{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:16:01Z","timestamp":1750220161868,"version":"3.41.0"},"reference-count":73,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2022,7,31]],"date-time":"2022-07-31T00:00:00Z","timestamp":1659225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Cyber-Phys. Syst."],"published-print":{"date-parts":[[2022,7,31]]},"abstract":"\n Our work focuses on modeling the security of systems from their component-level designs. Towards this goal, we develop a\n categorical<\/jats:italic>\n formalism to model attacker actions. Equipping the categorical formalism with algebras produces two interesting results for security modeling. First, using the Yoneda lemma, we can model attacker reconnaissance missions. In this context, the Yoneda lemma shows us that if two system representations, one being complete and the other being the attacker\u2019s incomplete view, agree at every possible test, they behave the same. The implication is that attackers can still successfully exploit the system even with incomplete information. Second, we model the potential changes to the system via an exploit. An exploit either manipulate the interactions between system components, such as providing the wrong values to a sensor, or changes the components themselves, such as controlling a global positioning system (GPS). One additional benefit of using category theory is that mathematical operations can be represented as formal diagrams, helpful in applying this analysis in a model-based design setting. We illustrate this modeling framework using an unmanned aerial vehicle (UAV) cyber-physical system model. We demonstrate and model two types of attacks (1) a rewiring attack, which violates data integrity, and (2) a rewriting attack, which violates availability.\n <\/jats:p>","DOI":"10.1145\/3531063","type":"journal-article","created":{"date-parts":[[2022,5,5]],"date-time":"2022-05-05T11:52:06Z","timestamp":1651751526000},"page":"1-27","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Yoneda Hacking: The Algebra of Attacker Actions"],"prefix":"10.1145","volume":"6","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4992-0193","authenticated-orcid":false,"given":"Georgios","family":"Bakirtzis","sequence":"first","affiliation":[{"name":"The University of Texas at Austin, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7792-1375","authenticated-orcid":false,"given":"Fabrizio","family":"Genovese","sequence":"additional","affiliation":[{"name":"University of Pisa, Pisa PI, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6335-471X","authenticated-orcid":false,"given":"Cody H.","family":"Fleming","sequence":"additional","affiliation":[{"name":"Iowa State University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2022,9,7]]},"reference":[{"key":"e_1_3_3_2_2","doi-asserted-by":"publisher","DOI":"10.5555\/2685860"},{"key":"e_1_3_3_3_2","doi-asserted-by":"publisher","DOI":"10.1016\/B978-0-444-52869-8.50010-4"},{"key":"e_1_3_3_4_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSMC.2019.2915940"},{"key":"e_1_3_3_5_2","volume-title":"A Categorical Theory of Hybrid Systems","author":"Ames A. D.","year":"2006","unstructured":"A. D. Ames. 2006. A Categorical Theory of Hybrid Systems. Ph.D. Dissertation. University of California, Berkeley."},{"key":"e_1_3_3_6_2","doi-asserted-by":"publisher","DOI":"10.1109\/MOBISECSERV.2017.7886562"},{"key":"e_1_3_3_7_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2004.2"},{"key":"e_1_3_3_8_2","doi-asserted-by":"publisher","DOI":"10.1017\/S0960129520000043"},{"key":"e_1_3_3_9_2","volume-title":"Compositional Cyber-physical Systems Theory","author":"Bakirtzis G","year":"2021","unstructured":"G Bakirtzis. 