Abstract
The cyberphysical system (CPS) is becoming the infrastructure of society. Unfortunately, the CPS is vulnerable to cyberattacks, which may cause environmental pollution, property losses, and even casualties. Furthermore, in contrast to the conventional Internet, the devices in CPSs are more specific, and the device systems may not be upgraded or installed with new programs during their life spans. The selection of the best defense nodes for defeating cyberattacks is quite challenging in CPSs. To overcome this issue, several attack-defense modeled methods have been proposed. However, few existing studies have considered the defense cost, which is usually a determinant in practice. In this paper, we propose a method for choosing optimal defense nodes that (1) can defeat specific attacks and (2) are inexpensive. First, the atom attack defense tree (A2DTree) is proposed by adding constraints to the conventional attack defense tree (ADTree). Second, the algebraic method is used to efficiently calculate the minimum defense cost. On this basis, a minimum defense cost calculation tool is designed and implemented. Finally, the effectiveness of the proposed method is verified with two typical case studies, and a comparative experiment of related work is carried out. The results show that the method can correctly and efficiently identify the optimal defense nodes and calculate the minimum defense cost of a CPS.
Highlights
Cyberphysical systems (CPSs) are complex systems that use modern sensor, computing, and network technologies to achieve computation, communication, and control (3C) integration
The CPS has been widely recognized as the core technology for promoting the development of Industry 4.0, and it has been successfully applied to control systems in industries such as electricity, medical treatment, transportation, water supply, and natural gas [1, 2]
We propose a method for choosing CPS defense devices by considering the defense cost
Summary
Cyberphysical systems (CPSs) are complex systems that use modern sensor, computing, and network technologies to achieve computation, communication, and control (3C) integration. Since information technologies are deeply used and the communications between various components are mainly achieved through a network, CPSs are vulnerable to cyberattacks [4,5,6]. Due to the high coupling between physical and network components in CPSs, cyberattacks can trigger physical component failures that have severe consequences, such as environmental pollution, property losses, and even casualties [7, 8]. In 2015, the Ukrainian power network suffered a spearphishing attack [9]. Hackers used Microsoft Office files containing malicious macros as the attack vector to clear supervisory control and data acquisition (SCADA) system data, resulting in approximately 700,000 residential users in western Ukraine losing power for hours
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
