Abstract
AbstractOne of the main challenges of the security of cyber‐physical systems (CPSs) is the lack of an efficient approach to evaluate the impacts of attacks on physical processes and their probabilities of occurrence. This paper proposes a method for evaluating the security of CPSs. By using the proposed method, one can predict the attacker's preferences in attacking CPSs and study the dynamic behavior of systems under security attacks. To deal with uncertainties in attacker's decision making to conduct attacks, the attack tree structure is used and parameterized with suitable fuzzy data. In the next step, the fuzzy technique for order of preference by similarity to ideal solution method is used to evaluate the model and predict the behavior of attackers. Besides, the dynamic behavior of CPSs under attacks is investigated by using the system's process model. The output of the model is a relative estimation of the security level of system based on suitable security metrics, such as the probability of attack scenarios, the time that the process is able to operate after conducting attack before shutting down (time‐to‐shutdown), and security risks. We illustrate the effectiveness of the method by comparing it with another attack tree‐based method. Furthermore, we present two illustrative examples and estimate the defined quantitative security measures. Copyright © 2017 John Wiley & Sons, Ltd.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
