
the same time, it is not viable or sustainable to construct transportation infrastructure to
keep pace with the increasing number of vehicles. Instead, there is motivation to make
the overall transportation system smarter for better safety, energy efficiency, and

6
throughput. Toward this direction, research on CPS such as autonomous vehicles,
intelligent intersection systems, wireless communication systems for vehicle-to-vehicle
(V2V) and vehicle-to-infrastructure (V2I), etc., can play an important role in meeting the
continuing challenges in transportation systems.

2.2.2 Sustainable and blackout-free electricity generation and

distribution

In the United States, approximately 70% of electricity is generated from fossil fuels such
as coal and natural gas, and half of these power plants are more than 40 years old. This
high dependency on fossil fuels for electricity generation contributes to more than 40% of
greenhouse gas emission globally and it is further expected that electricity demand will
grow by more than 75% by 2030. Moreover, these aging power plants and electricity
distribution infrastructure make the overall power grid less reliable. It is an important
issue for many Electricity generation by source in the United States (2012). nations to
transform today’s power grid systems into smart grid systems for better reliability,
efficiency, and eco-friendliness. CPS research in areas such as distributed sensing,
monitoring, and control of power generation and consumption, electricity demand
prediction and generation/distribution optimization, failure detection and recovery, etc., is
critical for the next generation power grid systems.

2.2.3 Clean and energy-aware buildings and cities

Today, most cars run on gasoline, and most electricity is generated from fossil fuels.
Such high dependency on these energy sources causes serious environmental issues and
makes society and economy less sustainable. Thus, it is important to find solutions to
reduce fossil fuel consumptions while satisfying overall energy demands of various
energy consuming sectors such as transportation, industry, buildings, residences, and
others. Automobile manufacturers are investing in research to build electric vehicles that
can be competitive with existing gasoline vehicles in terms of price, efficiency, and
performance. There are many university, industry, and government efforts to utilize
alternative energy sources such as wind, solar, and geothermal for electricity generation.
Along with these efforts, further research is necessary for improving overall efficiency in
energy consumption. As an example, peak electricity consumption can be reduced
significantly through technologies such as demand response, smart meters and
communication systems for real-time price and usage information exchange between
electricity suppliers and consumers. CPS research is an important component of such
innovations.

2.2.4 Smart, reliable, and flexible medical and healthcare systems

7
 TOTAL=925 MILLION

2%
6%4%

26%
62%

1st Qtr 2nd Qtr 3rd Qtr 4th Qtr 5TH Qtr
Fig.2.1 Number of hungry people in the world (2010)

According to the U.S. Department of Health and Human Services, a significant fraction
of the population over 65 years old is living alone (19% men and 36% women), and more
than 35% of the elderly population have some type of disability such as difficulty in
hearing, vision, cognition, ambulation, self-care, or independent living. Moreover, it is
expected number of persons 65+ (numbers in millions) that the elderly population in the
United States will continue to grow, eventually leading to great increases in the costs of
taking care of the increasing elderly population. One major challenge is to find ways to
provide cost-efficient and effective medical and health care services to the elderly at their
homes. Some representative examples of CPS research are smart sensor systems for real-
time patient health condition monitoring and warning, telemedicine systems which enable
remote healthcare service provision, semiautonomous tele-operated home service robots
that can assist with patient physical activities, etc. Each year, approximately 98,000
fatalities result from medical errors in the United States alone, resulting in patient
disability, decreased public confidence in the health care system, and increased health
care costs. Some common types of medical errors are surgical errors, diagnostic errors,
medication errors, and patient handoff errors. A major portion of these errors can be
reduced through CPS technologies. It is reported that the computerized physician order
entry (CPOE) systems with automated clinical decision support systems (CDSS)
contribute to 70% reduction in adverse drug events (ADE) in primary care. Also,
computerized decision support systems can assist clinicians to make proper diagnostic
decisions based on information such as patient past medical history, diagnostic test
results, etc. Information technology can also improve patient handoffs since it can
mitigate errors caused by disorganized communication between caregivers. Further
advances in embedded systems, real-time wireless networks, design and development
techniques for safety-critical complex medical systems, safety verification and validation,
etc., can accelerate the ongoing evolution of medical and healthcare systems toward
safer, smarter, and more interconnected systems.

