Zero Trust Architecture Patterns for Cyber-Physical Systems

Zero trust (ZT) is an emerging initiative that focuses on securely providing access to resources based on defined policies. The core tenet of ZT is “never trust, always verify”, meaning that even within trusted zones of operation, resource access must be explicitly granted. ZT has proven effective in improving the security posture in domains such as information technology infrastructure; however, additional research and development is needed to define and apply zero trust principles to cyber-physical system domains. To work toward this objective, we have identified an initial set of ZT architectural patterns targeted specifically at cyber-physical systems. We created ZT architecture patterns in the Architecture Analysis and Design Language (AADL), a modeling language that enables engineers to describe the key elements of embedded system architectures using a well-defined semantics. The patterns are implemented as a library of ZT components that can be made available to system engineers. Utilizing AADL capabilities, engineers can model a system in AADL and apply one or more of these ZT patterns to improve the system security posture based on specific system requirements. To demonstrate our approach, we apply the ZT patterns to an unmanned aerial vehicle surveillance application. The resulting design provides inherent protection from a variety of attacks affecting system confidentiality, integrity, and availability.