Enforcement of opacity security properties for ship information system
In this paper, we consider the cybersecurity issue of ship information system (SIS) from a new perspective which is called opacity. For a SIS, its confidential information (named as “secret”) may be leaked through the working behaviors of each Distributed Control Unit (DCU) from an outside observer...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Elsevier
2016-09-01
|
Series: | International Journal of Naval Architecture and Ocean Engineering |
Subjects: | |
Online Access: | http://www.sciencedirect.com/science/article/pii/S2092678215300431 |
_version_ | 1811192353760739328 |
---|---|
author | Bowen Xing Jin Dai Sheng Liu |
author_facet | Bowen Xing Jin Dai Sheng Liu |
author_sort | Bowen Xing |
collection | DOAJ |
description | In this paper, we consider the cybersecurity issue of ship information system (SIS) from a new perspective which is called opacity. For a SIS, its confidential information (named as “secret”) may be leaked through the working behaviors of each Distributed Control Unit (DCU) from an outside observer called an “intruder” which is able to determine ship's mission state by detecting the source of each data flow from the corresponding DCUs in SIS. Therefore we proposed a dual layer mechanism to enforce opacity by activating non-essential DCU during secret mission. This mechanism is calculated by two types of insertion functions: Safety-assured insertion function (fIS) and Admissibility-assured insertion function (fIA). Due to different objectives, fIS is designed to confuse intruder by constructing a non-secret behaviors from a unsafe one, and the division of fIA is to polish the modified output behaviors back to normal. We define the property of “I2–Enforceability” that dual layer insertion functions has the ability to enforce opacity. By a given mission map of SIS and the marked secret missions, we propose an algorithm to select fIS and compute its matchable fIA and then the DCUs which should be activated to release non-essential data flow in each step is calculable. |
first_indexed | 2024-04-11T23:51:16Z |
format | Article |
id | doaj.art-a5079a55fc8d45269f94627c7bb48223 |
institution | Directory Open Access Journal |
issn | 2092-6782 |
language | English |
last_indexed | 2024-04-11T23:51:16Z |
publishDate | 2016-09-01 |
publisher | Elsevier |
record_format | Article |
series | International Journal of Naval Architecture and Ocean Engineering |
spelling | doaj.art-a5079a55fc8d45269f94627c7bb482232022-12-22T03:56:29ZengElsevierInternational Journal of Naval Architecture and Ocean Engineering2092-67822016-09-018542343310.1016/j.ijnaoe.2016.05.012Enforcement of opacity security properties for ship information systemBowen Xing0Jin Dai1Sheng Liu2College of Engineering Science and Technology, Shanghai Ocean University, Shanghai, 201306, ChinaDepartment of Electrical Engineering, University of Notre Dame, Notre Dame, IN 46556, USACollege of Automation, Harbin Engineering University, Harbin, Heilongjiang, 150001, ChinaIn this paper, we consider the cybersecurity issue of ship information system (SIS) from a new perspective which is called opacity. For a SIS, its confidential information (named as “secret”) may be leaked through the working behaviors of each Distributed Control Unit (DCU) from an outside observer called an “intruder” which is able to determine ship's mission state by detecting the source of each data flow from the corresponding DCUs in SIS. Therefore we proposed a dual layer mechanism to enforce opacity by activating non-essential DCU during secret mission. This mechanism is calculated by two types of insertion functions: Safety-assured insertion function (fIS) and Admissibility-assured insertion function (fIA). Due to different objectives, fIS is designed to confuse intruder by constructing a non-secret behaviors from a unsafe one, and the division of fIA is to polish the modified output behaviors back to normal. We define the property of “I2–Enforceability” that dual layer insertion functions has the ability to enforce opacity. By a given mission map of SIS and the marked secret missions, we propose an algorithm to select fIS and compute its matchable fIA and then the DCUs which should be activated to release non-essential data flow in each step is calculable.http://www.sciencedirect.com/science/article/pii/S2092678215300431Ship information systemEnforcing opacityInsertion function |
spellingShingle | Bowen Xing Jin Dai Sheng Liu Enforcement of opacity security properties for ship information system International Journal of Naval Architecture and Ocean Engineering Ship information system Enforcing opacity Insertion function |
title | Enforcement of opacity security properties for ship information system |
title_full | Enforcement of opacity security properties for ship information system |
title_fullStr | Enforcement of opacity security properties for ship information system |
title_full_unstemmed | Enforcement of opacity security properties for ship information system |
title_short | Enforcement of opacity security properties for ship information system |
title_sort | enforcement of opacity security properties for ship information system |
topic | Ship information system Enforcing opacity Insertion function |
url | http://www.sciencedirect.com/science/article/pii/S2092678215300431 |
work_keys_str_mv | AT bowenxing enforcementofopacitysecuritypropertiesforshipinformationsystem AT jindai enforcementofopacitysecuritypropertiesforshipinformationsystem AT shengliu enforcementofopacitysecuritypropertiesforshipinformationsystem |