2.2.5 Other challenges

8
CPS technologies can potentially be useful in mitigating societal and economical
damages caused by disaster events. Technologies for rapid evacuation management
systems, largescale distributed environmental and geographical monitoring, fast and
reliable event prediction, estimation of damage propagation, integrated and coordinated
traffic control capabilities, etc., can be important in mitigating the overall negative
impacts of disasters. It is also expected that CPS research can play an important role in
tackling the increasing food demand-supply gap by increasing food consumption
efficiency and overall food production capability through technologies such as precision
agriculture, intelligent water management, and more efficient food distribution.

2.3 SECURITY AND PRIVACY CONCERN

Several CPS can be labelled safety-critical, i.e., their failure can cause irreparable harm to
the physical system being controlled and to the people who depend on it. SCADA
systems, in particular, perform vital functions in national critical infrastructures, such as
electric power distribution, oil and natural gas distribution, water and waste-water
treatment, and intelligent transportation systems. They are also at the core of health-care
devices, weapons systems, and transportation management. Disruption to these CPS
could have a significant impact on public health and safety, and could lead to large
economic losses.

For example, attacks on a power grid could cause blackouts, leading to interdependent
cascading effects in other vital critical infrastructures such as computer networks,
medical systems or water systems perhaps having a catastrophic effect on the economy
and public safety in our society. Attacks on ground vehicles could cause road traffic
accidents, attacks on GPS systems could mislead navigation systems and make drivers
reach destinations desired by the attackers, and attacks on consumer drones could let
attackers steal, cause accidents or surreptitiously turn on cameras and microphones to
monitor their victims.

CPS have a variety of sensors that can collect more information about the world around
them than previously possible. This ability of CPS devices to passively sense surrounding
activity makes the privacy issues they raise distinct from the privacy issues raised by
traditional computing systems as they collect physical data about diverse human activities
such as electricity consumption, location information, driving habits, and biosensor data
at unprecedented levels of granularity. In addition, their passive manner of collection
leaves people generally unaware of how much information about them is being gathered.
People are also mostly unaware that this collection exposes them to possible surveillance
or criminal targeting, as the data collected by corporations can be obtained by other
actors through a variety of legal or illegal means. For example, automobile manufacturers
remotely collect a wide variety of driving history data from cars in an effort to increase
the reliability of their products. Data known to be collected by some manufacturers
include speed, odometer information, cabin temperature, outside temperature, battery
status, and range. This paints a very detailed picture of driving habits that can be
exploited by manufacturers, retailers, advertisers, auto insurers, law enforcement, and
stalkers, to name just a few.

9
To tackle these problems, we need a multidisciplinary perspective on the security and
privacy implications of CPS that bridges the understanding of their social, economic,
cultural, and regulatory context with an understanding of their technical workings. Such a
multidisciplinary perspective will allow us to identify the new challenges and possible
new methods of addressing these problems.

Supervision/
configuration

Controller

Physical
Actuators Sensors
process

Fig 2.2 general architecture of a CPS

2.4 ATTACKS AGAINST CPS

In general, a CPS has a physical process under its control, a set of sensors that report the
state of the process to a controller, which in turn sends control signals to actuators (e.g., a
valve) to maintain the system in a desired state. The controller often communicates with a
supervisory and/or configuration device (e.g., a SCADA system in the power grid, or a
medical device programmer) which can monitor the system or change the settings of the
controller.

