Building an Effective Security Program for Distributed Energy Resources and Systems. Mariana Hentea
The CPS will provide the foundation of our critical infrastructure, form the basis of emerging and future smart services, and improve our quality of life in many areas [NIST CPS].
2.1.4 Cyber–Physical Systems Applications
The vision is that CPS could improve many existing systems, such as robotic manufacturing systems; electric power generation and distribution; process control in chemical factories; distributed computer games; transportation of manufactured goods; heating, cooling, and lighting in buildings; people movers such as elevators; and bridges that monitor their own state of health. The impact of such improvements on safety, energy consumption, and the economy is potentially enormous. So modern businesses rely on CPS to accurately sync the real‐world status on backend systems and processes.
CPS can be found extensively in multiple domains including the electricity sector [Parolini 2012]. CPS is seen as an integral part of the Smart Grid as discussed by Karnouskos in [Karnouskos 2011], [Karnouskos 2012]. The perspective of this researcher is that the Smart Grid will have to heavily depend on CPS that are able to monitor, share, and manage information and actions on the business as well as the physical power grid. Many traditional parts of the Smart Grid are increasingly CPS dominated. In generation, CPS control the connection to the network as well as the operational aspects in the electricity generation side such as solar and wind parks, hydro facilities, etc.
CPS involve traditional IT as in the passage of data from sensors to the processing of those data in computation. CPS also involve traditional operational technology (OT) for control aspects and actuation. The combination of these IT and OT worlds along with associated timing constraints is a particularly new feature of CPS.
Figure 2.9 depicts the use of CPS for smart transportation [Ling 2015]. The components of the CPS are a collection of computing devices communicating with one another and interacting with the physical world via sensors and actuators in a feedback loop as described in [Lee 2015a].
Figure 2.9 Components of CPS for smart transportation.
Source: [Ling 2015]. © 2016, IEICE.
Figure 2.10 is a simple representation of a CPS with the components, computation, communication, and control that interact with the cyber and physical world.
Figure 2.10 Cyber–physical system – simple structure.
Generally, the structure for a CPS includes physical plant, computational platforms, and the network fabric. An application may use two networked platforms with their own sensors and/or actuators. The embedded computers interact with a physical plant through sensors and actuators and with each other through a network fabric. The action taken by the actuators affects the data provided by the sensors through the physical plant.
As described in [Lee 2015b], the design of CPS, therefore, requires understanding the joint dynamics of computers, software, networks, and physical processes. The author argues that it is this study of joint dynamics that sets this CPS discipline apart. CPS is a discipline that combines engineering models and methods from mechanical, environmental, civil, electrical, biomedical, chemical, aeronautical, and industrial engineering with the models and methods of computer science. Therefore, there are theoretical and practical challenges in the design of CPS applications; among them security is an alarming concern that requires imperative investment.
2.2 Cybersecurity
The term cybersecurity is associated with the security of the cyberspace, which was coined in a science fiction novel [Gibson 1984], as a futuristic computer network that people use by plugging their minds into it or the electronic medium of computer networks, in which online communication takes place. However, there are many definitions for cybersecurity and cyberspace that evolved over time. Many cyber terms are coming into vogue, and a few organizations have tried to include significant definitions that allow us to make useful distinctions when compared with existing terms. Thus, when searching for definitions of certain security concepts and terms, we find identical definitions (one glossary references another glossary), similar definitions, or definitions that are too short or too long, or missing.
2.2.1 Cybersecurity Definitions
The following is a sequence of definitions for cybersecurity and cyberspace as provided in known glossaries.
Cybersecurity is the ability to protect or defend the use of cyberspace from cyber attacks [CNSSI 4009].
Cybersecurity is the ability to protect or defend the use of cyberspace from cyber attacks [NISTIR 7298r2].
Cybersecurity