BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Ashraf Tantawy

Ashraf Tantawy contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Cryptography and Securityeess.SYSystems and ControlArtificial Intelligence

Trust snapshot

Quick read

Trust 15 - UnverifiedVerification L1Unclaimed author
3works
0followers
4topics
3close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

3 published item(s)

preprint2022arXiv

Cyber LOPA: An Integrated Approach for the Design of Dependable and Secure Cyber Physical Systems

Safety risk assessment is an essential process to ensure a dependable Cyber-Physical System (CPS) design. Traditional risk assessment considers only physical failures. For modern CPS, failures caused by cyber attacks are on the rise. The focus of latest research effort is on safety-security lifecycle integration and the expansion of modeling formalisms for risk assessment to incorporate security failures. The interaction between safety and security lifecycles and its impact on the overall system design, as well as the reliability loss resulting from ignoring security failures are some of the overlooked research questions. This paper addresses these research questions by presenting a new safety design method named Cyber Layer Of Protection Analysis (CLOPA) that extends existing LOPA framework to include failures caused by cyber attacks. The proposed method provides a rigorous mathematical formulation that expresses quantitatively the trade-off between designing a highly-reliable versus a highly-secure CPS. We further propose a co-design lifecycle process that integrates the safety and security risk assessment processes. We evaluate the proposed CLOPA approach and the integrated lifecycle on a practical case study of a process reactor controlled by an industrial control testbed, and provide a comparison between the proposed CLOPA and current LOPA risk assessment practice.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

On the Elements of Datasets for Cyber Physical Systems Security

Datasets are essential to apply AI algorithms to Cyber Physical System (CPS) Security. Due to scarcity of real CPS datasets, researchers elected to generate their own datasets using either real or virtualized testbeds. However, unlike other AI domains, a CPS is a complex system with many interfaces that determine its behavior. A dataset that comprises merely a collection of sensor measurements and network traffic may not be sufficient to develop resilient AI defensive or offensive agents. In this paper, we study the \emph{elements} of CPS security datasets required to capture the system behavior and interactions, and propose a dataset architecture that has the potential to enhance the performance of AI algorithms in securing cyber physical systems. The framework includes dataset elements, attack representation, and required dataset features. We compare existing datasets to the proposed architecture to identify the current limitations and discuss the future of CPS dataset generation using testbeds.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Model-Based Risk Assessment for Cyber Physical Systems Security

Traditional techniques for Cyber-Physical Systems (CPS) security design either treat the cyber and physical systems independently, or do not address the specific vulnerabilities of real time embedded controllers and networks used to monitor and control physical processes. In this work, we develop and test an integrated model-based approach for CPS security risk assessment utilizing a CPS testbed with real-world industrial controllers and communication protocols. The testbed monitors and controls an exothermic Continuous Stirred Tank Reactor (CSTR) simulated in real-time. CSTR is a fundamental process unit in many industries, including Oil \& Gas, Petrochemicals, Water treatment, and nuclear industry. In addition, the process is rich in terms of hazardous scenarios that could be triggered by cyber attacks due to the lack of possible mechanical protection. The paper presents an integrated approach to analyze and design the cyber security system for a given CPS where the physical threats are identified first to guide the risk assessment process. A mathematical model is derived for the physical system using a hybrid automaton to enumerate potential hazardous states of the system. The cyber system is then analyzed using network and data flow models to develop the attack scenarios that may lead to the identified hazards. Finally, the attack scenarios are performed on the testbed and observations are obtained on the possible ways to prevent and mitigate the attacks. The insights gained from the experiments result in several key findings, including the expressive power of hybrid automaton in security risk assessment, the hazard development time and its impact on cyber security design, and the tight coupling between the physical and the cyber systems for CPS that requires an integrated design approach to achieve cost-effective and secure designs.

0 citations0 reviewsNo code linkedOpen access