Attacks on CPS can happen at any point in the general architecture, as illustrated in
Figure 2.3:
(1) an attacker can inject false data into the system by faking sensor data (e.g., if the
sensor data is unauthenticated or if the attacker has the key material for the sensors) and
cause the control logic of the system to act on malicious data.

10
(2) The attacker can delay or even completely block the information from the sensors to
the controller, so the controller loses observability of the system thus causing it to operate
with stale data.
(3) The attacker may be able to compromise the controller and send incorrect control
signals to the actuators.
(4) The attacker can delay or block any control command, thus causing a denial of control
to the system.
(5) The attacker can compromise the actuators and execute a control action that is
different to what the controller intended.
(6) The attacker may be able to physically attack the system (e.g., physically destroying
part of the infrastructure and combining this with a cyberattack).
(7) The attacker can delay or block communications to the supervisory or configuration
devices
(8) the attacker can compromise or impersonate the supervisor or configuration devices,
and send malicious control or configuration changes to the controller.

8
Supervision/
Configuration

3
Controller

2
4

5 6 1
Physical
Actuators Sensors
process

Fig.2.3 Attack points in CPS

Launching successful attacks on CPS depends on the Attacker Model. Attackers may
differ in their experience, knowledge of the system they are attacking, their motivation
and their resources. For example, cybercriminals who are only interested in monetary
profits from spam, mining of cryptocurrencies, stealing personal information etc. might
launch non-targeted attacks on CPS: e.g., they may compromise a server to run a botnet
server, but their goal is not to disrupt the physical system. On the other hand, attackers
specifically targeting the disruption of the operation of a CPS can vary from basic

11
attackers with a curiosity for CPS systems (like an attacker who changes the chemical
dosing parameters of a water system), to disgruntled employees with detailed knowledge
of the system they are attacking. Groups of attackers can launch more sophisticated
attacks, like hacktivists attempting to cause damage for political purposes, to attackers
backed by nation-states.

A unique property of CPS is that the integrity of these systems can be compromised even
without a computer-based exploit. By targeting the way sensors capture real-world data,
an attacker can inject a false sensor reading by manipulating the physical environment
around the sensor. These attacks are known as transduction attacks. For example,
attackers can use speakers to affect the gyroscope of a drone and other sound waves can
affect accelerometers in wearable devices to make them report incorrect movement
values. Attackers can also inject inaudible voice commands to digital assistants, lasers
can affect the stability of drones using cameras for hovering stability and other radio
waves can trick pacemakers into disabling pacing shocks. Classical security mechanisms
such as software security, memory protection, authentication or cryptography are not
enough to protect CPS, as transduction attacks represent a new class of attacks that are
not being effectively handled by classical software security. A related attack to
transduction attacks are physical-layer attacks on wireless systems like selective wireless
jamming and GPS spoofing. Having described some of the academic research into attacks
against control systems, we now summarise some high-profile real-world attacks on CPS
by malicious parties in order to motivate the growing importance of this problem, as well
as the next sections on security protections.

2.5 PREVENTING ATTACK

There are, however, multiple challenges in CPS for implementing these security best
practices, including the fact that several CPS are composed of legacy systems that need to
operate 24/7. They are operated by embedded devices with limited resources, and face
new vulnerabilities such as transduction attacks.

2.5.1 SECURING LEGACY SYSTEM

The lifecycle of CPS devices is an order of magnitude larger than regular computing
servers, desktops, or mobile systems. Consumers expect their cars to last longer than their
laptops, hospitals expect medical equipment to last over a decade, and industrial asset
owners expect their control systems to last for at least 25 years, therefore, most CPS
devices will not be replaced until they are fully depreciated. Some of these devices were
designed and deployed assuming a trusted environment that no longer exists. In addition,
even if these devices were deployed with security mechanisms at the time, new
vulnerabilities will eventually emerge, and if the devices are no longer supported by the
manufacturer, then they will not be patched.
As a result, to prevent attacks on CPS, we have to deal with (1) designing systems where
security can be continuously updated and (2) retrofitting security solutions for existing
legacy systems. Updating the security of devices is challenging in several CPS use-cases

12
as devices tend to be certified and any changes in software or operational practices must
be followed by an extensive safety revision or re-certification.

