Decision Networks for modeling and analysis of attack/defense scenarios in critical infrastructures

We propose to exploit Decision Networks (DN) for the analysis of attack/defense scenarios. We show that DN extend both the modeling and the analysis capabilities of formalisms based on Attack Trees, which are the main reference model in such a context. Uncertainty can be addressed at every system level and a decision-theoretic analysis of the risk and of the selection of the best countermeasures can be implemented, by exploiting standard inference algorithms on DN

Evidence-Based Analysis of Cyber Attacks to Security Monitored Distributed Energy Resources

This work proposes an approach based on dynamic Bayesian networks to support the cybersecurity analysis of network-based controllers in distributed energy plants. We built a system model that exploits real world context information from both information and operational technology environments in the energy infrastructure, and we use it to demonstrate the value of security evidence for time-driven predictive and diagnostic analyses. The innovative contribution of this work is in the methodology capability of capturing the causal and temporal dependencies involved in the assessment of security threats, and in the introduction of security analytics supporting the configuration of anomaly detection platforms for digital energy infrastructures

Selecting Failure Countermeasures through Decision Network Analysis

We propose a framework for the selection of failure countermeasures and repair actions, based on Decision Networks (DN). We show, through specific examples, that standard probabilistic inference on DN can be used to compute system reliability, component importance measures, as well as to select the best (in terms of Maximum Expected Utility) set of failure countermeasures to activate. Finally, by exploiting the DN formalism, both modeling and analysis capabilities are improved with respect to standard combinatorial models, without resorting to the complexity of global state-space models

Quantitative evaluation of attack/defense scenarios through Decision Network modelling and analysis

We exploit Decision Networks (DN) for the analysis of attack/defense scenarios. DN extend both the modeling and the analysis capabilities of formalisms based on Attack Trees, which are the main reference model in such a context. In particular, DN can naturally address uncertainty at every level, including the interaction level of attacks and countermeasures, making possible the modeling of situations which are not limited to Boolean combinations of events. Furthermore, inference algorithms can be exploited for a probabilistic analysis with the goal of assessing the risk and the importance of the attacks (with respect to specific sets of countermeasures), and selecting the optimal set (with respect to a specific objective function) of countermeasures to activate

Reliability Analysis of Multi-source Multi-sink Critical Interacting Systems

Traditional reliability studies on probabilistic networks are devoted to evaluate the probability that two nodes or K nodes are connected, assuming that nodes are undifferentiated. In flow networks, however, we need to distinguish between source nodes where the flow is generated and sink nodes where the flow is utilized. Sink nodes may usually be fed by many sources. To this end, we have extended the traditional studies to include multi-source multi-sink networks. A case study is analysed consisting in a portion of an electrical grid controlled by a its SCADA system through a public telecommunication network

A new symbolic approach for network reliability analysis

In this paper we propose an improved BDD approach to the network reliability analysis, that allows the user to compute an exact solution or an approximation based on reliability bounds when network complexity makes the former solution practically impossible. To this purpose, a new algorithm for encoding the connectivity graph on a Binary Decision Diagram (BDD) has been developed; it reduces the computation memory peak with respect to previous approaches based on the same type of data structure without increasing the execution time, and allows us also to derive from a subset of the minpaths/mincuts a lower/upper bound of the network reliability, so that the quality of the obtained approximation can be estimated. Finally, a fair and detailed comparison between our approach and another state of the art approach presented in the literature is documented through a set of benchmarks

WEIGHTED ATTACK TREES FOR THE CYBERSECURITY ANALYSIS OF SCADA SYSTEMS

In this paper we address the issue of security of SCADA systems; a topic of paramount importance because of the impact on physical security and very challenging because of the peculiarities that set SCADA systems aside from usual ICT networks. We apply the modeling technique based on structures called weighted Attack and Defense Trees (ADT) to a complex case study based on a typical SCADA architecture, in which the attack tree is enriched with the cost and the impact of the attack. We introduce a new analysis technique for weighted ADT based on the representation of the attack scenario by means of Multi- Terminal Binary Decision Diagrams (MTBDD) that al- low the modeler to identify the most probable attack sce- narios, in term of probability cost and impact, and gives an indication on how to mitigate the located breaches by means of suitable countermeasures

Temporal Network Reliability in Perturbed Scenarios: Application to a SCADA System

The role of network reliability in the analysis of Critical Infrastructures (CI) is investigated showing that the traditional approach must be extended in two directions: to include the packet propagation time along the links for real time analysis, and to include networks in which many sources may be variously connected to many sinks. A case study of a SCADA system controlling a power grid, originated from the EU Project MICIE (MICIE - Tool for systemic risk analysis and secure mediation of data exchanged across linked CI information infrastructures) [6], is examined in details, by considering the system in normal operation and when perturbed by malicious attacks. The paper describes an analytical model that can provide timely and accurate information about the reliability status of the system, and that can rapidly be adapted to the changing configurations of the interacting networks. The aim of this work is to explore the feasibility of providing the human operators with a reliability monitor that assists them in checking the status of the system

Analysis and Detection of Cyber Attack Processes targeting Smart Grids

This paper proposes an approach based on Bayesian Networks to support cyber security analysts in improving the cyber-security posture of the smart grid. We build a system model that exploits real world context information from both Information and Operational Technology environments in the smart grid, and we use it to demonstrate sample predictive and diagnostic analyses. The innovative contribution of this work is in the methodology capability of capturing the many dependencies involved in the assessment of security threats, and of supporting the security analysts in planning defense and detection mechanisms for energy digital infrastructures