Using Attack Trees to Assess Security Controls for Supervisory Control and Data Acquisition Systems (SCADA)

The recent trend to interconnect industrial control systems with a corporate LAN has dramatically expanded the threat of remote cyber attack. Indeed, adversaries are targeting these systems with increasing frequency and sophistication. Cyber defense options for security decision makers are subsequently increasing in variety and complexity. Determining which set of security controls are most effective against cyber attacks is primarily a risk management and resource constraint problem. This research takes an exploratory approach to apply attack tree modeling to assess which group of security controls can potentially mitigate cyber attacks against industrial control systems. The research methodology combined probabilities of adversary success with impact assessments from control system experts. Subsequent data analysis identified 14 of 30 security controls that are strongly associated with mitigating cyber attacks on an ICS.