2.5.2 RETROFITTING SECURITY IN LEGACY COMMUNICATION

There are attempts to extend legacy protocols while keeping legacy compatible. In these
cases, cryptographic signatures are introduced as separate (legacy compliant) sensor
streams or tags/addresses. This approach allows supporting devices to obtain and verify
signatures, while legacy devices will just ignore the signatures. It also avoids issues with
restricted message lengths (e.g., in the case of CAN), which would otherwise force
short/insecure signature lengths.

2.5.3 LIGHTWEIGHT SECURITY

While several embedded devices support classical cryptography, for some devices the
performance of cryptographic algorithms in terms of energy consumption, or latency,
may not be acceptable. For symmetric crypto, NIST has plans for standardising a
portfolio of lightweight cryptographic algorithms and the current CAESAR competition
for an authenticated-encryption standard is evaluating the performance of their
submissions in resource-constrained devices. For public-key algorithms, Elliptic Curve
Cryptography generally offers the best balance of performance and security guarantees,
but other lightweight public-key algorithms might be more appropriate depending on the
requirements of the system.

2.5.4 HIGH ASSURANCE SYSTEM

The design of secure operating systems with formal proofs of security dates back to the
Orange Book. Because the increasing complexity of the code in monolithic kernels
makes it hard to prove operating systems are free of vulnerabilities, microkernel
architectures that provide a minimal core of the functionality of an operating system have
been on the rise again. One example of such a system is the seL4 microkernel, which is
notable because of several security properties which have been machine-checked with
formal proofs of security. DARPA’s HACMS program used this microkernel to build a
quadcopter with strong safety and security guarantees. While seL4 is open-source, private
industries are also building microkernel-based operating systems for embedded
platforms, for example, the security firm Kaspersky recently announced a secure micro-
kernel operating system (Kaspersky OS) targeting IoT devices, industrial systems, and
cars, but because the OS is not open source, the security claims have not been
independently verified.

2.5.5 PREVENTING TRANSDUCTION ATTACK

Some of the solutions for preventing transduction attacks include drilling holes
differently in a circuit board to shift the resonant frequency out of the range of the sensor,
adding physical trenches around boards containing speakers to reduce mechanical

13
coupling, using microfiber cloths for acoustic isolation, implementing low-pass filters
that cut-off coupled signals and securing amplifiers that prevent signal clipping.

2.6 DETECTING ATTACK

Detecting attacks can be done by observing the internal state of a CPS device, or by
monitoring the information exchanged between devices to spot anomalous activities.

2.6.1 NETWORK SPECIFICATION

If the CPS designer can give a specification of the intended behaviour of the network,
then any non-specified traffic can be flagged as an anomaly. If there is no specification of
the network behaviour, this behaviour can be learned. Because most of the
communications in CPS networks are between machines (with infrequent human
intervention), they happen automatically and periodically, and given their regularity,
these communication patterns can be captured by finite state models such as
Deterministic Finite Automata [88, 89] or via Discrete-Time Markov Chains.

2.6.2 ACTIVE DETECTION

In addition to passively monitoring a network, an intrusion detection system can actively

query devices to detect anomalies in how devices respond to these requests. Active
detection for physics-based attack detection systems (also known as physical attestation)
uses a control signal to alter the physical world and, in response, it expects to see the
changes in the physical world reflected in the sensor values. For example, we can send
signals to change the network topology of the power grid to see if the sensors report this
expected change, vary the physical plant and actuator gains of industrial systems to detect
zero-dynamics attacks, use a change in a camera’s field of vision to detect hacked
surveillance cameras, or use a watermarking signal in a control algorithm.

