0
Select Articles

Teaching Cyber-Physical Systems OPEN ACCESS

[+] Author Notes
Edwin Zivi

Professor of Systems Engineering, United States Naval Academy

Edwin L. Zivi received the B.S. degree in Engineering Science and Mechanics from the Virginia Polytechnic Institute and State University, Blacksburg, in 1975. He received the M.S. and Ph.D. degrees in mechanical engineering from the University of Maryland, College Park, in 1983 and 1989, respectively.

Ed’s present position is Professor of Systems Engineering at the United States Naval Academy, Annapolis, MD where his teaching and research focus on the design and implementation of resilient control systems. Ed manages the Systems Engineering Cyber Systems major elective track and developed the current course offerings. Ed leads the development of Cyber-Physical Systems at the Naval Academy and is presently developing a new Internet-of-Things (IoT) major elective.

Prior to 1998, he was a Senior Research Engineer and Technical Advisor at the Naval Surface Warfare Center, Annapolis, MD. In one project, he served as technical director for the NAVSEA Standard Monitoring and Control System leading the project from inception through fullscale land-based testing. His research focuses on resilient Cyber-Physical Systems, integrated electrical power systems and early-stage trade-space design methods and tools. The Office of Naval Research has been Ed’s primary sponsor throughout his 40-year career.

Mechanical Engineering 139(03), S3-S8 (Mar 01, 2017) (6 pages) Paper No: ME-17-MAR4; doi: 10.1115/1.2017-Mar-4

This article discusses various aspects of a course on cyber-physical systems (CPS) in the educational programs of defense organizations. CPS are engineered systems that are built from, and depend upon, the seamless integration of computational algorithms and physical components. The article also highlights various objectives of the CPS course. A central challenge to deploying resilient CPSs involves the appreciation for the multi-disciplinary challenges and the lack of a unified framework for CPS analysis, design and implementation. A significant part of the course focuses on a case study in industrial control of a Vinyl Acetate (VAc) chemical plant. The course described herein presents fundamental concepts within the rapidly expanding field of CPS and has been tailored to and is well received by U.S. Naval Academy Systems Engineering senior level engineering students. The U.S. Naval Academy thrust in cyber security studies includes a new major, Cyber Sciences, and construction of a new facility, Hopper Hall, to house the assembled multi-disciplinary teaching and research team.

In response to ever-present cyber threats, the U. S. Naval Academy thrust in cyber security studies includes a new major, Cyber Sciences, and construction of a new facility, Hopper Hall, to house the assembled multi-disciplinary teaching and research team. An essential component of this initiative is Cyber-Physical Systems (CPS) dependability and security of critical infrastructure and mission-critical systems. To address this need, a new senior-level engineering undergraduate technical elective has been offered and evolved over the past five years. Key concepts, design, content and teaching experiences are presented herein. Targeted primarily to Systems Engineering majors, this course builds on a foundation of linear control system design and embedded computer hardware / software integration to explore fundamental CPS concepts, attributes and risks. The course contains three primary themes: (1) fundamentals including the evolution of CPS including shipboard engineering plants, (2) a simulation-based case study of the dynamic interdependencies associated with cyber intrusions into a vinyl acetate industrial plant control challenge problem and (3) hands-on Controller Area Network (CAN) and CANopen real-time embedded control networks. The long-term objective is to provide an integrative teaching, learning and research environment for multidisciplinary advances targeting unification of key CPS enabling technologies including: (1) control theory, (2) computer science (3), communications, (4) embedded systems and (5) cyber security. The discussion commences with an introduction to CPS concepts and a survey of CPS research needs.

As defined by the National Science Foundation, “Cyber-physical systems (CPS) are engineered systems that are built from, and depend upon, the seamless integration of computational algorithms and physical components” [1]. The President's Council of Advisors on Science and Technology assesses that cyber-physical systems “are now a national priority for Federal R&D. Improved methods are needed for the efficient development of these systems. These methods must assure high levels of reliability, safety, security, and usability” [2]. CPS “scientific and technological importance as well as its potential impact on grand challenges in a number of sectors critical to U.S. security and competitiveness” [3] has been established along with strategic challenges and driving sectors including: (1) Defense, (2) Energy, (3) Transportation, (4) Manufacturing, (5) Buildings and Infrastructure, and (6) Healthcare. Potentially catastrophic failures of highly vulnerable national infrastructure such as the terrestrial power grid [4] and mission systems could have disastrous consequences.

