Analysis of information flow security in cyber–physical systems

Information flow is a fundamental concept underlying the security of a system. Confidentiality of information in a system can be breached through unrestricted information flow. Physical components added to a cyber system considerably increase the difficulty of determining information flow and the difficulty of mitigating the corresponding confidentiality problem. Fundamentally, physical actions inherently divulge information through simple observation. This work applies classical models of non-deducibility and non-inference to cyber–physical systems (CPSs) to determine information flow in the coupled cyber and physical worlds. The results demonstrate that the combined physical and cyber properties of a CPS can both protect and divulge information. The key to formalizing this analysis is to find a uniform semantic representation of the cyber and physical components, their interaction, and the physics of the system, and to devise a formal modeling technique for determining information flow.This paper presents a semantic model for information flow analysis in a CPS and describes an approach to perform the analysis, including both trace-based analysis and automated analysis through process algebra specification. Two model infrastructures demonstrate the approach, a gas pipeline system and a smart electric power grid system. In the gas pipeline system, cooperating flow control system devices exchange confidential information to produce physical actions in the pipeline. In the smart grid, cooperating flexible alternating current transmission system devices exchange confidential information to produce physical actions. The approach can verify whether these infrastructures inherently preserve confidentiality.