2.6.3 PHYSICS-BASED ATTACK DETECTION

A major distinction of control systems with respect to other IT systems is the interaction
of the control system with the physical world. In contrast to work in CPS intrusion
detection that focuses on monitoring the network patterns of a specific network protocol,
another line of work studies how monitoring sensor and control values can be used to
detect attacks; this approach is usually called physics-based attack detection. When
fingerprinting the physical behaviour of a CPS, sometimes the physics of the process are
not enough, and we need to take into consideration the device’s physics as well.

2.7 MITIGATION ATTACKS

Much of the effort made to mitigate faults in CPS has focused on safety and reliability
(the protection of systems against random and/or independent faults). Attack mitigation is
an extension of safety and reliability protections when the faults in the systems are

14
created by a strategic adversary. There are two main types of mitigating technologies: i)
proactive and ii) reactive. Proactive mitigation consists of design choices deployed in the
CPS prior to any attack. On the other hand, reactive responses only take effect once an
attack has been detected; they reconfigure the control actions online in order to minimise
the impact of the attack. We first describe proactive approaches.

2.7.1 CONSERVATIVE CONTROL

One of the earliest ideas for mitigating the impact of attacks was to operate a system with
enough safety margins so that if an attack ever occurred, it would be harder for the
attacker to reach an unsafe region. This usually comes at the cost of suboptimal
operations under attack-free conditions. One intuitive idea for this type of control
algorithm is to use Model Predictive Control (MPC) to design a control strategy while
predicting that an attack will happen starting at the next time step.

2.7.2 SECURITY INDICES

Another early idea on attack mitigation consisted of identifying the most vulnerable
points of a system and improving its robustness by either increasing or diversifying the
number of sensors or controllers, or by allocating a limited security budget to protect a
critical subset of the system’s components so that the system can maintain reliable
operations by relying on this subset of trusted components, even if other devices are
compromised. Vaidya and others also used a measure of network vulnerability based on
controllability and observability Gramians. This mitigation strategy is obtained by using
convex optimisation to minimise the vulnerability measure and, as a result, we can find
the optimal location for a secure set of sensors. Similarly, Vukovic and others defined a
measure that quantifies the importance of individual systems and the cost of attacking
individual measurements. The goal was to mitigate integrity attacks by modifying the
routing and data authentication.

2.7.3 RESILIENT ESTIMATION

Estimation algorithms attempt to obtain the system’s state from sensor values, and
resilient estimation algorithms attempt to obtain this state, even if a subset of sensors is
compromised. The idea is to use redundancy and resilient algorithms such as error-
correcting codes to estimate a value accurately, even when a subset of sensor values is
compromised. The objective of the system operator is to find the optimal estimator that
minimises the estimation error while knowing an upper bound on the number of sensors
that are under attack (i.e., the operator knows or assumes l).

2.7.4 INERTIAL RESETS

Another idea for mitigating attacks is to reset and diversify the system as frequently
as possible so that attackers are unable to gain constant control of the system. The basic
idea is that if a system is compromised by malware, a full software reset will make the
system boot again in a trusted state, thus eliminating the attacker’s presence. While the
15
system is rebooting, the CPS operates by the inertia provided by the last control action
and if the reboot is fast enough, the system can be controlled with no major performance
impacts. This solution requires the system to have a trusted computing base that can boot
the system in a secure state where the malware is not loaded yet.

2.7.5 CONSTRAINING ACTUATION

A similar principle of operating conservatively is to physically constrain the actuators of

a CPS so that if an attacker ever succeeds in gaining access to the system, it is restricted
in how fast it can change the operation of the system. This approach can guarantee, for
example, the safety of vehicle platooning systems, even when the attacker has complete
control of one of the vehicles. Reactive defences rely on reconfiguring the control system
to react against faults in sensors or actuators in the control loop (also known as fault-
tolerance control). When sensors or controllers are under attack, new actions are
generated in order to maintain the safety of the system.

