City Research Online

Quantitative Evaluation of the Efficacy of Defence-in-Depth in Critical Infrastructures

Netkachov, O., Popov, P. T. ORCID: 0000-0002-3434-5272 and Salako, K. (2019). Quantitative Evaluation of the Efficacy of Defence-in-Depth in Critical Infrastructures. In: Resilience of Cyber-Physical Systems. (pp. 89-121). Berlin, Germany: Springer International Publishing. ISBN 978-3-319-95597-1

Abstract

This chapter reports on a model-based approach to assessing cyber-risks in a cyber-physical system (CPS), such as power-transmission systems. We demonstrate that quantitative cyber-risk assessment, despite its inherent difficulties, is feasible. In this regard: i) we give experimental evidence (using Monte-Carlo simulation) showing that the losses from a specific cyber-attack type can be established accurately using an abstract model of cyber-attacks – a model constructed without taking into account the details of the specific attack used in the study; ii) we establish the benefits from deploying defence-in-depth (DiD) against failures and cyber-attacks for two types of attackers: a) an attacker unaware of the nature of DiD, and b) an attacker who knows in detail the DiD they face in a particular deployment, and launches attacks sufficient to defeat DiD. This study provides some insight into the benefits of combining design-diversity – to harden some of the protection devices in a CPS – with periodic “proactive recovery” of protection devices. The results are discussed in the context of making evidence-based decisions about maximising the benefits from DiD in a particular CPS.

Publication Type: Book Section
Publisher Keywords: stochastic models, defence-in-depth, power transmission system, adversary model, cyber-attacks, NORDIC-32, IEC 61850
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Departments: School of Mathematics, Computer Science & Engineering > Computer Science > Software Reliability
URI: http://openaccess.city.ac.uk/id/eprint/21559
[img] Text - Accepted Version
This document is not freely accessible until 26 January 2021 due to copyright restrictions.

To request a copy, please use the button below.

Request a copy

Export

Downloads

Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login