On ICS Cybersecurity Assessment with the Help of Delay Calculation

Abstract

Abstract Today, cybersecurity is a well-known concept systematically manipulated in the context of corporative and personal life. Many stormy debates on reducing cyberthreats are sparked off in every single IT security event. A multitude of techniques for preventing cyberattacks are utilized daily. However, most of these cyber considerations and appropriate methods are hyper-focused on threats and attacks themselves and have very little concern about how to make an adequate quantitative cybersecurity estimation. The article presents a mathematically valid approach for the cybersecurity assessment. Unlike the majority of cybersecurity analyses considering globally connected devices, the presented solution deals with industrial control systems and their local area networks and does not regard the Internet. Demonstrating availability as the most critical property of cybersecurity in the control system context and carrying out a survey of availability definitions, the IEC 62443 availability interpretation is elected as the most suitable for the quantitative evaluation. A delay of the signal transmission from a source to a receiver is used as a measure of the assessment. For calculations, a theory of deterministic queueing systems Network calculus is utilized. Two issues associated with delays are raised in the article. The first one, when the arrival flow is known, a standard technique for the delay calculation can be used. The second, when the arrival flow is unavailable, a delay calculation from a backlog bound can be carried out. The first technique helps to solve the general problem of how potential cyberattacks affect system availability, and the second, the problem of process scheduling.