• adaptive security;
  • cyber security;
  • system–aware cyber security;
  • model–based data–consistency checking;
  • cyber security architecture;
  • cyber security for physical systems


As exemplified in the 2010 Stuxnet attack on Iranian nuclear facilities, cyber attackers have capabilities to embed disruptive infections into equipment that is employed within physical systems. This paper presents a cyber security design approach that addresses cyber attacks that include modification of operator displays used for support in managing software controlled automated systems. This class of problems is especially important because our nation's critical infrastructures include such systems. In addition, many other systems, such as surveillance systems, navigation systems, and communications systems, are candidates for such solutions as they continue to become more and more automated. The suggested design approach builds upon fault–tolerant and automatic control system techniques that, with important and necessary modifications, are the basis for providing improved cyber security. In particular, the appropriate combination of diversely redundant security designs coupled with system dynamics models and state estimation techniques provide a potential means for detecting purposeful adjustments to operator displays. This paper provides a theoretical approach for designing such solutions and a corresponding set of examples with simulation–based results. In addition, the paper includes a discussion of important implementation requirements for greater assurance of such physical system security solutions. © 2013 Wiley Periodicals, Inc. Syst Eng 16