In recent years, Industrial Control Systems (ICS) have become increasingly exposed to a wide range of cyber-physical attacks, having massive destructive consequences. Security metrics are therefore essential to assess and improve their security posture. In this paper, we present a novel ICS security metric based on AND/OR graphs and hypergraphs which is able to efficiently identify the set of critical ICS components and security measures that should be compromised, with minimum cost (effort) f or an attacker, in order to disrupt the operation of vital ICS assets. Our tool, META4ICS (pronounced as metaphorics ), leverages state-of-the-art methods from the field of logical satisfiability optimisation and MAX-SAT techniques in order to achieve efficient computation times. In addition, we present a case study where we have used our system to analyse the security posture of a realistic Water Transport Network (WTN).
Measuring Cyber-Physical Security in Industrial Control Systems via Minimum-Effort Attack Strategies
T. Parisini
Membro del Collaboration Group
2020-01-01
Abstract
In recent years, Industrial Control Systems (ICS) have become increasingly exposed to a wide range of cyber-physical attacks, having massive destructive consequences. Security metrics are therefore essential to assess and improve their security posture. In this paper, we present a novel ICS security metric based on AND/OR graphs and hypergraphs which is able to efficiently identify the set of critical ICS components and security measures that should be compromised, with minimum cost (effort) f or an attacker, in order to disrupt the operation of vital ICS assets. Our tool, META4ICS (pronounced as metaphorics ), leverages state-of-the-art methods from the field of logical satisfiability optimisation and MAX-SAT techniques in order to achieve efficient computation times. In addition, we present a case study where we have used our system to analyse the security posture of a realistic Water Transport Network (WTN).| File | Dimensione | Formato | |
|---|---|---|---|
|
Barrere_Hankin_Nicolaou_Eliades_Parisini_JISA_2020.pdf
accesso aperto
Descrizione: Articolo pubblicato Supplementary material associated with this article can be found, in the online version, at doi: 10.1016/j.jisa.2020.102471
Tipologia:
Documento in Versione Editoriale
Licenza:
Creative commons
Dimensione
3.19 MB
Formato
Adobe PDF
|
3.19 MB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
