3,534 research outputs found
A Bayesian Network Approach for the Interpretation of Cyber Attacks to Power Systems
The focus of this paper is on the analysis of the cyber security
resilience of digital infrastructures deployed by power grids, internationally recognized as a priority since several recent cyber attacks targeted
energy systems and in particular the power service. In response to the
regulatory framework, this paper presents an analysis approach based
on the Bayesian Networks formalism and on real world threat scenarios.
Our approach enables analyses oriented to planning of security measures
and monitoring, and to forecasting of adversarial behaviours
A Graphical Adversarial Risk Analysis Model for Oil and Gas Drilling Cybersecurity
Oil and gas drilling is based, increasingly, on operational technology, whose
cybersecurity is complicated by several challenges. We propose a graphical
model for cybersecurity risk assessment based on Adversarial Risk Analysis to
face those challenges. We also provide an example of the model in the context
of an offshore drilling rig. The proposed model provides a more formal and
comprehensive analysis of risks, still using the standard business language
based on decisions, risks, and value.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
Evidence-Based Analysis of Cyber Attacks to Security Monitored Distributed Energy Resources
This work proposes an approach based on dynamic Bayesian networks to support the cybersecurity analysis of network-based controllers in distributed energy plants. We built a system model that exploits real world context information from both information and operational technology environments in the energy infrastructure, and we use it to demonstrate the value of security evidence for time-driven predictive and diagnostic analyses. The innovative contribution of this work is in the methodology capability of capturing the causal and temporal dependencies involved in the assessment of security threats, and in the introduction of security analytics supporting the configuration of anomaly detection platforms for digital energy infrastructures
On Holistic Multi-Step Cyberattack Detection via a Graph-based Correlation Approach
While digitization of distribution grids through information and
communications technology brings numerous benefits, it also increases the
grid's vulnerability to serious cyber attacks. Unlike conventional systems,
attacks on many industrial control systems such as power grids often occur in
multiple stages, with the attacker taking several steps at once to achieve its
goal. Detection mechanisms with situational awareness are needed to detect
orchestrated attack steps as part of a coherent attack campaign. To provide a
foundation for detection and prevention of such attacks, this paper addresses
the detection of multi-stage cyber attacks with the aid of a graph-based cyber
intelligence database and alert correlation approach. Specifically, we propose
an approach to detect multi-stage attacks by leveraging heterogeneous data to
form a knowledge base and employ a model-based correlation approach on the
generated alerts to identify multi-stage cyber attack sequences taking place in
the network. We investigate the detection quality of the proposed approach by
using a case study of a multi-stage cyber attack campaign in a
future-orientated power grid pilot.Comment: IEEE International Conference on Communications, Control, and
Computing Technologies for Smart Grids (SmartGridComm) 202
- …