A model-based approach for self-adaptive security in CPS : Application to smart grids

Security risk assessment is an important challenge in the design of Cyber Physical Systems (CPS). Even more importantly, the intrinsically dynamical nature of these systems, due to changes in their environment, as well as evolutions in their infrastructures, makes them self-adaptive systems, where security aspects have to be considered in terms of management of detections and reactions for self-protection. In this work, we propose an approach to autonomously mitigate the threats in each reconfiguration at application or infrastructure levels of CPS. We propose and implement a framework for self-adaptive security: software architecture, design method, and integration with model-based decision. We use Attack-Defense Trees for modeling threats, and our approach involves security risk assessment, taking into account its balancing and coordination with quality-of-service aspects. We formulate and formalize the on-line decision problem to be solved at each cycle of the self-adaptation control loop in terms of Constraint Programming (CP) modeling and resolution. The CP model implements a set of constraints that allow to specify secure configurations, evaluated regarding their impact on system performance to pinpoint the most relevant one portraying a good balance between the security and quality of service. We perform validation of our approach with its application to Smart Grids, more particularly to an industrial case study from RTE (the French Energy Transmission company).