Development of a conceptual model of adaptive access rights management with using the apparatus of Petri nets

The paper describes the conceptual model of adaptive control of cyber protection of the informatization object (IO). Petri's Networks were used as a mathematical device to solve the problem of adaptive control of user access rights. The simulation model is proposed and the simulation in PIPE v4.3.0 package is performed. The possibility of automating the procedures for adjusting the user profile to minimize or neutralize cyber threats in the objects of informatization is shown. The model of distribution of user tasks in computer networks of IO is proposed. The model, unlike the existing, is based on the mathematical apparatus of Petri's Networks and contains variables that allow reducing the power of the state space. Access control method (ACM) is added. The addenda touched upon aspects of reconciliation of access rights that are requested by the task and requirements of the security policy and the degree of consistency of tasks and access to the IO nodes. Adjustment of rules and security metrics for new tasks or redistributable tasks is described in the notation of Petri nets

Quantifying impact on safety from cyber-attacks on cyber-physical systems

We propose a novel framework for modelling attack scenarios in cyber-physical control systems: we represent a cyber-physical system as a constrained switching system, where a single model embeds the dynamics of the physical process, the attack patterns, and the attack detection schemes. We show that this is compatible with established results in the analysis of hybrid automata, and, specifically, constrained switching systems. Moreover, we use the developed models to compute the impact of cyber attacks on the safety properties of the system. In particular, we characterise system safety as an asymptotic property, by calculating the maximal safe set. The resulting new impact metrics intuitively quantify the degradation of safety under attack. We showcase our results via illustrative examples.Comment: 8 pages, 5 figures, submitted for presentation to IFAC World Congress 2023, Yokohama, JAPA

МОДЕЛЬ АДАПТИВНОГО УПРАВЛІННЯ ПРАВАМИ ДОСТУПУ З ВИКОРИСТАННЯМ АПАРАТУ МЕРЕЖ ПЕТРІ

The article describes the conceptual model of adaptive management of cybersecurity of the information and educational environment of a modern university (IOSU). Petri nets are used as a mathematical apparatus to solve the problem of adaptive management of access rights of IOS users. A simulation model is proposed and modeling in PIPE v4.3.0 package is performed. The possibility of automating the procedures of user profile adjustment to minimize or neutralize cyber threats in IOS is shown. The model of distribution of tasks of the user in computer networks of IOSU is offered. The model, in contrast to the existing ones, is based on the mathematical apparatus of Petri nets and contains variables that reduce the power of the state space. The method of access control (ICPD) has been supplemented. The additions addressed aspects of the verification of access rights, which are required by the tasks and requirements of the security policy, the degree of coherence of tasks and allowed access to the IOSU nodes. Adjusting security rules and metrics for new tasks or reallocating tasks is described in Petri net notation.У статті описано концептуальну модель адаптивного управління кіберзахистом інформаційно-освітнього середовища сучасного університету (ІОСУ). Мережі Петрі застосовано як математичний апарат для вирішення завдання адаптивного управління правами доступу користувачів ІОСУ. Запропоновано імітаційну модель та виконано моделювання у пакеті PIPE v4.3.0. Показано можливість автоматизації процедур коригування профілю користувача для мінімізації або нейтралізації кіберзагроз в ІОС. Запропоновано модель розподілу завдань користувача в комп'ютерних мережах ІОСУ. Модель, на відміну існуючих, побудована з урахуванням математичного апарату мереж Петрі і містить змінні, які дозволяють скоротити потужність простору станів. Доповнено метод контролю прав доступу (МКПД). Доповнення торкнулися аспектів перевірки прав доступу, які запитуються завданням та вимогами політики безпеки, ступенем узгодженості завдань та дозволених до доступу вузлів ІОСУ. Коригування правил та метрик безпеки для нових задач або перерозподілу задач описано в нотації мереж Петр

Cyber-Physical Power System (CPPS): A Review on Modelling, Simulation, and Analysis with Cyber Security Applications

Cyber-Physical System (CPS) is a new kind of digital technology that increases its attention across academia, government, and industry sectors and covers a wide range of applications like agriculture, energy, medical, transportation, etc. The traditional power systems with physical equipment as a core element are more integrated with information and communication technology, which evolves into the Cyber-Physical Power System (CPPS). The CPPS consists of a physical system tightly integrated with cyber systems (control, computing, and communication functions) and allows the two-way flows of electricity and information for enabling smart grid technologies. Even though the digital technologies monitoring and controlling the electric power grid more efficiently and reliably, the power grid is vulnerable to cybersecurity risk and involves the complex interdependency between cyber and physical systems. Analyzing and resolving the problems in CPPS needs the modelling methods and systematic investigation of a complex interaction between cyber and physical systems. The conventional way of modelling, simulation, and analysis involves the separation of physical domain and cyber domain, which is not suitable for the modern CPPS. Therefore, an integrated framework needed to analyze the practical scenario of the unification of physical and cyber systems. A comprehensive review of different modelling, simulation, and analysis methods and different types of cyber-attacks, cybersecurity measures for modern CPPS is explored in this paper. A review of different types of cyber-attack detection and mitigation control schemes for the practical power system is presented in this paper. The status of the research in CPPS around the world and a new path for recommendations and research directions for the researchers working in the CPPS are finally presented.publishedVersio

Development of a conceptual model of adaptive access rights management with using the apparatus of Petri Nets

The paper describes the conceptual model of adaptive control of cyber protection of the informatization object (IO). Petri's Networks were used as a mathematical device to solve the problem of adaptive control of user access rights. The simulation model is proposed and the simulation in PIPE v4.3.0 package is performed. The possibility of automating the procedures for adjusting the user profile to minimize or neutralize cyber threats in the objects of informatization is shown. The model of distribution of user tasks in computer networks of IO is proposed. The model, unlike the existing, is based on the mathematical apparatus of Petri's Networks and contains variables that allow reducing the power of the state space. Access control method (ACM) is added. The addenda touched upon aspects of reconciliation of access rights that are requested by the task and requirements of the security policy and the degree of consistency of tasks and access to the IO nodes. Adjustment of rules and security metrics for new tasks or redistributable tasks is described in the notation of Petri nets

Methodologies synthesis

This deliverable deals with the modelling and analysis of interdependencies between critical infrastructures, focussing attention on two interdependent infrastructures studied in the context of CRUTIAL: the electric power infrastructure and the information infrastructures supporting management, control and maintenance functionality. The main objectives are: 1) investigate the main challenges to be addressed for the analysis and modelling of interdependencies, 2) review the modelling methodologies and tools that can be used to address these challenges and support the evaluation of the impact of interdependencies on the dependability and resilience of the service delivered to the users, and 3) present the preliminary directions investigated so far by the CRUTIAL consortium for describing and modelling interdependencies

Evaluation of a community pharmacy dispensing process using a Coloured Petri Net

UK customers visited community pharmacies to receive NHS prescriptions 1.104 billion times in 2016. One study of dispensing errors found an error rate of 3.3%. Severe dispensing inaccuracies often receive a high level of media attention, however, lower level errors could also be causing significant inefficiencies in the delivery of primary healthcare. This paper presents a modelling approach for analysing the reliability and efficiency of community pharmacies performance using a Coloured Petri Net (CPN) methodology. The model consider show single prescriptions are processed, the use of staff resources, and the occurrence of errors. The CPN evaluates performance over a set of key performance indicators. Results are validated, where possible, against published studies of community pharmacies