Visible to the public Modeling impact of attacks, recovery, and attackability conditions for situational awareness

TitleModeling impact of attacks, recovery, and attackability conditions for situational awareness
Publication TypeConference Paper
Year of Publication2014
AuthorsCam, H., Mouallem, P., Yilin Mo, Sinopoli, B., Nkrumah, B.
Conference NameCognitive Methods in Situation Awareness and Decision Support (CogSIMA), 2014 IEEE International Inter-Disciplinary Conference on
Date PublishedMarch
ISBN Number978-1-4799-3564-2
Keywordsactuators, Analytical models, anomaly-based intrusion detection system, assets influence, control theory, controllers, Decentralized control, distributed control system, distributed cyber control system, distributed processing, dynamic analysis, Fires, Intrusion detection, Linear systems, linear time-invariant system, modeling impact, numerical evaluation, Petri nets, scanners, security of data, Sensors, situational awareness, time Petri nets, timing relationships, topological attackability condition

A distributed cyber control system comprises various types of assets, including sensors, intrusion detection systems, scanners, controllers, and actuators. The modeling and analysis of these components usually require multi-disciplinary approaches. This paper presents a modeling and dynamic analysis of a distributed cyber control system for situational awareness by taking advantage of control theory and time Petri net. Linear time-invariant systems are used to model the target system, attacks, assets influences, and an anomaly-based intrusion detection system. Time Petri nets are used to model the impact and timing relationships of attacks, vulnerability, and recovery at every node. To characterize those distributed control systems that are perfectly attackable, algebraic and topological attackability conditions are derived. Numerical evaluation is performed to determine the impact of attacks on distributed control system.

Citation Key6816560