1.1 Introduction

Cyber-physical systems (CPSs) are broadly used across technology and industrial domains to enable process optimization and previously unachievable functionality. However, CPSs have been key targets in some of the most highly publicized security breaches over the last decade. Neither cyber- nor physical-security concepts alone can protect CPSs because the complex interdependencies and crossover effects can introduce unexpected vulnerabilities: Physical attacks may damage or compromise the information system on the device, and cyber-attacks can cause physical malfunctions. Because of the many critical applications where CPSs are employed, either kind of attack can result in dire real-world consequences. As a result, security and privacy must be key concerns for CPS design, development, and operation.

In this chapter, we discuss CPSs from a security perspective. We explain classical information and physical-security fundamentals in the context of CPSs deployed across application domains. We give examples where the interplay of functionality and diverse communication can introduce unexpected vulnerabilities and produce larger impacts. We discuss how ...