This month, the European project COSSIM ends. The project has met very satisfactorily the technological challenges envisaged with the provision of a novel Cyber-Physical Systems (CPS) simulation framework. The COSSIM Framework allows CPS designers to simulate both the networking and processing parts of such complex systems. Moreover, the COSSIM Framework addresses security models and methodologies for the first time, which makes it completely novel. In fact, the COSSIM Security module is a set of tools which make the security evaluation of a CPS easier and more efficient.
During the last year of the project, the COSSIM Framework and the COSSIM Security module have been extensibility validated by end-users. Their positive feedback confirms it as a useful tool for testing complete CPS systems in a holistic manner involving processing, network, power and security analyses. Such validation process has been performed through three representative and complex industrial test cases:
- Mobile Visual Search (MVS), a Content Based Image Recognition (CBIR) application able to retrieve information of a query image comparing it against a large image database.
- Building Management System (BMS), which is deployed at the Tecnalia’s KUBIK building. This application performs complex energy simulations using environmental sensor measurements and building modelling data that consider the influence of the thermal inertia of a structure.
- Multi-user Virtual Reality (VR), an application that involves technologies such as cloud computing, High Performance Computer (HPC) clusters and datacentres. In this case, the aim was to demonstrate the usefulness of the COSSIM Framework outside the CPS domain.
Therefore, firstly, a co-simulation technique was implemented in the MVS application. An external ARM component was interfaced with the COSSIM Framework to perform some heavily computational tasks natively instead of inside the simulator. Additionally, the COSSIM Security module was also used to perform fuzz tests to analyse the robustness of the MVS application in case of corrupted image descriptors.
Secondly, the behaviour of the BMS under Denial-of-Service (DoS) and active Man-in-The-Middle (MitM) attacks was evaluated. This experience proved the valuable support of the Metrics Management tool to help end-users assure Integrity of CPSs. The experience has proved that, in case of wireless communications, the best suitable security metrics to perform the assessment are the Received Signal Strength (RSS) and Location Awareness. The efficiency of these security metrics lies in physical properties that are hard to forge arbitrarily and, therefore, can be applied to detect MitM attacks.
Finally, in the case of VR, two scenarios were compared: Server-side streaming (to perform rendering on a cloud server that sends frames to clients) and Client-side rendering (to perform the rendering on clients). In this case, the COSSIM simulator indicated the correct trends and scalability challenges in both scenarios where performances and latencies are key factors.
To sum-up, it can be concluded that the initial objectives of the COSSIM project have been successfully met. Furthermore, the reliability of a CPS can be improved since its CIA (Confidentiality, Integrity and Availability) properties can be analysed under different circumstances such as Denial-of-Service (DoS), Man-in-The-Middle (MiTM) and Side Channel attacks. Finally, a new user interface and configuration module facilitate and speed up the design and the porting of new scenarios and use cases in an intuitive and user-friendly way.