New perspectives on modeling and simulationFrom traditional modeling to the simulation of connected cyber physical systems

September 2017Airbus Cyber Innovation Day 2017 -- Stephan Marwedel

Airbus Cyber Innovation Day 2017Stephan Marwedel

EIDI2

© AIRBUS Operations GmbH. Alle Rechte vorbehalten. Vertrauliches und geschütztes Dokument.

Modeling and simulation

September 2017Airbus Cyber Innovation Day 2017 -- Stephan Marwedel

Modeling is defined as the process to organize and structure

knowledge about a given system*

* B. Zeigler

Simulation is defined as an experiment that is made using a model**

** G. Korn and J. Wait

Input Output System Category

Known Unknown Known Direct problem

Known Known Unknown System identification or state estimation

Unknown Known Known Control problem

SystemOutputInput

Internal variables

Page 2

© AIRBUS Operations GmbH. Alle Rechte vorbehalten. Vertrauliches und geschütztes Dokument.

Cyber-physical systems (CPS)

September 2017Airbus Cyber Innovation Day 2017 -- Stephan Marwedel

SystemOutputInput

Internal variables

CyberCommunication network fabric

Digital computer platform

Digital computer platform

• Digital data processing

and communication

• Algorithmic computations

• Cyber security

Physical

Physical plant

Input Output• Complex physical dynamics• Calculus and stochastic processes• Safety

Page 3

© AIRBUS Operations GmbH. Alle Rechte vorbehalten. Vertrauliches und geschütztes Dokument.

The purpose of modeling & simulation in science and engineering

September 2017Airbus Cyber Innovation Day 2017 -- Stephan Marwedel

• How well does the behavior of a model

match that of a physical system?

• Can a model be created that matches

the behavior of a given cyber-physical

system with high fidelity?

Science

• How well does a physical system match

the behavior of a model previously

designed?

• Can a cyber-physical system be build

whose behavior matches that of a

model?

Engineering Model

System

Page 4

© AIRBUS Operations GmbH. Alle Rechte vorbehalten. Vertrauliches und geschütztes Dokument.

Traditional system design tasks

September 2017Airbus Cyber Innovation Day 2017 -- Stephan Marwedel

Sys

tem

de

sig

n

Functions

Regulate mass flow

Open and close

Control and monitor

Components

Valve

DC motor

ECU

System architecture

Valve

DC motor

Regulate mass flow

Open and close

Control and monitor

ECU

Re

lia

bil

ity a

na

lys

is Componentproperties

Failure mechanisms

Failure modes

Probability of failure

System failures

Loss of mass flow regulation

Loss of massflow regulation

Valve stuck open

No torque on motor axis

Erroneouscommand

Mass flow toolow

Reliability model

C1 C2

C5C4

C3

S1 S2 S3

l1 l2

m1 m2

b2b1

De

sig

n v

ali

da

tio

n Correctness

Compliant with all known functional

and non-functional

requirements that formed the basis

of the design

Completeness

Does not incur a set of unidentified

requirements

Emergent behavior

Does not exhibit unwanted emergent behavior

Validated system design

Page 5

© AIRBUS Operations GmbH. Alle Rechte vorbehalten. Vertrauliches und geschütztes Dokument.

Cyber-physical system design tasks

September 2017Airbus Cyber Innovation Day 2017 -- Stephan Marwedel

Secure and reliable system architecture

Components

Monitoring equipment

Nominal functions

Monitoring functions

Security functions

Security components

Security risk analysis

Impacts and assets

Threat scenarios

Security measures

Reliability analysis

Failure mode

Failure mechanism

Probability of failure

System design

Functions

Components

Architecture

Security objective Security function(s) Security component

Confidentiality ▪ Encryption

▪ Authentication

▪ XTS-AES

▪ EAP-TTLS

Integrity ▪ Input validation

▪ Authentication

▪ Dedicated FPGA/ASIC

▪ 802.1x

Availability ▪ Packet filter

▪ Rate limiter

▪ OpenBSD pf, Linux iptables

▪ QoS queueing

Page 6

© AIRBUS Operations GmbH. Alle Rechte vorbehalten. Vertrauliches und geschütztes Dokument.

Modeling and simulation principles in cyber-physical system design

September 2017Airbus Cyber Innovation Day 2017 -- Stephan Marwedel

Simulation

Analysis

Page 7

© AIRBUS Operations GmbH. Alle Rechte vorbehalten. Vertrauliches und geschütztes Dokument.

Channel utilization

Cyber-physical system modeling example

September 2017Airbus Cyber Innovation Day 2017 -- Stephan Marwedel

Normal

network

behavior

Denial of

service (DoS)

attack

Spoofing

attack

Input signal

Output signal

Packet capture

Page 8

© AIRBUS Operations GmbH. Alle Rechte vorbehalten. Vertrauliches und geschütztes Dokument.

September 2017Airbus Cyber Innovation Day 2017 -- Stephan Marwedel

© AIRBUS Operations GmbH. Alle Rechte vorbehalten. Vertrauliches und geschütztes Dokument. Dieses Dokument und alle darin enthaltenen Informationen sind das alleinige Eigentum von AIRBUS Operations GmbH. Die Zustellung dieses Dokumentes

oder die Offenlegung seines Inhalts begründen keine Rechte am geistigen Eigentum. Dieses Dokument darf ohne die ausdrückliche schriftliche Genehmigung von AIRBUS Operations GmbH nicht vervielfältigt oder einem Dritten gegenüber enthüllt

werden. Dieses Dokument und sein Inhalt dürfen nur zu bestimmungsgemäßen Zwecken verwendet werden. Die in diesem Dokument gemachten Aussagen stellen kein Angebot dar. Sie wurden auf der Grundlage der aufgeführten Annahmen und in

gutem Glauben gemacht. Wenn die zugehörigen Begründungen für diese Aussagen nicht angegeben sind, ist AIRBUS Operations GmbH gern bereit, deren Grundlage zu erläutern.

AIRBUS, das Airbus-Logo, A300, A310, A318, A319, A320, A321, A330, A340, A350, A380 und A400M sind eingetragene Marken.

Fragen?

?שאלות

Questions?

Perguntas?

Frågor?

Stephan MarwedelExpert in Information and Software Technology

Modeling and Simulation Specialist

Airbus Engineering – Cyber Security

Kreetslag 10, 21129 Hamburg – Germany

E-Mail: stephan.marwedel@airbus.com

Phone: +4940-743-85635

Page 9