2.7.6 VIRTUAL SENSORS

When we use physical-law anomaly detection systems we have in effect a model

of the physical evolution of the system. Therefore, one way to mitigate attacks on the
sensors of a CPS is to use a physical model of the system to come up with the expected
sensor values, which can then be provided to the control algorithm. The physical models
are not perfect, and while they might mitigate the impact of an attack, it is, therefore,
important to evaluate the safety of the system whenever virtual sensors are being used as
a response to a false alarm.

2.7.7 GAME THEORY

Game theory is often useful to capture the strategic nature of adversaries when they
take over control inputs to the CPS. In these models, an attacker compromises a set of
control signals uak 2 Rma and the defender uses the remaining controllers ud
k 2 Rmd to deploy a defence action. The game between the attacker and the defender can
be sequential (e.g., a Stackelberg game) which would correspond to a reactive defence;
however, the defence can also be proactive by considering simultaneous games (zero-sum
or minimax).

2.7.8 SAFE CONTROLS

Another reactive approach is to change or even prevent a potentially malicious control

action from acting on the system. The idea of having a high assurance controller (HAC)
as a backup to a high-performance controller (HPC) predates work on CPS security, and
was proposed as a safety mechanism to prevent complex and hard-to-verify HPCs from
driving the system into unsafe states. A more recent and security-oriented approach is to
use the concept of a reference monitor to check if the control action will result in any
unsafe behaviour before it is allowed to go into the field. The proposed approach depends

16
on a controller of controllers (C2), which mediates all the control signals sent by the
controller to the physical system. In particular, there are three main properties that C2
attempts to hold: 1) safety (the approach must not introduce new unsafe behaviours, i.e.,
when operations are denied the ‘automated’ control over the plant should not lead
the plant to an unsafe behaviour); 2) security (mediation guarantees should hold under all
attacks allowed by the threat model); and 3) performance (control systems must meet
real-time deadlines while imposing minimal overheads).

2.8 Summary

As technology continues to integrate computing, networking, and control elements in

new cyber physical systems, we also need to train a new generation of engineers,
computer scientists and social scientists to be able to cover the multidisciplinary nature of
CPS security, such as transduction attacks. In addition, as the technologies behind CPS
security mature, some of them will become industry-accepted best-practices and will
transition to industry, while others might be forgotten. In 2018, one of the areas with the
greatest momentum was the industry for network security monitoring in cyber-physical
networks. Several start-up companies in the U.S., Europe, and Israel offer services
for profiling and characterising industrial networks, to help operators with their asset
inventory and to better understand what assets and traffic are allowed and what should be
blocked. On the other hand, there are other areas that are just starting to be analyded such
as the work on attack mitigation, which places too many performance constraints for
operating CPS when there are no attacks. We are only at the starting point in CPS
security research, and the decades to come will bring new challenges as we continue to
understand the interplay between cyber and physical components in CPS, the behaviour
of physical processes under attack and more effective security protections.

17
 CHAPTER 3

CONCLUSION AND FUTURE SCOPE

Advantages of Cyber Physical Systems

 Fast way to ensure safety in various real-world processes

 Ensures efficiency in various real-world processes
 Improvement in life quality for countless people
 Potential to bring a positive revolution to the world
 Can perform countless calculations instantaneously

Disadvantages of Cyber Physical Systems

 Possible Terminator type scenario

 Unemployment
 Unpredictability
 Loss of purpose in life
 Computers gaining self-awareness

3.1 NATIONAL MISSION ON INTERDISCIPLINARY CYBER

PHYSICAL SYSTEM

Cyber Physical Systems (CPS) are new class of engineered systems that integrate
computation and physical processes in a dynamic environment. CPS encompasses
technology areas of Cybernetics, Mechatronics, Design and Embedded systems, Internet
of Things (IoT), Big Data, Artificial Intelligence (AI) and many more.  The CPS systems
are intelligent, autonomous and efficient and are expected to drive innovation in sectors
as diverse as agriculture, water, energy, transportation, infrastructure, security, health and
manufacturing. Thus, it is heralded as the next paradigm shift in technology that can
exponentially spur growth and development. 

