Constructing cyber-physical system testing suites using active sensor fuzzing

Constructing cyber-physical system testing suites using active sensor fuzzing

Cyber-physical systems (CPSs) automating critical public infrastructure face a pervasive threat of attack, motivating research into different types of countermeasures. Assessing the effectiveness of these countermeasures is challenging, however, as benchmarks are difficult to construct manually, exi...

Full description

Saved in:
Bibliographic Details
Main Authors: ZHANG, Fan., WU, Qianmei., XUAN, Bohan., CHEN, Yuqi., LIN, Wei., POSKITT, Christopher M., SUN, Jun, CHEN, Binbin.
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2023
Subjects:
Cyber-physical systems
fuzzing
testing
machine learning
metaheuristic optimisation
Software Engineering
Online Access:https://ink.library.smu.edu.sg/sis_research/8279
https://ink.library.smu.edu.sg/context/sis_research/article/9282/viewcontent/TSE3309330.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:Cyber-physical systems (CPSs) automating critical public infrastructure face a pervasive threat of attack, motivating research into different types of countermeasures. Assessing the effectiveness of these countermeasures is challenging, however, as benchmarks are difficult to construct manually, existing automated testing solutions often make unrealistic assumptions, and blindly fuzzing is ineffective at finding attacks due to the enormous search spaces and resource requirements. In this work, we propose active sensor fuzzing , a fully automated approach for building test suites without requiring any a prior knowledge about a CPS. Our approach employs active learning techniques. Applied to a real-world water treatment system, our approach manages to find attacks that drive the system into 15 different unsafe states involving water flow, pressure, and tank levels, including nine that were not covered by an established attack benchmark. Furthermore, we successfully generate targeted multi-point attacks which have been long suspected to be possible. We reveal that active sensor fuzzing successfully extends the attack benchmarks generated by our previous work, an ML-guided fuzzing tool, with two more kinds of attacks. Finally, we investigate the impact of active learning on models and the reason that the model trained with active learning is able to discover more attacks.

Similar Items