Abstract
In certain critical infrastructures, correlations between cyber and physical components can be exploited to launch strategic attacks, so that disruptions to one component may affect others and possibly the entire infrastructure. Such correlations must be explicitly taken into account in ensuring the survival of the infrastructure. For large discrete infrastructures characterized by the number of cyber and physical components, we characterize the cyber–physical interactions at two levels: (i) the cyber–physical failure correlation function specifies the conditional survival probability of the cyber sub-infrastructure given that of the physical sub-infrastructure (both specified by their marginal probabilities), and (ii) individual survival probabilities of both sub-infrastructures are characterized by first-order differential conditions expressed in terms of their multiplier functions. We formulate an abstract problem of ensuring the survival probability of a cyber–physical infrastructure with discrete components as a game between the provider and attacker, whose utility functions are composed of infrastructure survival probability terms and cost terms, both expressed in terms of the number of components attacked and reinforced. We derive Nash equilibrium conditions and sensitivity functions that highlight the dependence of infrastructure survival probability on cost terms, correlation functions, multiplier functions, and sub-infrastructure survival probabilities. We apply these analytical results to characterize the defense postures of simplified models of metro systems, cloud computing infrastructures, and smart power grids.
Highlights
The operation of critical infrastructures such as metro systems, smart power grids, high-performance computing complexes, and cloud computing infrastructures requires the continued functioning of cyber components such as signals, servers, supervisory control and data acquisition (SCADA) systems, routers, and switches, and physical components such as tracks, power lines, fiber lines, cooling systems, and power systems
Since we focus on the smooth running of the trains, it is more instructive to carry out the analysis in terms of the failure correlation function g( PC, PP ) = PP|C
We studied a class of infrastructures characterized by the number of discrete components that can be disrupted by either cyber or physical attacks, and are protected by cyber and physical reinforcements
Summary
The operation of critical infrastructures such as metro systems, smart power grids, high-performance computing complexes, and cloud computing infrastructures requires the continued functioning of cyber components such as signals, servers, supervisory control and data acquisition (SCADA) systems, routers, and switches, and physical components such as tracks, power lines, fiber lines, cooling systems, and power systems. We consider that PC and PP satisfy first-order differential conditions based on the multiplier functions [1] of cyber and physical sub-infrastructures, denoted by ΛC and Λ P , respectively, which are derived based on their component-level considerations Together, these two characterizations [2,3] generalize the linearity and statistical independence conditions used in previous works [4,5] for this class of infrastructures with discrete cyber and physical components. NL number of trains running on a line, or the number of sensors connected using a communication node
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