2021. Compositional Cyber-physical Systems Theory. Ph.D. Dissertation. University of Virginia."},{"key":"e_1_3_3_10_2","doi-asserted-by":"publisher","DOI":"10.1145\/3461669"},{"key":"e_1_3_3_11_2","doi-asserted-by":"publisher","DOI":"10.1109\/JSYST.2019.2940145"},{"key":"e_1_3_3_12_2","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2021.3085532"},{"key":"e_1_3_3_13_2","doi-asserted-by":"publisher","DOI":"10.4204\/EPTCS.333.9"},{"key":"e_1_3_3_14_2","doi-asserted-by":"publisher","DOI":"10.1109\/DSN-S50200.2020.00021"},{"key":"e_1_3_3_15_2","doi-asserted-by":"publisher","DOI":"10.1145\/3209108.3209151"},{"key":"e_1_3_3_16_2","doi-asserted-by":"publisher","DOI":"10.1145\/3236779"},{"key":"e_1_3_3_17_2","doi-asserted-by":"publisher","DOI":"10.4204\/EPTCS.323.5"},{"key":"e_1_3_3_18_2","doi-asserted-by":"publisher","DOI":"10.1016\/B978-0-12-817636-8.00013-2"},{"key":"e_1_3_3_19_2","unstructured":"CAPEC 2022. MITRE Common Attack Pattern Enumeration and Classification (CAPEC). Retrieved from https:\/\/capec.mitre.org\/."},{"key":"e_1_3_3_20_2","volume-title":"Proceedings of the 3rd USENIX Workshop on Hot Topics in Security.","author":"C\u00e1rdenas A. A.","year":"2008","unstructured":"A. A. C\u00e1rdenas, S. Amin, and S. Sastry. 2008. Research challenges for the security of control systems. In Proceedings of the 3rd USENIX Workshop on Hot Topics in Security.Niels Provos (Ed.), USENIX Association. Retrieved from http:\/\/www.usenix.org\/events\/hotsec08\/tech\/full_papers\/cardenas\/cardenas.pdf."},{"key":"e_1_3_3_21_2","doi-asserted-by":"publisher","DOI":"10.1080\/00107510903257624"},{"key":"e_1_3_3_22_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-12821-9_3"},{"key":"e_1_3_3_23_2","unstructured":"J. Culbertson P. Gustafson D. E. Koditschek and P. F. Stiller. 2020. Formal composition of hybrid systems. Theory and Applications of Categories ."},{"key":"e_1_3_3_24_2","doi-asserted-by":"publisher","DOI":"10.3233\/JCS-2005-13304"},{"key":"e_1_3_3_25_2","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2010.203"},{"key":"e_1_3_3_26_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-21151-0_11"},{"key":"e_1_3_3_27_2","unstructured":"D. Evans. 2008. NSF\/IARPA\/NSA Workshop on the Science of Security. Retrieved from https:\/\/web.archive.org\/web\/20200705152357\/https:\/\/sos.cs.virginia.edu\/."},{"key":"e_1_3_3_28_2","unstructured":"B. Fong A. Speranzon and D. I. Spivak. 2019. Temporal landscapes: A graphical temporal logic for reasoning. arXiv:1904.01081. Retrieved from https:\/\/arxiv.org\/abs\/1904.01081."},{"key":"e_1_3_3_29_2","doi-asserted-by":"publisher","DOI":"10.1017\/9781108668804"},{"key":"e_1_3_3_30_2","doi-asserted-by":"publisher","DOI":"10.4204\/EPTCS.323.16"},{"key":"e_1_3_3_31_2","article-title":"Computational petri nets: Adjunctions considered harmful","author":"Genovese F.","year":"2019","unstructured":"F. Genovese, A. Gryzlov, J. Herold, M. Perone, E. Post, and A. Videla. 2019. Computational petri nets: Adjunctions considered harmful. arXiv: 1904.12974. Retrieved from https:\/\/arxiv.org\/abs\/1904.12974.","journal-title":"arXiv: 1904.12974."},{"key":"e_1_3_3_32_2","doi-asserted-by":"publisher","DOI":"10.4204\/EPTCS.287.7"},{"key":"e_1_3_3_33_2","article-title":"Mapping finite state machines to ZK-SNARKs using category theory","author":"Genovese F.","year":"2019","unstructured":"F. Genovese, A. Knispel, and J. Fitzgerald. 