The Editorial of the Editor in Chief of IEEE Transactions on Automatic Control special issue on CPS states that “The control of Cyber-Physical Systems presents enormous challenges and requires approaches drawn from Systems and Control, such as those in traditional control, hybrid control systems, discrete event systems, networked control, and also approaches drawn from Computer Science, such as abstraction and verification, Networks, and many other areas depending on the applications of interest. The large scale and heterogeneity of components in CPS introduce grand research challenges. Robustness, resilience, reliability, safety and security issues for changing and reconfiguring dynamical systems must be addressed and these are novel research areas of great importance. The integration of different technologies and scientific domains presents new and challenging fundamental problems underlying the theoretical foundations for this class of systems” [5].

The Networking and Information Technology Research and Development (NITRD) program identifies the following research needs: “A new systems science is needed to provide unified foundations, models and tools, system capabilities, and architectures that enable innovation in highly dependable cyber-enabled engineered and natural systems. Better understanding of system complexity is also necessary in this research area to aid in improved management and decision support. Specific technical areas for emphasis include:

  • Unifying foundations for modeling, predicting, and controlling systems that exhibit combined cyber (logical/discrete/digital) and physical (continuous/analog) system behaviors

  • New approaches for supervisory control of systems that must interact on an ad hoc basis

  • Scientific and engineering principles, metrics, and standards that integrate the disciplines of real-time embedded systems, control, communications/networking, security, and human-machine interaction

  • Technology to close the design and productivity gap between modeling, programming, and runtime execution of cyber-physical systems

  • Principles for reasoning about and actively managing properties of complex, multiscale, real-time cyber- physical system interactions, including safety, security, reliability, and performance

  • Design methods and systems technology for autonomy, human interaction, and management of control authority

  • Open systems approaches for composition, integration, and coordination of cyber-physical Systems” [6].

At the heart of this effort is the search for effective and efficient mathematical formulations, methods and tools that bridge the semantic and temporal gaps between physical and cyber systems [7]. More specifically, time is an essential attribute of the physics-based differential equation modeling and control synthesis of dynamic systems wherein time is critical to the correctness of the solution. However, in computer science and communications, discrete mathematic formalisms such as finite state machines predominate wherein time is typically treated as a measure of responsiveness and is rarely associated with correctness. Embedded systems represent the preliminary fusion of control theory and computer engineering wherein invariant time steps and bounded latencies enable the application of digital control theory [8]. The emergence of CPS systems composed of complex computer architectures, operating systems, middle-ware, communications networks and protocols and cyber intrusions require new hybrid continuous-time and discrete-event-driven mathematical formalisms [9], [10]. The final essential ingredient is the incorporation of cyber security into CPS design, analysis, and implementation and maintenance considerations including: (1) threat modeling, (2) vulnerability analysis and (3) life cycle cyber security risk management [11], [12] . The key differences in Information Technology (IT) and CPS security are highlighted by the Figure 1 comparison of key attributes [13].

FIGURE 1 Comparison of IT and CPS Security Attributes.

Grahic Jump LocationFIGURE 1 Comparison of IT and CPS Security Attributes.

Operability quantifies the ability to operate throughout specific scenarios including disruptive events. Observability and controllability can be defined from two perspectives:

  1. Using linear control theory [14]

  2. The aspiration of continuous situational awareness and control authority.

The course is designed for a student population that is primarily composed of multi-disciplinary Systems Engineering majors who have taken:

  • A first year cyber security course

  • Second year C/C++ embedded computer hardware software integration and mechatronics courses

  • Third year courses in linear system analysis, modeling and control design including embedded hardware-in-the-loop experiments

  • Third year courses in electrical engineering and applications of cyber engineering.

Primary CPS learning objectives are:

  • Characterize their essential role in critical infrastructure and mission-critical systems

  • Characterize system and network vulnerabilities, resilience, and behavior under disruptive conditions

  • Investigate Supervisory Control and Data Acquisition (SCADA) systems and vulnerabilities

  • Analyze dynamic interdependence and performance of CPS feedback control systems stability and performance

  • Analyze, instrument and quantify performance of Controller Area Network (CAN) based systems including CANopen application layer systems integration and device profiles.

