A Threat-Vulnerability Based Risk Analysis Model for Cyber Physical System Security

Date

2017-01-04

Contributor

Advisor

Department

Instructor

Depositor

Speaker

Researcher

Consultant

Interviewer

Narrator

Transcriber

Annotator

Journal Title

Journal ISSN

Volume Title

Publisher

Volume

Number/Issue

Starting Page

Ending Page

Alternative Title

Abstract

The ability to network machinery and devices that are otherwise isolated is highly attractive to industry. This has led to growth in the use of cyber-physical systems (CPSs) with existing infrastructure. However, coupling physical and cyber processes leaves CPSs vulnerable to security attacks. A threat-vulnerability based risk model is developed through a detailed analysis of CPS security attack structures and threats. The Stuxnet malware attack is used to test the viability of the proposed model. An analysis of the Natanz system shows that, with an actual case security-risk score at Mitigation level 5, the infested facilities barely avoided a situation worse than the one which occurred. The paper concludes with a discussion on the need for risk analysis as part of CPS security and highlights the future work of modelling and comparing existing security solutions using the proposed model so to identify the sectors where CPS security is still lacking.

Description

Keywords

Cyber-Physical Systems, Risk Analysis, Security, Stuxnet

Citation

Extent

10 pages

Format

Geographic Location

Time Period

Related To

Proceedings of the 50th Hawaii International Conference on System Sciences

Related To (URI)

Table of Contents

Rights

Attribution-NonCommercial-NoDerivatives 4.0 International

Rights Holder

Local Contexts

Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.