AST-SafeSec: Adaptive Stress Testing for Safety and Security Co-analysis
of Cyber-Physical Systems
- Nektaria Kaloudi ,
- Jingyue Li
Abstract
Cyber-physical systems are becoming more intelligent with the adoption
of heterogeneous sensor networks and machine learning capabilities that
deal with an increasing amount of input data. While this complexity aims
to solve problems in various domains, it adds new challenges for the
system assurance. One is the rise of the number of abnormal behaviors
that affect system performance due to possible sensor faults and
attacks. The combination of safety risks, which are usually caused by
random sensor faults and security risks, which can happen at any random
state of the systems, makes the full coverage testing of the
cyber-physical system to be challenging. Existing techniques are
inadequate to deal with complex, safety and security co-risks on
cyber-physical systems. In this paper, we propose AST-SafeSec, an
analysis methodology for both safety and security aspects, which
utilizes reinforcement learning to identify the most-likely adversarial
paths at various normal or failure states of a cyber-physical system
that can influence system behavior through its sensor data. The
methodology is evaluated using an autonomous vehicle scenario by
incorporating security attack into the stochastic sensor elements of the
vehicle. Evaluation results show that the methodology analyzes the
interaction of malicious actions with random faults, and identifies the
incident caused by the interactions and the most-likely path that leads
to the incident.2023Published in IEEE Transactions on Information Forensics and Security volume 18 on pages 5567-5579. 10.1109/TIFS.2023.3309160