Part 1–Cyber-Physical Fundamentals

The course fundamentals begin with an assignment to extract key observations from the Peabody award-winning [15] 60 Minutes “Sabotaging the System” investigation [16] followed by a literature search to determine the defining attributes of Cyber-Physical Systems. Arguably, the best short answer comes from the NSF, which coined the phrase: “Cyber-physical systems (CPS) are engineered systems that are built from and depend upon the synergy of computational and physical components” [17] among a variety of opinions. Perhaps the most notable variations center on whether the inclusion of networks is an essential or merely pervasive ingredient [18]. An early laboratory small group exercise has students reallocate engineering and damage control responsibilities for conventional naval vessels under condition 1 “battle stations” to achieve the in-transition Navy crew size reductions of approximately 50%. The central focus of this exercise is to determine the necessary attributes of CPSs which are subjected to temporal and spatial bursts of disruptive events. These attributes lead to the following definitions:

  • Reliability: Duration or Probability of failure-free performance, Mean Time to Failure (MTBF) (MIL-STD-721C)

  • Availability: Probability a system is operable and committable for a specific mission (MIL- STD-721C)

  • Dependability: Ability to operate throughout a distribution of likely disruptive scenarios. In response to an ONR control challenge problem [19] design-oriented metrics for operability and dependability have been formulated and applied to early trade space design studies for resilient systems [20], [21].

A central challenge to deploying resilient CPSs involves the appreciation for the multi-disciplinary challenges and the lack of a unified framework for CPS analysis, design and implementation [22]. At this point, students embark on a two-day in-class exercise to learn from Prof. Edward Lee's excellent recorded presentation: “Cyber-Physical Systems: A Rehash or A New Intellectual Challenge?” [23]. Prof. Lee clearly distinguishes between the properties of mathematic models such as linearity and determinism and the properties of actual systems. This divergence between the idealized, nominal system and actual behavior of CPSs leads to brittle systems with complex and subtle failure modes. Lee identifies four major challenges for CPSs:

  1. Determinate CPS models

  2. Open minds about languages and tools

  3. A semantics of time

  4. A discipline of “model engineering”.

Moving from idealized, nominal systems toward more resilient systems introduces two ways to deal with faults and failures:

  1. Fault-masking systems, which hide faulty behavior, often through redundancy

  2. Fault-recovery systems that incorporate special procedures, such as retrying a failed operation.

These ideas are explored through the examples from computer networking, including token passing rings such as the ANSI X3 family of Fiber Distributed Data Interface (FDDI) network specifications which support both fault-masking and fault-recovery capabilities. Implementing counter-rotating rings can provide redundant data paths for fault masking. Moreover, disruption of links on both rings allows FDDI network nodes to perform fault recovery through constructing a new ring by wrapping around the failed segments. FDDI networks provide low-latency communication services with an upper bound specified by the token rotation time [24]. However, token passing rings such as FDDI have a serious vulnerability: any node to link state change causes the network to shut down and restart. The evolution of Ethernet from a linear bus to a switch-based star topology and the emergence of real-time Ethernet is investigated in various use cases including industrial control shipboard machinery control systems [25].

Part 2 – Cyber-Physical Case Study

A significant part of the course focuses on a case study in industrial control of a Vinyl Acetate (VAc) chemical plant. This chemical control challenge problem, “…process model contains 246 states, 26 manipulated variables, and 43 measurements. Parts of the model, e.g., the azeotropic distillation tower, are highly nonlinear.” [26] The VAc chemical plant is shown pictorially in Figure 2.

FIGURE 2 Vinyl Acetate Chemical Plant [27].

Grahic Jump LocationFIGURE 2 Vinyl Acetate Chemical Plant [27].

As a preliminary investigation, an Internal Model Controller (IMC) is developed for a simplified inputoutput model of unstable VAc polymerization reaction [28]. This introduces IMC control where the stable portion of the process plant is added as a feed forward term to a conventional Proportional, Integral plus Derivative (PID) controller. This exercise helps the students focus on the heart of this complex dynamically interdependent chemical plant and appreciate the dynamics of a gaseous phase exothermal process whose reaction rate rises exponentially with respect to temperature.

