Abstract
Currently, preventing and mitigating cyber-attacks on cyber-physical control systems (CPCS) is a major challenge. A successful process for cyber-attack prevention and mitigation requires continuous vulnerability identification, threat modelling, risk assessment, hardening strategy design, and timely and correct implementation. These processes require a complete and detailed model of the CPCS plus knowledge of possible attacks and applicable defences. In this article, we describe the architecture of HESTIA: high-level and extensible system for training and infrastructure risk assessment. HESTIA is an iterative and adversarial-based modelling and risk assessment process and accompanying tool-set. We also describe the non-trivial design hurdles and concrete strategies for addressing these hurdles. Once fully developed, HESTIA will be able to: 1) completely specify a CPCS infrastructure; 2) check a specification for consistency; 3) identify applicable attacks and defences from a library; 4) enable the iterative execution of attack and hardening scenarios for training and risk-assessment and mitigation.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Internet of Things and Cyber-Assurance
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
