Читать книгу Building an Effective Security Program for Distributed Energy Resources and Systems - Mariana Hentea - Страница 73

The term cyber–physical systems was coined by Helen Gill at the National Science Foundation in the United States in 2006 [CPS 2006]. CPS comprise interacting digital, analog, physical, and human components engineered for function through integrated physics and logic [NIST CPS].

A CPS is an integration of computation with physical processes whose behavior is defined by both cyber and physical parts of the system [Lee 2015a]. The authors argue that it is not sufficient only to separately understand the physical components and the computational components, but we must also understand their interaction. CPS is about the intersection, not the union, of the physical and the cyber [Lee 2010], [Lee 2015a], [Lee 2015b]. The embedded computers and networks monitor and control the physical processes, usually with feedback loops where physical processes affect computations and vice versa. This work [Lee 2015a] provides methodology and techniques for designing CPS. Figure 2.7 is a simple representation of a CPS with the components, computation, communication, and control that interact continuously.

Figure 2.7 Simple cyber‐physical representation.

CPS are heterogeneous blends by nature. They combine computation, communication, and physical dynamics [Lee 2015a]. The authors envision that several CPS applications may be based on a structure to include three main parts:

 First, the physical plant is the physical part of a CPS, not realized with computers or digital networks; it can include mechanical parts, biological or chemical processes and human operators.

 Second, there are one or more computational platforms, which consist of sensors, actuators, one or more computers, and (possibly) one or more operating systems (OS).

 Third, there is a network fabric, which provides the mechanisms for the computers to communicate; the platforms and the network fabric form the cyber part of the CPS.

A more detailed and current definition of CPS is provided by NIST [NIST SP1500‐201]:

Cyber–physical systems integrate computation, communication, sensing, and actuation with physical systems to fulfill time‐sensitive functions with varying degrees of interaction with the environment, including human interaction.

A CPS conceptual model is shown in Figure 2.8. This CPS representation highlights the potential interactions of devices and systems in a system of systems (SoS) (e.g. a CPS infrastructure).

Figure 2.8 NIST CPS conceptual model.

Source: [NIST SP1500‐201]. Public Domain.

As shown in Figure 2.8, CPS may be as simple as an individual device (a device that has an element of computation and interacts with the physical world through sensing and actuation), or a CPS can consist of one or more cyber–physical devices that form a system or can be an SoS, consisting of multiple systems that consist of multiple devices. This pattern is recursive and depends on one's perspective (e.g. a device from one perspective may be a system from another perspective). Ultimately, a CPS must contain the decision flow together with at least one of the flows for information or action. The information flow represents digitally the measurement of the physical state of the physical world, while the action flow impacts the physical state of the physical world. This allows for collaborations from small and medium scale up to city/nation/world scale.

The scope of CPS is very broad by nature; there are large number and variety of domains, services, applications, and devices. Also, CPS controls have a variety of levels of complexity ranging from automatic to autonomic. CPS go beyond conventional product, system, and application design traditionally conducted in the absence of significant or pervasive interconnectedness. There are many differences that characterize CPS from traditional systems. Examples of characteristics are listed in Table 2.1.

Table 2.1 CPS characteristics.

Source: Adapted from [NIST SP1500‐201].

Characteristic	Description	Remarks
Cyber and physical	Combination of cyber and physical components
Connectedness	Generally involves sensing, computation and actuation	Involves combination of IT and OT with associated timing constraints
System of systems (SoS)	May bridge multiple purposes and time and data domains	Different time domains may reference different time scales or have different granularities or accuracies Time scale: a system of unambiguous ordering of events
Emergent behaviors	Open nature of CPS composition	Understanding a behavior that cannot be reduced to a single CPS subsystem, but comes about through the interaction of possibly many CPS subsystems
Methodology	A methodology needed to ensuring interoperability, managing evolution, and dealing with emergent effects	Example: NIST 1500‐201 framework
Repurposed	Other purpose use beyond applications that were their basis of design
Application enabler	Enabling cross‐domain applications
Trustworthiness concern	Potential impact on the physical world	Urgent need for emphasis on security, privacy, safety, reliability, resilience, and assurance for pervasive interconnected devices and infrastructures
Broad range of platform and algorithm complexity	Accommodate a variety of computational models
Variety of modes of communication	From stand‐alone systems to highly networked systems	May use legacy protocols or anything up to more object exchange protocols
Heterogeneity	Wide range of heterogeneous devices (sensors, controllers, control schemes, input sources, platforms, etc.)	Complexity associated with the sensing and control loop(s) with feedback that are central to CPS must be well addressed in any design
Co‐design	Design of the hardware and the software jointly to inform tradeoffs between the cyber and physical components of the system
Typically a time‐sensitive component	Timing is a central architectural concern	A bound may be required on a time interval, e.g. the latency between when a sensor measurement event occurred and the time at which the data was made available to the CPS
Interaction with the operating environment	CPS measure and sense and then calculate and act upon their environment, typically changing one or more of the observed properties (thus providing closed‐loop control)
Typically a human environment	CPS environment typically includes humans and humans function	Architecture must support a variety of modes of human interaction: human as CPS controller or partner in control; human as CPS user; human as the consumer of CPS output; and human as the direct object of CPS to be measured and acted upon

The CPS will provide the foundation of our critical infrastructure, form the basis of emerging and future smart services, and improve our quality of life in many areas [NIST CPS].