This problem-based learning project seeks to craft a cyber-intrusion to maximize production degradation while avoiding detection by the plant operators. VAc process control studies provide 26 single-input-single-output control loops providing a representative closed-loop control system model [29], [30]. The numerically-stiff simulation model contains time constants that vary from 10 of seconds to days. A MathWorks MATLAB Simulink simulation-based wrapper around the MATLAB and C simulation developed by the “Damn Vulnerable Chemical Plant” (DVCP) initiative [31], [32], [33] provides a rich environment for simulating cyber intrusions. In particular, the Simulink interface provides facilities to:

  1. Insert disturbances

  2. Change control set points

  3. Insert false sensor data

  4. Insert false controller commands

  5. Modify the feedback controllers.

Initial experiments introduced by Table 1 process disturbances subject to the itemized constraints were simulated for 12-hour scenarios.

These initial studies provided two interesting results:

  1. Insight into the dynamic interdependencies within the VAc production process

  2. Forensic investigations as to why three of the simulations crashed.

For example, the time histories associated with the third disturbance, loss of fresh HAc (Acetic Acid) feed stream, are shown in Figure 3. Note that the HAc tank level controller progressively requests increased HAc in feed. When the HAc tank is depleted after approximately 31.4 minutes, the simulation predicts a negative fluid level and is no longer mathematically valid. These observations reinforce Edward Lee's distinction between the behavior of mathematical models and real systems.

FIGURE 3 Loss of Fresh HAc (Acetic Acid) Feed Stream.

Grahic Jump LocationFIGURE 3 Loss of Fresh HAc (Acetic Acid) Feed Stream.

The VAc polymerization process is very sensitive to the concentration of oxygen. The upper Figure 4 plot highlights the response to injection of false O2 feed rate commands, shown as a dashed line compared to the controller's initial proportional gain followed by integral gain requests for increased supply of O2. The lower Figure 4 plot shows the rapid response in reactor exit flowrate. Note the overshoot in both the controller response and the exit flowrate once control authority is regained.

FIGURE 4 Interval Attack on O2 Fresh Feed Rate Control.

Grahic Jump LocationFIGURE 4 Interval Attack on O2 Fresh Feed Rate Control.

Eventually, a variety of simulated cyber-attacks were performed as summarized in Table 2.

Part 3–Controller Area networks

Controller Area Networks provide an appropriate “fieldbus” for implementing real-time embedded microcontroller systems for a wide range of applications including the transportation, manufacturing and energy sectors. As shown in Figure 5, CANopen is one of several application layers which build on CAN physical and data link layers.

FIGURE 5 CAN and CANopen Network Layers.

Grahic Jump LocationFIGURE 5 CAN and CANopen Network Layers.

CAN provides low latency, lightweight message delivery mechanism of small data packets where the highest priority message is granted first access to the data bus. All nodes remain bit-synchronized, allowing on-the-fly bus arbitration, error detection and message acknowledgement. CAN coverage begins the low-level topics including: data frame format, dominate and recessive bus state signaling, signal propagation, characteristic impedance, cable termination and cyclic redundancy checks. Graphics, animation, and captured waveforms are used to reinforce these topics. Modern microcontrollers typically include a pair of CAN interfaces as part of the internal peripheral device suite.

Once CAN low-level concepts are established, the CANopen [34] application layer is added for hardware-in-the-loop experimentation. CANopen Magic from the Embedded Systems Academy [35] is used as a rapid prototyping network system integration, network management, logging and rich Graphic User Interface (GUI). The Microsoft Windows-based CANopen Magic computers are networked to pre-programmed Peak PCAN-MicroMod Evaluation Kits [36] shown in Figure 6.

FIGURE 6 Peak PCAN-MicroMod Evaluation Kit.

Grahic Jump LocationFIGURE 6 Peak PCAN-MicroMod Evaluation Kit.

The MicroMod device is pre-programmed to conform to the CAN in Automation CiA DS-401 generic I/O device profile. Therefore, once the students complete the physical connections and the accompanying MicroMod electronic data sheet is loaded, CANopen Magic is ready to manage, configure, interact with and control the MicroMod field device. Table 3 identifies the MicroMod DS-401 generic I/O functions where Transmit Process Data Objects (TPDOs) are produced by the MicroMod and Receive Process Data Objects (RPDOs) command are sent to the MicroMod.

Once the CANopen control networks are operational and the students have acclimated to the new concepts and the rich CANopen Magic GUI, DC motors are interfaced to the MicroMod devices through motor driver and velocity measurement electronics. Initially the CANopen Magic GUI is used to send open-loop PWM motor commands to the MicroMod and provide a graphical display of motor performance.

