Abstract
Cybersecurity protection becomes an essential requirement for industrial production systems, while industrial production systems are moving from isolation to interconnection with the development of information and communication technology. Dynamic risk assessment plays an important role in cybersecurity protection, providing the real-time security situation to the industrial production systems managers. Currently, few researches in this domain focus on the physical process of industrial production systems, let alone considering the combination of attack propagation in cyber space and the abnormal events happening in physical space for risk assessment. In this article, an extended multilevel flow model-based dynamic risk assessment approach for industrial production systems is proposed, where the extended multilevel flow model models the production process graphically and describes the relationships among devices, functions, and flows quantitatively. Based on the extended multilevel flow model of industrial production systems, a Bayesian network is built to analyze the attack propagation over time, and the consequences of cyber attack in production process are assessed quantitatively. Some simulations on a chemical process system are carried out to verify the effectiveness of the proposed approach. The results demonstrate that this approach can assess the dynamic cybersecurity risk of industrial production systems in a quantitative way.
Highlights
Cybersecurity risk in Industrial production systems (IPSs)The structure of typical IPSs is shown in Figure 1, where the control center connects the subprocess control systems via communication link, collecting information for data analysis and coordinating all the subprocess control systems
Assume that the output of Fi is the input of Fi + 1, an algorithm shown as Algorithm 3 is provided to analyze the IPSs production capacity fs and serious incidents es when the IPS is under a control strategy sn, where sn is a value of s and represents a control strategy tampered by attackers. t0 + Dt is the time when the hazard states of first production subprocess happen, t0 + lDt means the time when the system is repaired by engineers
Based on the above works, a three-layer Bayesian network is built to infer the probabilities of the compromised control strategies, where the attack layer describes the relationships among different atomic attacks a and this model can be obtained through;[12] the information layer and control strategy layer are modeled based on the Figure 8, which are discussed in section ‘‘Probability inference for control strategies.’’
Summary
2. Based on the above steps, the supported functions set and structure matrix of each flows are provided, and the flow parameters are obtained by the input and output of production subprocess or its control system. Assume that the output of Fi is the input of Fi + 1, an algorithm shown as Algorithm 3 is provided to analyze the IPSs production capacity fs and serious incidents es when the IPS is under a control strategy sn, where sn is a value of s and represents a control strategy tampered by attackers. Based on the above works, a three-layer Bayesian network is built to infer the probabilities of the compromised control strategies, where the attack layer describes the relationships among different atomic attacks a and this model can be obtained through;[12] the information layer and control strategy layer are modeled based on the Figure 8, which are discussed in section ‘‘Probability inference for control strategies.’’
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