2019. Mapping finite state machines to ZK-SNARKs using category theory. arXiv: 1909.02893. Retrieved from https:\/\/arxiv.org\/abs\/1909.02893.","journal-title":"arXiv: 1909.02893"},{"key":"e_1_3_3_34_2","doi-asserted-by":"publisher","DOI":"10.1109\/MDAT.2017.2709310"},{"key":"e_1_3_3_35_2","doi-asserted-by":"publisher","DOI":"10.1145\/3373718.3394736"},{"key":"e_1_3_3_36_2","unstructured":"M. Halter E. Patterson A. Baas and J. Fairbanks. 2020. Compositional Scientific Computing with Catlab and Semantic Models. arXiv:2005.04831. Retrieved from https:\/\/arxiv.org\/abs\/2005.04831."},{"key":"e_1_3_3_37_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jlap.2004.01.003"},{"key":"e_1_3_3_38_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.38"},{"key":"e_1_3_3_39_2","doi-asserted-by":"publisher","DOI":"10.1006\/aima.1993.1055"},{"key":"e_1_3_3_40_2","doi-asserted-by":"publisher","DOI":"10.1109\/TCNS.2020.3028035"},{"key":"e_1_3_3_41_2","unstructured":"John Lambert. 2015. Defenders think in lists. Attackers think in graphs. As long as this is true attackers win. Retrieved from https:\/\/perma.cc\/6NZ2-A2HY."},{"key":"e_1_3_3_42_2","article-title":"Cybersecurity: From engineering to science","author":"Landwehr C. E.","year":"2012","unstructured":"C. E. Landwehr. 2012. Cybersecurity: From engineering to science. Next Wave (2012).","journal-title":"Next Wave"},{"key":"e_1_3_3_43_2","article-title":"Cyber-physical systems \u2013 Are computing foundations adequate","author":"Lee E. A.","year":"2006","unstructured":"E. A. Lee. 2006. Cyber-physical systems \u2013 Are computing foundations adequate. In Proceedings of the Position Paper for NSF Workshop on Cyber-physical Systems: Research Motivation, Techniques and Roadmap.","journal-title":"Proceedings of the Position Paper for NSF Workshop on Cyber-physical Systems: Research Motivation, Techniques and Roadmap"},{"key":"e_1_3_3_44_2","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9781107360068"},{"key":"e_1_3_3_45_2","unstructured":"V. Lesi Z. Jakovljevic and M. Pajic. 2020. Security analysis for distributed IoT-based industrial automation. (2020). arXiv:2006.00044. Retrieved from https:\/\/arxiv.org\/abs\/2006.00044."},{"key":"e_1_3_3_46_2","doi-asserted-by":"publisher","DOI":"10.5220\/0006535802870294"},{"key":"e_1_3_3_47_2","unstructured":"S. Libkind. 2020. An algebra of resource sharing machines. arXiv:2007.14442. Retrieved from https:\/\/arxiv.org\/abs\/2007.14442."},{"key":"e_1_3_3_48_2","doi-asserted-by":"publisher","DOI":"10.1145\/3357033"},{"key":"e_1_3_3_49_2","unstructured":"D. Long. 2020. MBSE: Simple Complicated or Complex? Retrieved from https:\/\/web.archive.org\/web\/20200409185640\/; http:\/\/community.vitechcorp.com\/index.php\/mbse-simple-complicated-or-complex.aspx."},{"key":"e_1_3_3_50_2","article-title":"Coend Calculus","author":"Loregian F.","year":"2019","unstructured":"F. Loregian. 2019. Coend Calculus. arXiv: 1501.02503. Retrieved from https:\/\/arxiv.org\/abs\/1501.02503.","journal-title":"arXiv: 1501.02503"},{"key":"e_1_3_3_51_2","volume-title":"OS X Kernel-Mode Exploitation in a Weekend","author":"Maynor D.","year":"2007","unstructured":"D. Maynor. 2007. OS X Kernel-Mode Exploitation in a Weekend. Technical Report. Errata Security."},{"key":"e_1_3_3_52_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2004.11"},{"key":"e_1_3_3_53_2","doi-asserted-by":"publisher","DOI":"10.4204\/EPTCS.323.10"},{"key":"e_1_3_3_54_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICCPS.2014.6843720"},{"key":"e_1_3_3_55_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-54789-8_19"},{"key":"e_1_3_3_56_2","doi-asserted-by":"publisher","DOI":"10.1145\/2746194.2746197"},{"key":"e_1_3_3_57_2","doi-asserted-by":"publisher","DOI":"10.5555\/119358"},{"key":"e_1_3_3_58_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00165-020-00510-7"},{"key":"e_1_3_3_59_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10485-019-09565"},{"key":"e_1_3_3_60_2","article-title":"Algebraic databases","author":"Schultz P.","year":"2016","unstructured":"P. Schultz, D. I. Spivak, C. Vasilakopoulou, and R. Wisnesky. 