Finally the in-house mbed [38] LPC1768 microcontroller [39] interface board [40] shown in Figure 7 is added to each standalone CANopen motor control network.

FIGURE 7 mbed LPC1768 Microcontroller Interface Board.

Grahic Jump LocationFIGURE 7 mbed LPC1768 Microcontroller Interface Board.

Initially, the mbed device is programmed to automatically send PWM motor commands using the same message format as previously demonstrated in CANopen Magic. The laboratory apparatus is now ready for various Cyber-Physical Systems experiments including:

  1. mbed-in-the-middle attacks where the mbed intercepts PWM commands from CANopen Magic and reverses the duty cycle commands to the MicroMod and motor speed messsages from the MicroMod.

  2. PI motor closed-loop control commanded and monitored by CANopen Magic.

  3. Red on blue competitions between CANopen network managers and CAN intruders. A sample CANopen Magic PI motor closed-loop control GUI screen shot is included as Figure 8.

FIGURE 8 CANopen Magic PI Motor Closed-Loop Control GUI.

Grahic Jump LocationFIGURE 8 CANopen Magic PI Motor Closed-Loop Control GUI.

The course described herein presents fundamental concepts within the rapidly expanding field of Cyber-Physical Systems, has been tailored to and is well received by U. S. Naval Academy Systems Engineering senior level engineering students. For more information, contact the author at zivi@usna.edu.

The Cyber-Physical Systems research and pedagogical developments described herein were made possible through long-term support of the Office of Naval Research and the U. S. Naval Academy. Former Assistant Research Professor Yonggon Lee assisted with the development of the CANopen hardware and software prototyping environment. Joe Bradshaw and his Technical Support Division team assistance is also gratefully acknowledged.

