19,865 research outputs found
Efficient Computations of a Security Index for False Data Attacks in Power Networks
The resilience of Supervisory Control and Data Acquisition (SCADA) systems
for electric power networks for certain cyber-attacks is considered. We analyze
the vulnerability of the measurement system to false data attack on
communicated measurements. The vulnerability analysis problem is shown to be
NP-hard, meaning that unless there is no polynomial time algorithm to
analyze the vulnerability of the system. Nevertheless, we identify situations,
such as the full measurement case, where it can be solved efficiently. In such
cases, we show indeed that the problem can be cast as a generalization of the
minimum cut problem involving costly nodes. We further show that it can be
reformulated as a standard minimum cut problem (without costly nodes) on a
modified graph of proportional size. An important consequence of this result is
that our approach provides the first exact efficient algorithm for the
vulnerability analysis problem under the full measurement assumption.
Furthermore, our approach also provides an efficient heuristic algorithm for
the general NP-hard problem. Our results are illustrated by numerical studies
on benchmark systems including the IEEE 118-bus system
Identifying Security-Critical Cyber-Physical Components in Industrial Control Systems
In recent years, Industrial Control Systems (ICS) have become an appealing
target for cyber attacks, having massive destructive consequences. Security
metrics are therefore essential to assess their security posture. In this
paper, we present a novel ICS security metric based on AND/OR graphs that
represent cyber-physical dependencies among network components. Our metric is
able to efficiently identify sets of critical cyber-physical components, with
minimal cost for an attacker, such that if compromised, the system would enter
into a non-operational state. We address this problem by efficiently
transforming the input AND/OR graph-based model into a weighted logical formula
that is then used to build and solve a Weighted Partial MAX-SAT problem. Our
tool, META4ICS, leverages state-of-the-art techniques from the field of logical
satisfiability optimisation in order to achieve efficient computation times.
Our experimental results indicate that the proposed security metric can
efficiently scale to networks with thousands of nodes and be computed in
seconds. In addition, we present a case study where we have used our system to
analyse the security posture of a realistic water transport network. We discuss
our findings on the plant as well as further security applications of our
metric.Comment: Keywords: Security metrics, industrial control systems,
cyber-physical systems, AND-OR graphs, MAX-SAT resolutio
- …