Survivability modeling for cyber-physical systems subject to data corruption

Cyber-physical critical infrastructures are created when traditional physical infrastructure is supplemented with advanced monitoring, control, computing, and communication capability. More intelligent decision support and improved efficacy, dependability, and security are expected. Quantitative models and evaluation methods are required for determining the extent to which a cyber-physical infrastructure improves on its physical predecessors. It is essential that these models reflect both cyber and physical aspects of operation and failure. In this dissertation, we propose quantitative models for dependability attributes, in particular, survivability, of cyber-physical systems. Any malfunction or security breach, whether cyber or physical, that causes the system operation to depart from specifications will affect these dependability attributes. Our focus is on data corruption, which compromises decision support -- the fundamental role played by cyber infrastructure. The first research contribution of this work is a Petri net model for information exchange in cyber-physical systems, which facilitates i) evaluation of the extent of data corruption at a given time, and ii) illuminates the service degradation caused by propagation of corrupt data through the cyber infrastructure. In the second research contribution, we propose metrics and an evaluation method for survivability, which captures the extent of functionality retained by a system after a disruptive event. We illustrate the application of our methods through case studies on smart grids, intelligent water distribution networks, and intelligent transportation systems. Data, cyber infrastructure, and intelligent control are part and parcel of nearly every critical infrastructure that underpins daily life in developed countries. Our work provides means for quantifying and predicting the service degradation caused when cyber infrastructure fails to serve its intended purpose. It can also serve as the foundation for efforts to fortify critical systems and mitigate inevitable failures --Abstract, page iii

Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

Correlated survivability analysis model for manets

Mobile ad hoc networks (MANETs) rely on collective nodes effort which requires node to be in cooperative behavior to continuously offer network services. Furthermore, node in MANETs shows correlated node behavior due to topology changes, node misbehavior or security attacks in which poses a significant impact on network survivability. However, correlated node behavior is not reflected as one of the metric in analyzing network survivability with current survivability models. The models did not represent real life scenario with the assumption made on individual node behavior. This limitation resulted inaccuracy when analyzing network survivability. To overcome the limitation of current research, this thesis presents a new network survivability analysis model which captures correlated node behavior to depict node behavior in MANETs and proposed a way to minimize the impact of correlated node behavior. Firstly, before network survivability analysis is modeled, a better understanding of dynamic characteristics of node behavior and its correlated behavior need to be studied and modeled. In this thesis, a merging of semi Markov process and Susceptible-Infection-Remove (SIR) epidemic theory is proposed to stochastically model correlated node behavior. To capture correlated node behavior, correlated degree is proposed in the model as a new metric to measure the impact of network survivability under correlated node behavior. Correlated node behavior model leads to a better understanding and prediction of the critical condition and the speed of spreading correlated node behavior to entire network. Network survivability under correlated node behavior is analyzed based on statistical method of multivariate survival analysis in medical research. The modification of Cox Proportional Hazard regression model in particular correlated hazard function is proposed to analyze the probability of correlated node behavior and to determine variables that significantly influence network survivability. The result on regression analysis shows energy consumption and correlated degree are the most significant variables that influence network survivability. Furthermore, probability of network survivability also can be determined. A new algorithm of topology formation is proposed with correlated degree metric to mitigate the impact of correlated node behavior on network performances. The simulation result shows that, with the new algorithm, energy consumption in MANETs can be balance which prolong node life time and increase network survivability. In addition, new algorithm also prevents network topology from partitioning. With new survivability analysis model, the status of network can be precisely measured and countermeasure can be done earlier to prevent network disruption