National Science Foundation Cyber-Physical Systems Solicitation 16-549, https://www.nsf.gov/funding/pgm_summ.jsp?pims_id=503286, visited March 20, 2016.
Leadership Under Challenge: Information Technology R&D in a Competitive World, President's Council of Advisors on Science and Technology (PCAST) report, August 2007, http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-07-nitrd-review.pdf.
Designing a Digital Future: Federally Funded Research and Development in Networking and Information Technology, President's Council of Advisors on Science and Technology (PCAST) December 2010. https://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-nitrd-report-2010.pdf.
M. Amin, Toward Self-Healing Energy Infrastructure Systems, IEEE Computer Applications in Power, pp. 20– 28, Vol. 14, No. 1, January 2001. [CrossRef]
P. Antsaklis, “Goals and Challenges in Cyber-Physical Systems Research,” Editorial of the Editor in Chief, IEEE Transactions on Automatic Control, Volume 59, Issue 12, December 2014.
CPS Vision Statement, Networking and Information Technology Research and Development (NITRD) CPS Senior Steering Group 2012, https://www.nitrd.gov/nitrdgroups/images/6/6a/Cyber_Physical_Systems_(CPS)_Vision_Statement.pdf, last visited December 19, 2016.
Edward A. Lee and Sanjit A. Seshia, Introduction to Embedded Systems, A Cyber-Physical Systems Approach, Second Edition, http://LeeSeshia.org, ISBN 978-1-312-42740-2, 2015.
Astrom and Wittenmark, Computer-controlled systems: theory and design (2nd ed.), Prentice-Hall, Inc. Upper Saddle River, NJ, USA, ISBN:0-13-168600-3, 1990.
CHESS: Center for Hybrid and Embedded Software Systems, https://chess.eecs.berkeley.edu/, last visited December 19, 2016.
Cyber-Physical Systems Virtual Organization, http://cps-vo.org/, last visited December 19, 2016.
DoD Defense Directive 8500.01 Cybersecurity, http://www.dtic.mil/whs/directives/corres/pdf/850001_2014.pdf
Risk Management Framework (RMF) for DoD Information Technology (IT), http://www.dtic.mil/whs/directives/corres/pdf/851001_2014.pdf, last visited December 19, 2016.
Krotofil, Rocking the pocket book: Hacking chemical plants for competition and extortion,” Hamburg University of Technology, presented at BLACK HAT August 2015. https://www.blackhat.com/docs/us-15/materials/us-15-Krotofil-Rocking-The-Pocket-Book-Hacking-Chemical-Plant-For-Competition-And-Extortion-wp.pdf
J. Dorf, and R. Bishop, Modern Control Systems, 11th Edition, Prentice Hall, Upper Saddle River, NH, 2008.
60 Minutes: Sabotaging the System (CBS), http://www.peabodyawards.com/award-profile/60-minutes-sabotaging-the-system, last visited December 19, 2016.
Cyber-Physical Systems (CPS) Solicitation 17-529, https://www.nsf.gov/funding/pgm_summ.jsp?pims_id=503286, last visited December 19, 2016.
Cyber-Physical Systems, http://cyberphysicalsystems.org/, last visited December 19, 2016.
E. Zivi., “Design of robust shipboard power automation systems,” International Federation of Automatic Controls (IFAC) Annual Reviews in Control, vol. 29, no. 2, 2005, pp. 261– 272, ISSN 1367-5788, DOI: 10.1016/j. arcontrol.2005.08.004 http://www.sciencedirect.com/science/article/B6V0H-4HD8BMV-1/2/a37972b711869c686548e3007980e183, last visited December 19, 2016.
A. Cramer, S. Sudhoff, E. Zivi, “Performance Metrics for Electric Warship Integrated Engineering Plant Battle Damage Response,” IEEE Transactions on Aerospace and Electronic Systems, Volume: 47, Issue: 1, 2011, Pages: 634– 646, DOI: 10.1109/TAES.2011.5705696 [CrossRef]
A. Cramer, S. Sudhoff, E. Zivi, “Metric Optimization-Based Design of Systems Subject to Hostile Disruptions,” IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans, Volume: 41, Issue: 5, 2011, Pages: 989– 1000, DOI: 10.1109/TSMCA.2010.2093887 [CrossRef]
E. Lee, “Cyber Physical Systems: Design Challenges,” International Symposium on Object/ Component/Service-Oriented Real-Time Distributed Computing (ISORC), Orlando, FL, May 6, 2008.
E. Lee, “Cyber-Physical Systems: A Rehash or a New Intellectual Challenge?,” DAC 2013, Austin June 2012, http://ieee-ceda.org/activities/distinguished-speaker-series, last visited December 19, 2016.
K. Sevcik, M. Johnson, “Cycle Time Properties Of The FDDI Token Ring Protocol,” IEEE Transactions On Software Engineering, Vol. SE-13, No. 3, March 1987.
A. Manfredi, P. Read, “Twenty Five Years of Shipboard Control System Networks,” ASNE Automation and Control Symposium, At Biloxi, MS, December 2008.
R. Cheng, D. Kedar, T. McAvoy, “A Nonlinear Dynamic Model of a Vinyl Acetate Process,” Ind. Eng. Chem. Res., 2003, 42 (20), DOI: 10.1021/ie020859k, March 12, 2003, pp 4478– 4487. [CrossRef]
B. Burgett, Process Control, Prentice Hall, Upper Saddle River, NH, 2008, pp 305– 310.
W. Luyben, B. Tyreus “An Industrial Design/Control Study for the Vinyl Acetate Monomer Process,”, Computers Chem. Engineering. Vol. 22, No. 7-8, 1998, pp. 867– 877. [CrossRef]
W. Luyden, “Design and Control of a Modified Vinyl Acetate Monomer Process,” Ind. Eng. Chem. Res., 2011, 50 (17), DOI: 10.1021/ie201131m, August 7, 2011, pp 10136– 10147.
M. Krotofil, “Damn Vulnerable Chemical Process (DVCP),” European Network for Cyber Security (ENCS), Moscow, Russia June 29, 2015.
M. Kritofil, “Rocking the pocket book: Hacking chemical plants for competition and extortion,” White Paper, Black Hat 2015, August 2015, https://www.blackhat.com/docs/us-15/materials/us-15-Krotofil-Rocking-The-Pocket-Book-Hacking-Chemical-Plant-For-Competition-And-Extortion-wp.pdf, last visited December 19, 2016.
DVCP-TE-master.zip from https://github.com/satejnik/DVCP-VAM, last visited December 19, 2016.
CAN in Automation website, https://www.can-cia.org/, last visited December 19, 2016.
CANopen Magic website, http://www.canopenmagic.com/, last visited December 19, 2016.
PEAK-System PCAN-MicroMod Evaluation Kit product webpage, http://www.peak-system.com/PCAN-MicroMod-Evaluation.221.0.html?&L=1, last visited December 19, 2016.
PCAN-MicroMod CANopen User Manual, https://www.peak-system.com/produktcd/Pdf/English/PCAN-MicroMod-CANopenFW_UserMan_eng.pdf, last visited December 19, 2016.
ARM mbed website, www.mbed.org, last visited December 19, 2016.
J. Bradshaw, C Library for mbedWSE project based single board computer for hardware peripherals, https://developer.mbed.org/users/jebradshaw/code/mbedWSEsbc/, last visited December 19, 2016.
Copyright © 2017 by ASME
View article in PDF format.