To harness the potential of this new wave of technology and make India a leading player
in CPS, the Union Cabinet approved the launch of National Mission on Interdisciplinary
Cyber-Physical Systems (NM-ICPS) to be implemented by the Department of Science &
Technology (DST) with a total outlay of Rs. 3660 Crore for a period of five years. The
Mission aims to create a strong foundation and a seamless ecosystem for CPS
technologies by coordinating and integrating nationwide efforts encompassing knowledge
generation, human resource development, research, technology and product development,
innovation and commercialization. The mission will be implemented through a network
of 15 Technology Innovation Hubs (TIHs), 6 Sectoral Application Hubs (SAHs) and 4
Technology Translation Research Parks (TTRPs). Each hubs and technology parks will

18
 follow a technology life cycle approach, addressing all stages viz.
Knowledge-Development-Translation-Commercialization. Being part of CPS Mission
continuum, the hubs and parks will not have sharp boundaries of function but will
overlap to address the complete technology life cycle. The entities will function in a
network mode and they will have multiple forward and backward linkages with each
other. They will work in tandem to achieve their proposed objectives as well as undertake
other external projects and need based requirements. The hubs will be equipped and
funded to function independently as stand-alone entities, however they would leverage
each other’s strengths and power of collaboration to produce synergistic outcomes. 

The first Phase of NM-ICPS will focus on establishing six Technology Innovation
Hubs (TIHs) in the following domain areas:
1. Artificial Intelligence and Machine Learning
2. Technologies for Internet of Things and Everything (IOT & IOE), Sensors,
Activators and Control
3. Databanks & Data Services, Data Analytics
4. Advanced Communication Systems
5. Robotics & Autonomous Systems
6. Cyber Security and Cyber Security for Physical Infrastructure  
The first phase of NM-ICPS will be implemented by Science and Engineering
Research Board (SERB). Proposals are invited from reputed Academic and R&D
institutions, with an impressive track record of scientific excellence, depth of
experience in the proposed field and a strategic vision, to establish and sustain
dynamic technology innovation hubs in Cyber Physical Systems.

3.1.1 GENERAL OBJECTIVES

Technology Innovation Hubs (TIHs) will be the nodal centers spearheading the activities
in a specific domain. With leading-edge knowledge, competency and facilities, the hubs
will attract potential and harness expertise available nationwide, thus fostering research
innovation, world class technology and product development. It shall coordinate across
the country and build linkages with research institutes and labs in India and abroad. TIHs
will work in close collaboration with industry to deliver commercial technology and
products and build a vibrant innovation ecosystem by providing a reliable platform for
technology-based start-ups and entrepreneurs. 

3.1.2 SPECIFIC OBJECTIVES

Knowledge Generation 
 Generation of new knowledge through basic and applied research.
Technology/Product Development and Commercialisation
 Undertake expert-driven focused research for specific requirements of Industry,
other government verticals and International Collaborative Research
Programmes. 
 Translational work, by delivering technologies or technology solutions on the
ground. TIHs shall also work on lower TRLs. 
19
 HRD and Skill Development
 Development of highly knowledgeable human resource with top-order skills
including Graduate Internships, Postgraduate Fellowships, Doctoral Fellowships,
Post-doctoral Fellowships, Faculty Fellowships, Chair Professorships.  
Innovation, Entrepreneurship and Start-up Ecosystem
 Enhance competencies, capacity building and training to nurture innovation and
start-ups. 
 Support young and aspiring entrepreneurs for enabling translation of idea to
prototype. 
 Inspire best talents to be entrepreneurs by providing support in the form of
fellowship, providing guidance and coworking spaces for developing their ideas
into products. 
 Initial funding assistance for student start-ups. 
 Create linkages with existing Technology Business Incubators (TBI) or create
new TBI in Host Institute. 
International Collaboration
 Leverage international alliances which can add value to the chosen domain.  
 Connect Indian research with global efforts in the proposed domain areas.  
 Participate in international projects and advanced facilities.  
The Specific objectives mentioned above should effectively integrate to achieve
the envisioned objectives of the TIH. 

