Visible to the public Evaluating the complexity and impacts of attacks on cyber-physical systems

TitleEvaluating the complexity and impacts of attacks on cyber-physical systems
Publication TypeConference Paper
Year of Publication2015
AuthorsOrojloo, H., Azgomi, M. A.
Conference Name2015 CSI Symposium on Real-Time and Embedded Systems and Technologies (RTEST)
Date Publishedoct
Keywordsactuators, attack consequences, attack graph, attack probability, Computer crime, consequence estimation process, CPS, cross-domain attack, cyber-physical system security, Cyber-physical systems, cyber-to-cyber attack, cyber-to-physical attack, estimation theory, graph theory, Modeling, probability, process control, pubcrawl170107, pubcrawl170108, quantitative security evaluation, security attributes, security of data, security risks, Sensor phenomena and characterization, time-to-shutdown
Abstract

In this paper, a new method for quantitative evaluation of the security of cyber-physical systems (CPSs) is proposed. The proposed method models the different classes of adversarial attacks against CPSs, including cross-domain attacks, i.e., cyber-to-cyber and cyber-to-physical attacks. It also takes the secondary consequences of attacks on CPSs into consideration. The intrusion process of attackers has been modeled using attack graph and the consequence estimation process of the attack has been investigated using process model. The security attributes and the special parameters involved in the security analysis of CPSs, have been identified and considered. The quantitative evaluation has been done using the probability of attacks, time-to-shutdown of the system and security risks. The validation phase of the proposed model is performed as a case study by applying it to a boiling water power plant and estimating the suitable security measures.

URLhttp://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7369840&isnumber=7369836
DOI10.1109/RTEST.2015.7369840
Citation Keyorojloo_evaluating_2015