Skip to main content
SpringerLink
Log in

An Attacker Modeling Framework for the Assessment of Cyber-Physical Systems Security

  • Conference paper
  • First Online:
Computer Safety, Reliability, and Security (SAFECOMP 2020)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 12234))

Included in the following conference series:

Abstract

Characterizing attacker behavior with respect to Cyber-Physical Systems is important to assuring the security posture and resilience of these systems. Classical cyber vulnerability assessment approaches rely on the knowledge and experience of cyber-security experts to conduct security analyses and can be inconsistent where the experts’ knowledge and experience are lacking. This paper proposes a flexible attacker modeling framework that aids in the security analysis process by simulating a diverse set of attacker behaviors to predict attack progression and provide consistent system vulnerability analysis. The model proposes an expanded architecture of vulnerability databases to maximize its effectiveness and consistency in detecting CPS vulnerabilities while being compatible with existing vulnerability databases. The model has the power to be implemented and simulated against an actual or virtual CPS. Execution of the attacker model is demonstrated against a simulated industrial control system architecture, resulting in a probabilistic prediction of attacker behavior.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. SysML Open Source Project. https://sysml.org/

  2. CWE - Common Weakness Enumeration (2018). https://cwe.mitre.org/index.html

  3. CPE - Common Platform Enumeration (2019). https://nvd.nist.gov/products/cpe

  4. ATT&CK for Industrial Control Systems. In: MITRE (2020). https://doi.org/10.1109/isie.2010.5636886, https://collaborate.mitre.org/attackics/index.php/

  5. Adepu, S., Mathur, A.: Generalized attacker and attack models for cyber physical systems. In: Proceedings - International Computer Software and Applications Conference, vol. 1, pp. 283–292. IEEE Computer Society (8 2016). https://doi.org/10.1109/COMPSAC.2016.122

  6. Bakirtzis, G., Simon, B.J., Collins, A.G., Fleming, C.H., Elks, C.R.: Data-driven vulnerability exploration for design phase system analysis. IEEE Syst. J. https://doi.org/10.1109/JSYST.2019.2940145

  7. Carin, L., Cybenko, G., Hughes, J.: Quantitative Evaluation of Risk for Investment Efficient Strategies in Cybersecurity: The QuERIES Methodology. Duke University, Technical Report (2008)

    Google Scholar 

  8. Chen, Y., Hong, J., Liu, C.C.: Modeling of intrusion and defense for assessment of cyber security at power substations. IEEE Trans. Smart Grid 9(4), 2541–2552 (2018). https://doi.org/10.1109/TSG.2016.2614603

    Article  Google Scholar 

  9. Ekelhart, A., Kiesling, E., Grill, B., Strauss, C., Stummer, C.: Integrating attacker behavior in IT security analysis: a discrete-event simulation approach. Inf. Technol. Manag. 16(3), 221–233 (2015). https://doi.org/10.1007/s10799-015-0232-6

    Article  Google Scholar 

  10. Heckman, R.: Attacker Classification to Aid Targeting Critical Systems for Threat Modelling and Security Review. Technical Report, ROCKYH (2005)

    Google Scholar 

  11. Knowles, W., Prince, D., Hutchison, D., Disso, J.F.P., Jones, K.: A survey of cyber security management in industrial control systems. Int. J. Crit. Infrastruct. Prot. 9, 52–80 (2015). https://doi.org/10.1016/j.ijcip.2015.02.002, https://www.sciencedirect.com/science/article/pii/S1874548215000207

  12. Kriaa, S., Bouissou, M., Piètre-Cambacédès, L.: Modeling the stuxnet attack with BDMP: towards more formal risk assessments. In: 7th International Conference on Risks and Security of Internet and Systems, CRiSIS 2012 (2012). https://doi.org/10.1109/CRISIS.2012.6378942

  13. LeMay, E., Ford, M.D., Keefe, K., Sanders, W.H., Muehrcke, C.: Model-based security metrics using ADversary VIew security evaluation (ADVISE). In: Proceedings of the 2011 8th International Conference on Quantitative Evaluation of Systems, QEST 2011, pp. 191–200 (2011). https://doi.org/10.1109/QEST.2011.34

  14. Mili, S., Nguyen, N., Chelouah, R.: Transformation-based approach to security verification for cyber-physical systems. IEEE Syst. J. 13(4), 1–12 (2019). https://doi.org/10.1109/jsyst.2019.2923818

    Article  Google Scholar 

  15. MITRE: CVE - Common Vulnerabilities and Exposures. Common Vulnerabilities and Exposures (2016). https://doi.org/10.1016/0272-7757(91)90035-N, https://cve.mitre.org/

  16. MITRE Corporation: CAPEC - Common Attack Pattern Enumeration and Classification (CAPEC) (2011). http://www.https.com//capec.mitre.org/index.htmlcapec.mitre.org/index.html

  17. Mo, Y., et al.: Cyber-physical security of a smart grid infrastructure. Proc. IEEE 100(1), 195–209 (2012). https://doi.org/10.1109/JPROC.2011.2161428

    Article  Google Scholar 

  18. Orojloo, H., Abdollahi Azgomi, M.: Predicting the behavior of attackers and the consequences of attacks against cyber-physical systems. Secur. Commun. Netw. 9(18), 6111–6136 (2016). https://doi.org/10.1002/sec.1761

    Article  Google Scholar 

  19. Patil, S.K., Kant, R.: A fuzzy AHP-TOPSIS framework for ranking the solutions of knowledge management adoption in supply chain to overcome its barriers. Exp. Syst. Appl. 41(2), 679–693 (2014). https://doi.org/10.1016/j.eswa.2013.07.093

    Article  Google Scholar 

  20. Rocchetto, M., Tippenhauer, N.O.: On attacker models and profiles for cyber-physical systems. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 427–449. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45741-3_22

    Chapter  Google Scholar 

Download references

Acknowledgement

This research was made possible by NPRP 9-005-1-002 grant from the Qatar National Research Fund (a member of The Qatar Foundation). The statements made herein are solely the responsibility of the authors.

Author information

Authors and Affiliations

  1. Virginia Commonwealth University, Richmond, VA, 23220, USA

    Christopher Deloglos, Carl Elks & Ashraf Tantawy

Authors
  1. Christopher Deloglos
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Carl Elks
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ashraf Tantawy
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Christopher Deloglos .

Editor information

Editors and Affiliations

  1. University of Lisbon, Lisbon, Portugal

    AntĂłnio Casimiro

  2. Otto-von-Guericke University, Magdeburg, Germany

    Frank Ortmeier

  3. Thales Deutschland GmbH, Ditzingen, Germany

    Friedemann Bitsch

  4. University of Lisbon, Lisbon, Portugal

    Pedro Ferreira

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Deloglos, C., Elks, C., Tantawy, A. (2020). An Attacker Modeling Framework for the Assessment of Cyber-Physical Systems Security. In: Casimiro, A., Ortmeier, F., Bitsch, F., Ferreira, P. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2020. Lecture Notes in Computer Science(), vol 12234. Springer, Cham. https://doi.org/10.1007/978-3-030-54549-9_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-54549-9_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-54548-2

  • Online ISBN: 978-3-030-54549-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation