Assessing cyber-physical security in industrial control systems
| Autor: | Martín Barrère, Chris Hankin, Demetrios G. Eliades, Nicolas Nicolaou, Thomas Parisini, Mart |
|---|---|
| Přispěvatelé: | Horizon2020 |
| Rok vydání: | 2019 |
| Předmět: |
FOS: Computer and information sciences
Computer Science - Cryptography and Security Computer science media_common.quotation_subject Context (language use) Systems and Control (eess.SY) 0102 computer and information sciences 02 engineering and technology Computer security computer.software_genre Electrical Engineering and Systems Science - Systems and Control 01 natural sciences Computer Science - Networking and Internet Architecture FOS: Electrical engineering electronic engineering information engineering 0202 electrical engineering electronic engineering information engineering media_common Networking and Internet Architecture (cs.NI) Structure (mathematical logic) Water transport GRASP Cyber-physical system Industrial control system Interdependence 010201 computation theory & mathematics 020201 artificial intelligence & image processing Cryptography and Security (cs.CR) computer Physical security |
| Zdroj: | 6th International Symposium for ICS & SCADA Cyber Security Research 2019 Electronic Workshops in Computing |
| ISSN: | 1477-9358 |
| Popis: | Over the last years, Industrial Control Systems (ICS) have become increasingly exposed to a wide range of cyber-physical threats. Efficient models and techniques able to capture their complex structure and identify critical cyber-physical components are therefore essential. AND/OR graphs have proven very useful in this context as they are able to semantically grasp intricate logical interdependencies among ICS components. However, identifying critical nodes in AND/OR graphs is an NP-complete problem. In addition, ICS settings normally involve various cyber and physical security measures that simultaneously protect multiple ICS components in overlapping manners, which makes this problem even harder. In this paper, we present an extended security metric based on AND/OR hypergraphs which efficiently identifies the set of critical ICS components and security measures that should be compromised, with minimum cost (effort) for an attacker, in order to disrupt the operation of vital ICS assets. Our approach relies on MAX-SAT techniques, which we have incorporated in META4ICS, a Java-based security metric analyser for ICS. We also provide a thorough performance evaluation that shows the feasibility of our method. Finally, we illustrate our methodology through a case study in which we analyse the security posture of a realistic Water Transport Network (WTN). 10 pages, 10 figures. Keywords: security metrics, cyber-physical security, AND-OR graphs, hypergraphs, MAX-SAT resolution, ICS, CPS |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|