Assessing IoT enabled cyber-physical attack paths against critical systems

Abstract

Internet of Things (IoT) increase the interconnectivity and interoperability of systems in various critical sectors, such as industrial control, healthcare and smart transportation systems. At the same time, as IoT technologies enable systems to interact both in cyber and physical ways, they also act as enablers of complex attack paths against critical systems. In this paper we propose a novel risk-based methodology for identifying and assessing IoT-enabled attack paths against critical cyber-physical systems. While the majority of existing approaches focus on cyber system connectivity only, the proposed methodology models both cyber and physical interactions. In comparison to existing cyber physical approaches that grow exponentially, our approach is significantly more efficient, by utilizing an attack tree topology; the critical system is set as the root (target) of an attack tree that is recursively build, based on the identified cyber-physical system interactions. Our methodology uses well-known building blocks such Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and threat modeling. Furthermore,we significantly reduce false positives by prioritizing the identified attack paths in a risk manner, which, in turn, can assist decision makers in effectively mitigating multi-hop attack paths. To validate our methodology, we developed a proof-of-concept implementation and tested it using a realistic scenario from the healthcare sector. Our results show that the proposed methodology can efficiently identify and assess hidden and/or underestimated cyber physical attack paths.