Many real-time process-control and industrial control systems, such as Supervisory Control and Data Acquisition (SCADA), use a distributed software architecture and rely on trusted message exchanges among software components. This means that components need to be assured that other components do not disrupt the operation of a system when they malfunction or act in a malicious way. This research presents the Trust but Verify (TBV) middleware that promotes the idea that software components should not blindly trust each other. Even when components are mutually authenticated, it is possible that their counterparts are faulty or acting maliciously, persuading the receiver to take harmful actions. The TBV intercepts critical messages between a sender and a receiver to verify the consistency of the messages by validating them against the rules associated with message types; this verification considers the system state, which is updated using a state distribution mechanism based on the gossip protocol. Based on the verification, a message is either delivered to the recipient or passed to the exception handler that might drop it or fix its inconsistent part. The major contributions of this research include (1) the design of the TBV middleware, (2) a proof-of-concept implementation of the TBV on a cyberphysical system (CPS), (3) an implementation of CPS software-based prototype to validate the TBV middleware, (4) an experimental validation of the TBV through several attack scenarios that allow compromised or faulty components to randomly send erroneous messages, and (5) an evaluation of the overhead and performance impact caused by the TBV middleware.

When considering a validation approach for the TBV middleware, the limited accessibility of critical systems such as CPS for validation and testing poses a challenge to researchers who validate their proposed solutions before putting them into production. Many researchers are then left with no choice but to build a prototype system that closely mimics a CPS system in production. However, developing a testbed in the CPS field demands intensive efforts and an understanding of multidisciplinary. Within this context, this research work proposes the following additional contributions: (1) the framework that simplifies the process of developing a testbed for a CPS considering the requirements and practices offered by CPS and modeling and simulation (M&S) literature, (2) a development of a CPS hybrid prototype that provides an environment for learning and evaluating CPS behavior, (3) the testbed prototype resources available to the CPS community.