Maintaining hierarchical graph views
SODA '00 Proceedings of the eleventh annual ACM-SIAM symposium on Discrete algorithms
Abstract types defined as classes of variables
Proceedings of the 1976 conference on Data : Abstraction, definition and structure
SNDSS '95 Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)
Towards automated network management: network operations using dynamic views
Proceedings of the 2007 SIGCOMM workshop on Internet network management
Extracting Network-Wide Correlated Changes from Longitudinal Configuration Data
PAM '09 Proceedings of the 10th International Conference on Passive and Active Network Measurement
Unraveling the complexity of network management
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Software, Data and Modelling News: CoSBiLab Graph: The network analysis module of CoSBiLab
Environmental Modelling & Software
A systematic approach for evolving VLAN designs
INFOCOM'10 Proceedings of the 29th conference on Information communications
An analysis of network configuration artifacts
LISA'09 Proceedings of the 23rd conference on Large installation system administration
Decentralized trust management
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Using hierarchal change mining to manage network security policy evolution
Hot-ICE'11 Proceedings of the 11th USENIX conference on Hot topics in management of internet, cloud, and enterprise networks and services
The evolution of network configuration: a tale of two campuses
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
A Taxonomy of Cyber Attacks on SCADA Systems
ITHINGSCPSCOM '11 Proceedings of the 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing
Regularization on discrete spaces
PR'05 Proceedings of the 27th DAGM conference on Pattern Recognition
Hi-index | 0.00 |
Our Cyber-Physical Topology Language (CPTL) provides a language that utilities can use to programmatically analyze current and future cyber-physical architectures. The motivation for our research emerged from the importance and limitations of several audit scenarios: account management, vulnerability assessment, and configuration management. Those scenarios occur in the context of the North American Electric Reliability Corporation's Critical Infrastructure Protection (NERC CIP) audits. The NERC CIP standards define security controls by which utilities must be audited. Although the standards were designed to make power control networks less vulnerable to cyber attack and to decrease the chance of outages, the audit process is manual and costly. In order to save utilities and auditors time and money, we used the limitations of those audit scenarios in formally specifying and implementing CPTL, which consists of both a representation of cyber-physical assets and operations upon that representation. First, CPTL uses graph theory to represent a network of cyber-physical assets; we currently implement this representation in GraphML. Second, CPTL defines operations upon that representation. In this paper, we introduce operators to process attributes by expanding and contracting components of a network, and implement these operations using the Boost Graph Library (BGL). In order to demonstrate the potential for CPTL to save auditors and utilities time and money, we provide a detailed example of how CPTL could help with vulnerability assessment and discuss additional applications beyond the audit scenarios mentioned above. We describe current approaches to those scenarios and argue that CPTL improves upon both the state-of-the-art and current practice. In fact, we intend CPTL to enable a broad range of new research on realistic cyber-physical architectures by giving utilities, auditors, managers, and researchers a common language with which to communicate and analyze those architectures.