HESTIA: Adversarial Modeling and Risk Assessment for CPCS

Abstract

Due to the characteristics and connectivity of today’s Cyber-Physical Control Systems (CPCS) and critical infrastructures, cyber-attacks on these systems are currently difficult to prevent in an efficient and sustainable manner. Prevention and mitigation need accurate identification and evaluation of: system vulnerabilities, likely threats and attacks, and applicable hardening measures. Furthermore, the ability to prioritize hardening measures based on accurate assessments of threat risk and consequence and mitigation availability, applicability, and cost is also needed. To address this challenge we created HESTIA: High-level and Extensible System for Training and Infrastructure risk Assessment. In this paper, we describe the latest architecture and working principles of HESTIA. When fully developed, the HESTIA process and tool-set will enable CPCS engineers to, iteratively: 1) specify a CPCS, 2) select applicable attacks and hardening measures from a library, 3) check specifications for consistency and applicability, and 4) merge attack and hardening specifications into a new CPCS model. In addition, we add support for device specification templates. HESTIA enables the discovery of attack-defend scenarios through simulation and the design of optimal hardening strategies for a given CPCS. This paper is a shortened and updated version of a journal article entitled An architecture for HESTIA to appear in the International Journal of Internet of Things and Cyber-Assurance.