International Journal of Naval Architecture and Ocean Engineering

The Society of Naval Architects of Korea (대한조선학회)
권호 표지
DOI QR코드

DOI QR Code

Enforcement of opacity security properties for ship information system

  • Xing, Bowen (College of Engineering Science and Technology, Shanghai Ocean University) ;
  • Dai, Jin (Department of Electrical Engineering, University of Notre Dame) ;
  • Liu, Sheng (College of Automation, Harbin Engineering University)
  • Received : 2015.11.23
  • Accepted : 2016.05.11
  • Published : 2016.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, we consider the cybersecurity issue of ship information system (SIS) from a new perspective which is called opacity. For a SIS, its confidential information (named as "secret") may be leaked through the working behaviors of each Distributed Control Unit (DCU) from an outside observer called an "intruder" which is able to determine ship's mission state by detecting the source of each data flow from the corresponding DCUs in SIS. Therefore we proposed a dual layer mechanism to enforce opacity by activating non-essential DCU during secret mission. This mechanism is calculated by two types of insertion functions: Safety-assured insertion function ($f_{IS}$) and Admissibility-assured insertion function ($f_{IA}$). Due to different objectives, $f_{IS}$ is designed to confuse intruder by constructing a non-secret behaviors from a unsafe one, and the division of $f_{IA}$ is to polish the modified output behaviors back to normal. We define the property of "$I_2$-Enforceability" that dual layer insertion functions has the ability to enforce opacity. By a given mission map of SIS and the marked secret missions, we propose an algorithm to select $f_{IS}$ and compute its matchable $f_{IA}$ and then the DCUs which should be activated to release non-essential data flow in each step is calculable.

Keywords

References

  1. Ben-Kalefa, M., Lin, F., 2011. Supervisory control for opacity of discrete event systems. In: Communication, Control, and Computing (Allerton), 2011 49th Annual Allerton Conference on, IEEE, pp. 1113-1119.
  2. Bryans, J.W., Koutny, M., Mazare, L., Ryan, P.Y., 2008. Opacity generalised to transition systems. Int. J. Inf. Secur. 7 (6), 421-435. https://doi.org/10.1007/s10207-008-0058-x
  3. Cassez, F., Dubreil, J., Marchand, H., 2012. Synthesis of opaque systems with static and dynamic masks. Formal Methods Syst. Des. 40 (1), 88-115. https://doi.org/10.1007/s10703-012-0141-9
  4. Dubreil, J., Darondeau, P., Marchand, H., 2010. Supervisory control for opacity, automatic control. IEEE Trans. 55 (5), 1089-1100.
  5. Falcone, Y., Marchand, H., 2015. Enforcement and validation (at runtime) of various notions of opacity. Discret. Event Dyn. Syst. 25 (4), 531-570. https://doi.org/10.1007/s10626-014-0196-4
  6. Jacob, R., Lesage, J.-J., Faure, J.-M., 2015. Opacity of discrete event systems: models, validation and quantification. IFAC-PapersOnLine 48 (7), 174-181.
  7. Kumari, S., Khan, M.K., 2014. More secure smart card-based remote user password authentication scheme with user anonymity. Secur. Commun. Netw. 7 (11), 2039-2053. https://doi.org/10.1002/sec.916
  8. Liang, Y., Poor, H.V., et al., 2009. Information theoretic security. Found. Trends Commun. Inf. Theory 5 (4-5), 355-580.
  9. Lin, F., 2011. Opacity of discrete event systems and its applications. Automatica 47 (3), 496-503. https://doi.org/10.1016/j.automatica.2011.01.002
  10. Liu, S., Xing, B., Li, B., Gu, M., 2014. Ship information system: overview and research trends. Int. J. Nav. Archit. Ocean Eng. 6 (3), 670-684. https://doi.org/10.2478/IJNAOE-2013-0204
  11. Mazare, L., 2004. Using unification for opacity properties. In: Proceedings of the 4th IFIP WG1 7, pp. 165-176.
  12. Rabbachin, A., Conti, A., Win, M.Z., 2015. Wireless network intrinsic secrecy. Netw. IEEE ACM Trans. 23 (1), 56-69. https://doi.org/10.1109/TNET.2013.2297339
  13. Takai, S., Oka, Y., 2008. A formula for the supremal controllable and opaque sublanguage arising in supervisory control. SICE J. Control Meas. Syst. Integr. 1 (4), 307-311. https://doi.org/10.9746/jcmsi.1.307
  14. Wang, D., Wang, P., 2014. On the anonymity of two-factor authentication schemes for wireless sensor networks: attacks, principle and solutions. Comput. Netw. 73, 41-57. https://doi.org/10.1016/j.comnet.2014.07.010
  15. Wu, Y.-C., Lafortune, S., 2012. Enforcement of opacity properties using insertion functions. In: Decision and Control (CDC), 2012 IEEE 51st Annual Conference on. IEEE, pp. 6722-6728.
  16. Wu, Y.-C., Lafortune, S., 2013. Comparative analysis of related notions of opacity in centralized and coordinated architectures. Discret. Event Dyn. Syst. 23 (3), 307-339. https://doi.org/10.1007/s10626-012-0145-z
  17. Wu, Y.-C., Lafortune, S., 2014. Synthesis of insertion functions for enforcement of opacity security properties. Automatica 50 (5), 1336-1348. https://doi.org/10.1016/j.automatica.2014.02.038
  18. Xing, B., Liu, S., Zhu, W., 2015. Actuator channel setting strategy for ship information systems based on reachability analysis and physical characteristic. In: Environment and Electrical Engineering (EEEIC), 2015 IEEE 15th International Conference on. IEEE, pp. 932-937.
  19. Xing, B., Liu, S., Chen, X., Zhi, P.. Design of sensor data flow for ship information system. Submitted to J. Ship Prod. Des..

Cited by

  1. Toward Digitalization of Maritime Transport? vol.19, pp.4, 2019, https://doi.org/10.3390/s19040926
  2. Appraisal of a Ship’s Cybersecurity efficiency: the case of piracy vol.13, pp.3, 2016, https://doi.org/10.1007/s12198-020-00223-1