3,696 research outputs found

    Evaluating Cascading Impact of Attacks on Resilience of Industrial Control Systems: A Design-Centric Modeling Approach

    Full text link
    A design-centric modeling approach was proposed to model the behaviour of the physical processes controlled by Industrial Control Systems (ICS) and study the cascading impact of data-oriented attacks. A threat model was used as input to guide the construction of the CPS model where control components which are within the adversary's intent and capabilities are extracted. The relevant control components are subsequently modeled together with their control dependencies and operational design specifications. The approach was demonstrated and validated on a water treatment testbed. Attacks were simulated on the testbed model where its resilience to attacks was evaluated using proposed metrics such as Impact Ratio and Time-to-Critical-State. From the analysis of the attacks, design strengths and weaknesses were identified and design improvements were recommended to increase the testbed's resilience to attacks

    A Cognitive Framework to Secure Smart Cities

    Get PDF
    The advancement in technology has transformed Cyber Physical Systems and their interface with IoT into a more sophisticated and challenging paradigm. As a result, vulnerabilities and potential attacks manifest themselves considerably more than before, forcing researchers to rethink the conventional strategies that are currently in place to secure such physical systems. This manuscript studies the complex interweaving of sensor networks and physical systems and suggests a foundational innovation in the field. In sharp contrast with the existing IDS and IPS solutions, in this paper, a preventive and proactive method is employed to stay ahead of attacks by constantly monitoring network data patterns and identifying threats that are imminent. Here, by capitalizing on the significant progress in processing power (e.g. petascale computing) and storage capacity of computer systems, we propose a deep learning approach to predict and identify various security breaches that are about to occur. The learning process takes place by collecting a large number of files of different types and running tests on them to classify them as benign or malicious. The prediction model obtained as such can then be used to identify attacks. Our project articulates a new framework for interactions between physical systems and sensor networks, where malicious packets are repeatedly learned over time while the system continually operates with respect to imperfect security mechanisms

    QUANTIFYING CONSEQUENCES OF EXTERNALLY INDUCED FAILURES PROPAGATED THROUGH SYSTEMS DURING FUNCTIONAL SYSTEM DESIGN

    Get PDF
    Assessment of failure propagation and potential within complex systems is a field open for continued exploration in the arena of systems engineering. Risk assessment and failure modeling processes such as PRA, FTA, and FMEA/FMECA are more widely understood and utilized in industry, yet are not designed to fully address and objectively quantify the impact on systems when exposed to intentionally malicious attacks, particularly in early design stages where changes to system architectures are best effected. Further, current methods do not identify and standardize attack modes that are likely to affect systems during their life cycle. This work first defines “attacks” and discusses their difference from “failures.” The work then develops and discusses a hierarchical taxonomy of attack classes and mechanisms likely to affect a wide array of systems. Finally, it presents the Failure Path Length Method (FPLM) to quantify consequence on systems due to attacks on system functions by applying characteristics of those classified attacks to the functional architecture of a system. The author then implements the FPLM on a common EPS to verify applicability to realistic systems and objectively determine the consequence of an attack. The differences in consequence drive mitigating changes to the architecture of the EPS and validate the significant decision-making power provided to system designers by the proposed method during functional analysis and design.Lieutenant, United States NavyApproved for public release. Distribution is unlimited

    Improving resilience to cyber-attacks by analysing system output impacts and costs

    Get PDF
    Cyber-attacks cost businesses millions of dollars every year, a key component of which is the cost of business disruption from system downtime. As cyber-attacks cannot all be prevented, there is a need to consider the cyber resilience of systems, i.e. the ability to withstand cyber-attacks and recover from them. Previous works discussing system cyber resilience typically either offer generic high-level guidance on best practices, provide limited attack modelling, or apply to systems with special characteristics. There is a lack of an approach to system cyber resilience evaluation that is generally applicable yet provides a detailed consideration for the system-level impacts of cyber-attacks and defences. We propose a methodology for evaluating the effectiveness of actions intended to improve resilience to cyber-attacks, considering their impacts on system output performance, and monetary costs. It is intended for analysing attacks that can disrupt the system function, and involves modelling attack progression, system output production, response to attacks, and costs from cyber-attacks and defensive actions. Studies of three use cases demonstrate the implementation and usefulness of our methodology. First, in our redundancy planning study, we considered the effect of redundancy additions on mitigating the impacts of cyber-attacks on system output performance. We found that redundancy with diversity can be effective in increasing resilience, although the reduction in attack-related costs must be balanced against added maintenance costs. Second, our work on attack countermeasure selection shows that by considering system output impacts across the duration of an attack, one can find more cost-effective attack responses than without such considerations. Third, we propose an approach to mission viability analysis for multi-UAV deployments facing cyber-attacks, which can aid resource planning and determining if the mission can conclude successfully despite an attack. We provide different implementations of our model components, based on use case requirements.Open Acces
    • …
    corecore