2016. Algebraic databases. Theory & Applications of Categories (2016).","journal-title":"Theory & Applications of Categories"},{"key":"e_1_3_3_61_2","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2002.1004377"},{"key":"e_1_3_3_62_2","doi-asserted-by":"publisher","DOI":"10.1093\/comnet\/cnw022"},{"key":"e_1_3_3_63_2","article-title":"The Mathematical Specification of the Statebox Language","author":"Team Statebox","year":"2019","unstructured":"Statebox Team. 2019. The Mathematical Specification of the Statebox Language. arXiv: 1906.07629. Retrieved from https:\/\/arxiv.org\/abs\/1906.07629.","journal-title":"arXiv: 1906.07629"},{"key":"e_1_3_3_64_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.entcs.2013.09.022"},{"key":"e_1_3_3_65_2","article-title":"What does BIM mean for civil engineers","author":"Strafaci A.","year":"2008","unstructured":"A. Strafaci. 2008. What does BIM mean for civil engineers. CE News, Transportation 20, 9 (2008).","journal-title":"CE News, Transportation"},{"key":"e_1_3_3_66_2","volume-title":"MITRE ATT&CK: Design and Philosophy","author":"Strom B. E.","year":"2018","unstructured":"B. E. Strom, A. Applebaum, D. P. Miller, K. C. Nickels, A. G. Pennington, and C. B. Thomas. 2018. MITRE ATT&CK: Design and Philosophy. Technical Report MP180360. MITRE."},{"key":"e_1_3_3_67_2","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-45873-5_34"},{"key":"e_1_3_3_68_2","doi-asserted-by":"publisher","DOI":"10.1109\/CDC40024.2019.9029767"},{"key":"e_1_3_3_69_2","doi-asserted-by":"publisher","DOI":"10.1145\/3386568"},{"key":"e_1_3_3_70_2","doi-asserted-by":"publisher","DOI":"10.23919\/ECC54610.2021.9654960"},{"key":"e_1_3_3_71_2","doi-asserted-by":"publisher","DOI":"10.1109\/ITSC45102.2020.9294499"},{"key":"e_1_3_3_72_2","doi-asserted-by":"crossref","unstructured":"G. Zardini D. Milojevic A. Censi and E. Frazzoli. 2020. A Formal Approach to the Co-Design of Embodied Intelligence. arXiv:2011.10756. Retrieved from https:\/\/arxiv.org\/abs\/2011.10756.","DOI":"10.1109\/IROS51168.2021.9636513"},{"key":"e_1_3_3_73_2","doi-asserted-by":"publisher","DOI":"10.4204\/EPTCS.333.10"},{"key":"e_1_3_3_74_2","doi-asserted-by":"publisher","DOI":"10.1145\/2641483.2641529"}],"container-title":["ACM Transactions on Cyber-Physical Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3531063","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3531063","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:00:27Z","timestamp":1750186827000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3531063"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,7,31]]},"references-count":73,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2022,7,31]]}},"alternative-id":["10.1145\/3531063"],"URL":"https:\/\/doi.org\/10.1145\/3531063","relation":{},"ISSN":["2378-962X","2378-9638"],"issn-type":[{"type":"print","value":"2378-962X"},{"type":"electronic","value":"2378-9638"}],"subject":[],"published":{"date-parts":[[2022,7,31]]},"assertion":[{"value":"2021-06-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2022-04-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2022-09-07","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}