Enhancing attack resilience of cyber-physical systems through state dependency graph models

Abstract

AbstractThis paper presents a method that utilizes graph theory and state modelling algorithms to perform automatic complexity analysis of the architecture of cyber-physical systems (CPS). It describes cyber physical systems risk assessment (CPSRA), a tool to provide automatic decision support for enhancing the overall resilience of CPS architectures often used in critical infrastructures. CPRSA is built to enhance industrial risk assessment and improve the resilience of CPS architecture against malicious attacks on the cyber domain that can affect industrial processes, which is critical in a distributed cyber environment. Such attacks often compromise execution states on physical components and lead to hazards or even disasters through plant malfunction. CPSRA is tested against a real-world testbed model of a large SCADA system that is infused with real-world CVE vulnerabilities in some of its components. The tool creates an isomorphic graph of the CPS process model and uses graph algorithms and network analytics on the model to test cyber-attacks and evaluate attack resilience aspects. The tool’s output is then used to pinpoint high-complexity components in terms of influence on the overall CPS architecture and suggest mitigation points for security measure implementation while considering every potential subattack path and subliminal path on the model’s attack graph. The paper complements standardized assessment reports and contributes to automatic architecture assessment for critical infrastructure environments and can be used as the basis to model dependencies and threat propagation in larger digital twins, a need outlined in major NIST publications concerning the security of industrial systems that was previously done manually, without automatic insight into state and vulnerability influences.