HVA_CPS proposal: a process for hazardous vulnerability analysis in distributed cyber-physical systems

被引:0
作者
Jamieson A. [1 ]
Few C. [2 ]
Awuson-David K. [1 ]
Al-Hadhrami T. [3 ]
机构
[1] The Office of Gas and Electricity Markets (Ofgem), London
[2] National Grid, London
[3] School of Science and Technology, Nottingham Trent University, Nottingham
来源
PeerJ Computer Science | 2023年 / 9卷
关键词
Attack graph; Control actions; Cyber-security; Hazard; HVA_CPS; Operational technology; Vulnerability;
D O I
10.7717/PEERJ-CS.1249
中图分类号
学科分类号
摘要
Society is increasingly dependent upon the use of distributed cyber-physical systems (CPSs), such as energy networks, chemical processing plants and transport systems. Such CPSs typically have multiple layers of protection to prevent harm to people or the CPS. However, if both the control and protection systems are vulnerable to cyberattacks, an attack may cause CPS damage or breaches of safety. Such weaknesses in the combined control and protection system are described here as hazardous vulnerabilities (HVs). Providing assurance that a complex CPS has no HVs requires a rigorous process that first identifies potential hazard scenarios and then searches for possible ways that a cyber-attacker could cause them. This article identifies the attributes that a rigorous hazardous vulnerability analysis (HVA) process would require and compares them against related works. None fully meet the requirements for rigour. A solution is proposed, HVA_CPS, which does have the required attributes. HVA_CPS applies a novel combination of two existing analysis techniques: control signal analysis and attack path analysis. The former identifies control actions that lead to hazards, known as hazardous control actions (HCAs); the latter models the system and searches the model for sequences of attack steps that can cause the HCAs. Both analysis techniques have previously been applied alone on different CPSs. The two techniques are integrated by extending the formalism for attack path analysis to capture HCAs. This converts the automated search for attack paths to a selected asset into an exhaustive search for HVs. The integration of the two techniques has been applied using HCAs from an actual CPS. To preserve confidentiality, the application of HVA_CPS is described on a notional electricity generator and its connection to the grid. The value of HVA_CPS is that it delivers rigorous analysis of HVs at system design stage, enabling assurance of their absence throughout the remaining system lifecycle © Copyright 2023 Jamieson et al.
引用
收藏
相关论文
共 57 条
[1]  
Ahmed M, Panda S, Xenakis C, Panaousis E., MITRE ATT & CK-driven cyber risk assessment, 17th International conference on availability, reliability and security, (2022)
[2]  
Andrew BWM, Katsikeas S, Hacks S., GitHub
[3]  
mal-lang/icsLang, (2022)
[4]  
Awuson-David K., Facilitate security event monitoring and logging of operational technology (OT) legacy systems, International conference of reliable information and communication technology, (2022)
[5]  
Awuson-David K, Al-Hadhrami T, Alazab M, Shah N, Shalaginov A., BCFL logging: an approach to acquire and preserve admissible digital forensics evidence in cloud ecosystem, Future Generation Computer Systems, 122, (2021)
[6]  
Bakirtzis G, Simon B, Collins A, Fleming C, Elks C., Data-driven vulnerability exploration for design phase system analysis, IEEE Systems Journal, 14, 4, (2020)
[7]  
Baybutt P., A critique of the Hazard and Operability (HAZOP) study, Journal of Loss Prevention in the Process Industries, 33, (2015)
[8]  
Bronk C, Tikk-Ringas E., The cyber attack on Saudi Aramco, Survival, Global Politics and Strategy, 55, 2, (2013)
[9]  
Butler M, Howard G, Colley J, Sassone V., A methodology for assuring the safety and security of critical infrastructure based on STPA and Event-B, International Journal of Critical Computer-Based Systems, 9, (2019)
[10]  
The Architecture Analysis & Design Language (AADL): an introduction, (2006)
123456