Cover -- Title Page -- Copyright -- Contents -- List of Contributors -- Foreword -- Preface -- Acknowledgments -- Chapter 1 Overview of Security and Privacy in Cyber-Physical Systems -- 1.1 Introduction -- 1.2 Defining Security and Privacy -- 1.2.1 Cybersecurity and Privacy -- 1.2.2 Physical Security and Privacy -- 1.3 Defining Cyber-Physical Systems -- 1.3.1 Infrastructural CPSs -- 1.3.1.1 Example: Electric Power -- 1.3.2 Personal CPSs -- 1.3.2.1 Example: Smart Appliances -- 1.3.3 Security and Privacy in CPSs -- 1.4 Examples of Security and Privacy in Action -- 1.4.1 Security in Cyber-Physical Systems -- 1.4.1.1 Protecting Critical Infrastructure from Blended Threat -- 1.4.1.2 Cyber-Physical Terrorism -- 1.4.1.3 Smart Car Hacking -- 1.4.1.4 Port Attack -- 1.4.2 Privacy in Cyber-Physical Systems -- 1.4.2.1 Wearables -- 1.4.2.2 Appliances -- 1.4.2.3 Motivating Sharing -- 1.4.3 Blending Information and Physical Security and Privacy -- 1.5 Approaches to Secure Cyber-Physical Systems -- 1.5.1 Least Privilege -- 1.5.2 Need-to-Know -- 1.5.3 Segmentation -- 1.5.4 Defensive Dimensionality -- 1.5.4.1 Defense-in-Depth -- 1.5.4.2 Defense-in-Breadth -- 1.5.5 User-Configurable Data Collection/Logging -- 1.5.6 Pattern Obfuscation -- 1.5.7 End-to-End Security -- 1.5.8 Tamper Detection/Security -- 1.6 Ongoing Security and Privacy Challenges for CPSs -- 1.6.1 Complexity of Privacy Regulations -- 1.6.2 Managing and Incorporating Legacy Systems -- 1.6.3 Distributed Identity and Authentication Management -- 1.6.4 Modeling Distributed CPSs -- 1.7 Conclusion -- References -- Chapter 2 Network Security and Privacy for Cyber-Physical Systems -- 2.1 Introduction -- 2.2 Security and Privacy Issues in CPSs -- 2.2.1 CPS Reference Model -- 2.2.1.1 Device Level -- 2.2.1.2 Control/Enterprise Level -- 2.2.1.3 Cloud Level -- 2.2.2 CPS Evolution.

2.2.3 Security and Privacy Threats in CPSs -- 2.3 Local Network Security for CPSs -- 2.3.1 Secure Device Bootstrapping -- 2.3.1.1 Initial Key Exchange -- 2.3.1.2 Device Life Cycle -- 2.3.2 Secure Local Communication -- 2.3.2.1 Physical Layer -- 2.3.2.2 Medium Access -- 2.3.2.3 Network Layer -- 2.3.2.4 Secure Local Forwarding for Internet-Connected CPSs -- 2.4 Internet-Wide Secure Communication -- 2.4.1 Security Challenges for Internet-Connected CPS -- 2.4.2 Tailoring End-to-End Security to CPS -- 2.4.3 Handling Resource Heterogeneity -- 2.4.3.1 Reasonable Retransmission Mechanisms -- 2.4.3.2 Denial-of-Service Protection -- 2.5 Security and Privacy for Cloud-Interconnected CPSs -- 2.5.1 Securely Storing CPS Data in the Cloud -- 2.5.1.1 Protection of CPS Data -- 2.5.1.2 Access Control -- 2.5.2 Securely Processing CPS Data in the Cloud -- 2.5.3 Privacy for Cloud-Based CPSs -- 2.6 Summary -- 2.7 Conclusion and Outlook -- Acknowledgments -- References -- Chapter 3 Tutorial on Information Theoretic Metrics Quantifying Privacy in Cyber-Physical Systems -- 3.1 Social Perspective and Motivation -- 3.1.1 Motivation -- 3.1.2 Scenario -- 3.2 Information Theoretic Privacy Measures -- 3.2.1 Information Theoretic Foundations -- 3.2.2 Surprise and Specific Information -- 3.3 Privacy Models and Protection -- 3.3.1 k-Anonymity -- 3.4 Smart City Scenario: System Perspective -- 3.4.1 Attack without Anonymization -- 3.4.2 Attack with Anonymization of the ZIP -- 3.4.3 Attack with Anonymization of the Bluetooth ID -- 3.5 Conclusion and Outlook -- Appendix A Derivation of the Mutual Information Based on the KLD -- Appendix B Derivation of the Mutual Information In Terms of Entropy -- Appendix C Derivation of the Mutual Information Conditioned on x -- Appendix D Proof of Corollary 3.1 -- References -- Chapter 4 Cyber-Physical Systems and National Security Concerns.

