Communications, Information, and Cyber Security in Systems-of-Systems: Assessing the Impact of Attacks through Interdependency Analysis

Abstract

The analysis of risks associated with communications, and information security for a system-of-systems is a challenging endeavor. This difficulty is due to the complex interdependencies that exist in the communication and operational dimensions of the system-of-systems network, where disruptions on nodes and links can give rise to cascading failure modes. In this paper, we propose the modification of a functional dependency analysis tool, as a means of analyzing system-of-system operational and communication architectures. The goal of this research is to quantify the impact of attacks on communications, and information flows on the operability of the component systems, and to evaluate and compare different architectures with respect to their reliability and robustness under attack. Based on the topology of the network, and on the properties of the dependencies, our method quantifies the operability of each system as a function of the availability and correctness of the required input, and of the operability of the other systems in the network. The model accounts for partial capabilities and partial degradation. Robustness of the system-of-systems is evaluated in terms of its capability to maintain an adequate level of operability following a disruption in communications. Hence, different architectures can be compared based on their sensitivity to attacks, and the method can be used to guide decision both in architecting the system-of-systems and in planning updates and modifications, accounting for the impact of interdependencies on the robustness of the system-of-systems. Synthetic examples show conceptual application of the method.