References

National Science Foundation Cyber-Physical Systems Solicitation 16-549, https://www.nsf.gov/funding/pgm_summ.jsp?pims_id=503286, visited March 20, 2016.
Leadership Under Challenge: Information Technology R&D in a Competitive World, President's Council of Advisors on Science and Technology (PCAST) report, August 2007, http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-07-nitrd-review.pdf.
Designing a Digital Future: Federally Funded Research and Development in Networking and Information Technology, President's Council of Advisors on Science and Technology (PCAST) December 2010. https://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-nitrd-report-2010.pdf.
M. Amin, Toward Self-Healing Energy Infrastructure Systems, IEEE Computer Applications in Power, pp. 20– 28, Vol. 14, No. 1, January 2001. [CrossRef]
P. Antsaklis, “Goals and Challenges in Cyber-Physical Systems Research,” Editorial of the Editor in Chief, IEEE Transactions on Automatic Control, Volume 59, Issue 12, December 2014.
CPS Vision Statement, Networking and Information Technology Research and Development (NITRD) CPS Senior Steering Group 2012, https://www.nitrd.gov/nitrdgroups/images/6/6a/Cyber_Physical_Systems_(CPS)_Vision_Statement.pdf, last visited December 19, 2016.
Edward A. Lee and Sanjit A. Seshia, Introduction to Embedded Systems, A Cyber-Physical Systems Approach, Second Edition, http://LeeSeshia.org, ISBN 978-1-312-42740-2, 2015.
Astrom and Wittenmark, Computer-controlled systems: theory and design (2nd ed.), Prentice-Hall, Inc. Upper Saddle River, NJ, USA, ISBN:0-13-168600-3, 1990.
CHESS: Center for Hybrid and Embedded Software Systems, https://chess.eecs.berkeley.edu/, last visited December 19, 2016.
Cyber-Physical Systems Virtual Organization, http://cps-vo.org/, last visited December 19, 2016.
DoD Defense Directive 8500.01 Cybersecurity, http://www.dtic.mil/whs/directives/corres/pdf/850001_2014.pdf
Risk Management Framework (RMF) for DoD Information Technology (IT), http://www.dtic.mil/whs/directives/corres/pdf/851001_2014.pdf, last visited December 19, 2016.
Krotofil, Rocking the pocket book: Hacking chemical plants for competition and extortion,” Hamburg University of Technology, presented at BLACK HAT August 2015. https://www.blackhat.com/docs/us-15/materials/us-15-Krotofil-Rocking-The-Pocket-Book-Hacking-Chemical-Plant-For-Competition-And-Extortion-wp.pdf
J. Dorf, and R. Bishop, Modern Control Systems, 11th Edition, Prentice Hall, Upper Saddle River, NH, 2008.
60 Minutes: Sabotaging the System (CBS), http://www.peabodyawards.com/award-profile/60-minutes-sabotaging-the-system, last visited December 19, 2016.
Cyber-Physical Systems (CPS) Solicitation 17-529, https://www.nsf.gov/funding/pgm_summ.jsp?pims_id=503286, last visited December 19, 2016.
Cyber-Physical Systems, http://cyberphysicalsystems.org/, last visited December 19, 2016.
E. Zivi., “Design of robust shipboard power automation systems,” International Federation of Automatic Controls (IFAC) Annual Reviews in Control, vol. 29, no. 2, 2005, pp. 261– 272, ISSN 1367-5788, DOI: 10.1016/j. arcontrol.2005.08.004 http://www.sciencedirect.com/science/article/B6V0H-4HD8BMV-1/2/a37972b711869c686548e3007980e183, last visited December 19, 2016.
A. Cramer, S. Sudhoff, E. Zivi, “Performance Metrics for Electric Warship Integrated Engineering Plant Battle Damage Response,” IEEE Transactions on Aerospace and Electronic Systems, Volume: 47, Issue: 1, 2011, Pages: 634– 646, DOI: 10.1109/TAES.2011.5705696 [CrossRef]