3.1.3 NATURE OF SUPPORT

The mission aims to create robustly productive and sustainable hubs with associated
ecosystem. The Hub development mechanism adopts a bottom-up revenue model in
which the initiation of the Hub is by government support, through NM-ICPS, for
developing capabilities and gradual build-up of resource generation in the later years of
the project period. 

The financial support for each TIH under NM-ICPS would be about Rs 115 crore in a
project mode for a period of five years. Total budget for individual hubs may vary based
on domain area of specialisation, proposed plans and their requirement based on the
recommendations and decisions of the competent committee. 

The budget provided is to attract the critical mass. The Hub has to develop the capability
to mobilise resources. As such a symbiotic relationship between R&D and
commercialization have to developed. From 4th year onwards, 20 – 30% capital must be
from private pools and the hub has to be 100% self-sustainable within the five-year
period. A well-planned roadmap with revenue channels have to be worked out which can
include,
1. Applied technologies and engineering through innovative products or services
2. IP creation and Licensing (could lead to new ventures)
3. Training and Consulting
4. Policy guidelines and help in formulation
5. Databank creation across strategic areas of focus.

20
Industry partnership is not mandatory during proposal submission stage, but preference
would be given who have tie-ups upfront with industry.  

Financial support for each hub may wary depending on the domain area and planned
activities. 

3.1.4 MANAGEMENT OF HUBS

The Hubs will be managed by Hub Governing Body (HGB), with Head of the Institution
as the Chairman. The Hub governing body will have full financial and administrative
powers. 

Fig. 3.1 National Mission on Interdisciplinary Cyber-Physical Systems

21
REFERENCES
Journal Papers:
[1]A Humayed, J Lin, F Li, B Luo internet of things journal IEEE 2017
[2] A Banerjee, KK Venkatasubramanian… - Proceedings of the …, 2011 - ieeexplore.ieee.org
Books:
[3] Cyber-physical systems: integrated computing and engineering design by Fei Hu
[4] Cyber-physical systems: a computational perspective by Gaddadevara Matt Siddesh, Ganesh
Chandra Deka, Krishnarajanagar GopalaIyengar Srinivasa, Lalit Mohan Patnaik
Technical Reports:
[5] Ricky Henry Rawung; Aji Gautama Putrada cyber physical system paper survey online IEEE
2014
Papers from Conference Proceedings (Published):
[6] Journal of Industrial Integration and Management, 2017 - World Scientific.
Dissertations:
[7] F. Mueller, “Challenges for cyber-physical systems: Security, timing analysis and soft error
protection,” in High-Confidence Software Platforms for Cyber-Physical Systems (HCSP-CPS)
Workshop, Alexandria, Virginia, 2006, p. 4
Standards:
[8] K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor,
D. Anderson, H. Shacham et al., “Experimental security analysis of a modern automobile,” in
Security and Privacy (SP), 2010 IEEE Symposium on. IEEE, 2010, pp. 447–462.
[9] L. J. Wells, J. A. Camelio, C. B. Williams, and J. White, “Cyber-physical security challenges
in manufacturing systems,” Manufacturing Letters, vol. 2, no. 2, pp. 74–77, 2014.
[10] “Consumer reports to begin evaluating products, services for privacy and data security,”
Consumer Reports, March 2017
URL:
[11] https://serbonline.in/ICPS/HomePage

22