Security and Privacy in Cyber-Physical Systems

Abstract Cyber-physical systems (CPSs) are used across domains to enable process optimization and previously unachievable functionality. The combination of networked digital systems and analog physical processes creates unique characteristics that change how security theory is applied. Neither cyber nor physical security concepts alone can protect CPS because the cross-over effects can introduce unexpected vulnerabilities. Physical attacks may damage or compromise information being processed by the device, while cyber attacks may cause physical malfunctions resulting in real-world consequences. Therefore, security and privacy are key concerns for CPS design, development, and operation. In this chapter, we discuss how CPS security and privacy differ from that of pure cyber or physical systems and what may be done to secure these systems. Our goal is to help designers of emerging CPS to build more secure, privacy-enhanced products in the future.