4.1 Introduction -- 4.2 National Security Concerns Arising from Cyber-Physical Systems -- 4.2.1 Stuxnet -- 4.2.2 German Steel Mill -- 4.2.3 Future Attacks -- 4.3 National Security Implications of Attacks on Cyber-Physical Systems -- 4.3.1 Was the Cyber-Attack a "Use of Force" That Violates International Law? -- 4.3.2 If the Attack Was a Use of Force, Was That Force Attributable to a State? -- 4.3.3 Did the Use of Force Constitute an "Armed Attack" That Entitles the Target to Self-Defense? -- 4.3.4 If the Use of Force Was an Armed Attack, What Types of Self-Defense Are Justified? -- 4.4 Conclusion -- References -- Chapter 5 Legal Considerations of Cyber-Physical Systems and the Internet of Things -- 5.1 Introduction -- 5.2 Privacy and Technology in Recent History -- 5.3 The Current State of Privacy Law -- 5.3.1 Privacy -- 5.3.2 Legal Background -- 5.3.3 Safety -- 5.3.4 Regulatory -- 5.3.4.1 Executive Branch Agencies -- 5.3.4.2 The Federal Trade Commission -- 5.3.4.3 The Federal Communications Commission -- 5.3.4.4 National Highway and Traffic Safety Administration -- 5.3.4.5 Food and Drug Administration -- 5.3.4.6 Federal Aviation Administration -- 5.4 Meeting Future Challenges -- References -- Chapter 6 Key Management in CPSs -- 6.1 Introduction -- 6.2 Key Management Security Goals and Threat Model -- 6.2.1 CPS Architecture -- 6.2.2 Threats and Attacks -- 6.2.3 Security Goals -- 6.3 CPS Key Management Design Principles -- 6.3.1 Heterogeneity -- 6.3.2 Real-Time Availability -- 6.3.3 Resilience to Attacks -- 6.3.4 Interoperability -- 6.3.5 Survivability -- 6.4 CPS Key Management -- 6.4.1 Dynamic versus Static -- 6.4.2 Public Key versus Symmetric Key -- 6.4.2.1 Public Key Cryptography -- 6.4.2.2 Symmetric Key Cryptography -- 6.4.3 Centralized versus Distributed -- 6.4.4 Deterministic versus Probabilistic -- 6.4.5 Standard versus Proprietary.