A. Cramer, S. Sudhoff, E. Zivi, “Metric Optimization-Based Design of Systems Subject to Hostile Disruptions,” IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans, Volume: 41, Issue: 5, 2011, Pages: 989– 1000, DOI: 10.1109/TSMCA.2010.2093887 [CrossRef]
E. Lee, “Cyber Physical Systems: Design Challenges,” International Symposium on Object/ Component/Service-Oriented Real-Time Distributed Computing (ISORC), Orlando, FL, May 6, 2008.
E. Lee, “Cyber-Physical Systems: A Rehash or a New Intellectual Challenge?,” DAC 2013, Austin June 2012, http://ieee-ceda.org/activities/distinguished-speaker-series, last visited December 19, 2016.
K. Sevcik, M. Johnson, “Cycle Time Properties Of The FDDI Token Ring Protocol,” IEEE Transactions On Software Engineering, Vol. SE-13, No. 3, March 1987.
A. Manfredi, P. Read, “Twenty Five Years of Shipboard Control System Networks,” ASNE Automation and Control Symposium, At Biloxi, MS, December 2008.
R. Cheng, D. Kedar, T. McAvoy, “A Nonlinear Dynamic Model of a Vinyl Acetate Process,” Ind. Eng. Chem. Res., 2003, 42 (20), DOI: 10.1021/ie020859k, March 12, 2003, pp 4478– 4487. [CrossRef]
B. Burgett, Process Control, Prentice Hall, Upper Saddle River, NH, 2008, pp 305– 310.
W. Luyben, B. Tyreus “An Industrial Design/Control Study for the Vinyl Acetate Monomer Process,”, Computers Chem. Engineering. Vol. 22, No. 7-8, 1998, pp. 867– 877. [CrossRef]
W. Luyden, “Design and Control of a Modified Vinyl Acetate Monomer Process,” Ind. Eng. Chem. Res., 2011, 50 (17), DOI: 10.1021/ie201131m, August 7, 2011, pp 10136– 10147.
M. Krotofil, “Damn Vulnerable Chemical Process (DVCP),” European Network for Cyber Security (ENCS), Moscow, Russia June 29, 2015.
M. Kritofil, “Rocking the pocket book: Hacking chemical plants for competition and extortion,” White Paper, Black Hat 2015, August 2015, https://www.blackhat.com/docs/us-15/materials/us-15-Krotofil-Rocking-The-Pocket-Book-Hacking-Chemical-Plant-For-Competition-And-Extortion-wp.pdf, last visited December 19, 2016.
DVCP-TE-master.zip from https://github.com/satejnik/DVCP-VAM, last visited December 19, 2016.
CAN in Automation website, https://www.can-cia.org/, last visited December 19, 2016.
CANopen Magic website, http://www.canopenmagic.com/, last visited December 19, 2016.
PEAK-System PCAN-MicroMod Evaluation Kit product webpage, http://www.peak-system.com/PCAN-MicroMod-Evaluation.221.0.html?&L=1, last visited December 19, 2016.
PCAN-MicroMod CANopen User Manual, https://www.peak-system.com/produktcd/Pdf/English/PCAN-MicroMod-CANopenFW_UserMan_eng.pdf, last visited December 19, 2016.
ARM mbed website, www.mbed.org, last visited December 19, 2016.
J. Bradshaw, C Library for mbedWSE project based single board computer for hardware peripherals, https://developer.mbed.org/users/jebradshaw/code/mbedWSEsbc/, last visited December 19, 2016.

Figures

Tables

Table Grahic Jump Location
Table 1 VAc Process Disturbances and Constraints.
Table Grahic Jump Location
Table 2 VAc Process Attacks and Observations.
Table Grahic Jump Location
Table 3 MicroMod Generic I/O Message Definitions [37].

Errata

Discussions

Some tools below are only available to our subscribers or users with an online account.

Related Content

Customize your page view by dragging and repositioning the boxes below.

Related Journal Articles
Related eBook Content
Topic Collections

Sorry! You do not have access to this content. For assistance or to subscribe, please contact us:

  • TELEPHONE: 1-800-843-2763 (Toll-free in the USA)
  • EMAIL: asmedigitalcollection@asme.org
Sign In