Browse > Article
http://dx.doi.org/10.1016/j.ijnaoe.2016.05.012

Enforcement of opacity security properties for ship information system  

Xing, Bowen (College of Engineering Science and Technology, Shanghai Ocean University)
Dai, Jin (Department of Electrical Engineering, University of Notre Dame)
Liu, Sheng (College of Automation, Harbin Engineering University)
Publication Information
International Journal of Naval Architecture and Ocean Engineering / v.8, no.5, 2016 , pp. 423-433 More about this Journal
Abstract
In this paper, we consider the cybersecurity issue of ship information system (SIS) from a new perspective which is called opacity. For a SIS, its confidential information (named as "secret") may be leaked through the working behaviors of each Distributed Control Unit (DCU) from an outside observer called an "intruder" which is able to determine ship's mission state by detecting the source of each data flow from the corresponding DCUs in SIS. Therefore we proposed a dual layer mechanism to enforce opacity by activating non-essential DCU during secret mission. This mechanism is calculated by two types of insertion functions: Safety-assured insertion function ($f_{IS}$) and Admissibility-assured insertion function ($f_{IA}$). Due to different objectives, $f_{IS}$ is designed to confuse intruder by constructing a non-secret behaviors from a unsafe one, and the division of $f_{IA}$ is to polish the modified output behaviors back to normal. We define the property of "$I_2$-Enforceability" that dual layer insertion functions has the ability to enforce opacity. By a given mission map of SIS and the marked secret missions, we propose an algorithm to select $f_{IS}$ and compute its matchable $f_{IA}$ and then the DCUs which should be activated to release non-essential data flow in each step is calculable.
Keywords
Ship information system; Enforcing opacity; Insertion function;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Ben-Kalefa, M., Lin, F., 2011. Supervisory control for opacity of discrete event systems. In: Communication, Control, and Computing (Allerton), 2011 49th Annual Allerton Conference on, IEEE, pp. 1113-1119.
2 Bryans, J.W., Koutny, M., Mazare, L., Ryan, P.Y., 2008. Opacity generalised to transition systems. Int. J. Inf. Secur. 7 (6), 421-435.   DOI
3 Cassez, F., Dubreil, J., Marchand, H., 2012. Synthesis of opaque systems with static and dynamic masks. Formal Methods Syst. Des. 40 (1), 88-115.   DOI
4 Dubreil, J., Darondeau, P., Marchand, H., 2010. Supervisory control for opacity, automatic control. IEEE Trans. 55 (5), 1089-1100.
5 Falcone, Y., Marchand, H., 2015. Enforcement and validation (at runtime) of various notions of opacity. Discret. Event Dyn. Syst. 25 (4), 531-570.   DOI
6 Jacob, R., Lesage, J.-J., Faure, J.-M., 2015. Opacity of discrete event systems: models, validation and quantification. IFAC-PapersOnLine 48 (7), 174-181.
7 Kumari, S., Khan, M.K., 2014. More secure smart card-based remote user password authentication scheme with user anonymity. Secur. Commun. Netw. 7 (11), 2039-2053.   DOI
8 Liang, Y., Poor, H.V., et al., 2009. Information theoretic security. Found. Trends Commun. Inf. Theory 5 (4-5), 355-580.
9 Lin, F., 2011. Opacity of discrete event systems and its applications. Automatica 47 (3), 496-503.   DOI
10 Liu, S., Xing, B., Li, B., Gu, M., 2014. Ship information system: overview and research trends. Int. J. Nav. Archit. Ocean Eng. 6 (3), 670-684.   DOI
11 Mazare, L., 2004. Using unification for opacity properties. In: Proceedings of the 4th IFIP WG1 7, pp. 165-176.
12 Rabbachin, A., Conti, A., Win, M.Z., 2015. Wireless network intrinsic secrecy. Netw. IEEE ACM Trans. 23 (1), 56-69.   DOI
13 Takai, S., Oka, Y., 2008. A formula for the supremal controllable and opaque sublanguage arising in supervisory control. SICE J. Control Meas. Syst. Integr. 1 (4), 307-311.   DOI
14 Wang, D., Wang, P., 2014. On the anonymity of two-factor authentication schemes for wireless sensor networks: attacks, principle and solutions. Comput. Netw. 73, 41-57.   DOI
15 Wu, Y.-C., Lafortune, S., 2012. Enforcement of opacity properties using insertion functions. In: Decision and Control (CDC), 2012 IEEE 51st Annual Conference on. IEEE, pp. 6722-6728.
16 Wu, Y.-C., Lafortune, S., 2013. Comparative analysis of related notions of opacity in centralized and coordinated architectures. Discret. Event Dyn. Syst. 23 (3), 307-339.   DOI
17 Wu, Y.-C., Lafortune, S., 2014. Synthesis of insertion functions for enforcement of opacity security properties. Automatica 50 (5), 1336-1348.   DOI
18 Xing, B., Liu, S., Zhu, W., 2015. Actuator channel setting strategy for ship information systems based on reachability analysis and physical characteristic. In: Environment and Electrical Engineering (EEEIC), 2015 IEEE 15th International Conference on. IEEE, pp. 932-937.
19 Xing, B., Liu, S., Chen, X., Zhi, P.. Design of sensor data flow for ship information system. Submitted to J. Ship Prod. Des..