6.4.6 Key Distribution versus Key Revocation -- 6.4.7 Key Management for SCADA Systems -- 6.5 CPS Key Management Challenges and Open Research Issues -- 6.6 Summary -- References -- Chapter 7 Secure Registration and Remote Attestation of IoT Devices Joining the Cloud: The Stack4Things Case of Study -- 7.1 Introduction -- 7.2 Background -- 7.2.1 Cloud Integration with IoT -- 7.2.2 Security and Privacy in Cloud and IoT -- 7.2.3 Technologies -- 7.2.3.1 Hardware -- 7.2.3.2 Web Connectivity -- 7.2.3.3 Cloud -- 7.3 Reference Scenario and Motivation -- 7.4 Stack4Things Architecture -- 7.4.1 Board Side -- 7.4.2 Cloud-Side - Control and Actuation -- 7.4.3 Cloud-Side - Sensing Data Collection -- 7.5 Capabilities for Making IoT Devices Secure Over the Cloud -- 7.5.1 Trusted Computing -- 7.5.2 Security Keys, Cryptographic Algorithms, and Hidden IDs -- 7.5.3 Arduino YUN Security Extensions -- 7.6 Adding Security Capabilities to Stack4Things -- 7.6.1 Board-Side Security Extension -- 7.6.2 Cloud-Side Security Extension -- 7.6.3 Security Services in Stack4Things -- 7.6.3.1 Secure Registration of IoT Devices Joining the Cloud -- 7.6.3.2 Remote Attestation of IoT Devices -- 7.7 Conclusion -- References -- Chapter 8 Context Awareness for Adaptive Access Control Management in IoT Environments -- 8.1 Introduction -- 8.2 Security Challenges in IoT Environments -- 8.2.1 Heterogeneity and Resource Constraints -- 8.2.2 IoT Size and Dynamicity -- 8.3 Surveying Access Control Models and Solutions for IoT -- 8.3.1 Novel Access Control Requirements -- 8.3.2 Access Control Models for the IoT -- 8.3.3 State-of-the-Art Access Control Solutions -- 8.4 Access Control Adaptation: Motivations and Design Guidelines -- 8.4.1 Semantic Context-Aware Policies for Access Control Adaptation -- 8.4.2 Adaptation Enforcement Issues.

8.5 Our Adaptive Context-Aware Access Control Solution for Smart Objects -- 8.5.1 The Proteus Model -- 8.5.2 Adapting the General Proteus Model for the IoT -- 8.5.2.1 The Proteus Architecture for the IoT -- 8.5.2.2 Implementation and Deployment Issues -- 8.6 Open Technical Challenges and Concluding Remarks -- References -- Chapter 9 Data Privacy Issues in Distributed Security Monitoring Systems -- 9.1 Information Security in Distributed Data Collection Systems -- 9.2 Technical Approaches for Assuring Information Security -- 9.2.1 Trading Security for Cost -- 9.2.2 Confidentiality: Keeping Data Private -- 9.2.3 Integrity: Preventing Data Tampering and Repudiation -- 9.2.4 Minimality: Reducing Data Attack Surfaces -- 9.2.5 Anonymity: Separating Owner from Data -- 9.2.6 Authentication: Verifying User Privileges for Access to Data -- 9.3 Approaches for Building Trust in Data Collection Systems -- 9.3.1 Transparency -- 9.3.2 Data Ownership and Usage Policies -- 9.3.3 Data Security Controls -- 9.3.4 Data Retention and Destruction Policies -- 9.3.5 Managing Data-loss Liability -- 9.3.6 Privacy Policies and Consent -- 9.4 Conclusion -- References -- Chapter 10 Privacy Protection for Cloud-Based Robotic Networks -- 10.1 Introduction -- 10.2 Cloud Robot Network: Use Case, Challenges, and Security Requirements -- 10.2.1 Use Case -- 10.2.2 Security Threats and Challenges -- 10.2.3 Security Requirements -- 10.3 Establishment of Cloud Robot Networks -- 10.3.1 Cloud Robot Network as a Community -- 10.3.2 A Policy-Based Establishment of Cloud Robot Networks -- 10.3.3 Doctrine: A Community Specification -- 10.3.3.1 Attribute Types and User-Attribute Assignment (UAA) Policies -- 10.3.3.2 Authorization and Obligation Policies -- 10.3.3.3 Constraints Specification -- 10.3.3.4 Trusted Key Specification -- 10.3.3.5 Preferences Specification.

10.3.3.6 Authentication in Cloud Robot Community.

Description based on publisher supplied metadata and other sources.

Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2025. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.

Licensed e-book