论文信息 - Vulnerability Assessment of Cybersecurity for SCADA Systems Using Attack Trees

Vulnerability Assessment of Cybersecurity for SCADA Systems Using Attack Trees

By penetrating the SCADA system, an intruder may remotely operate a power system using supervisory control privileges. Hence, cybersecurity has been recognized as a major threat due to the potential intrusion to the online system. This paper proposes a methodology to evaluate the cybersecurity vulnerability using attack trees. The attack tree formulation based on power system control networks is used to evaluate the system, scenario, and leaf vulnerabilities. The measure of vulnerabilities in the power system control framework is determined based on existing cybersecurity conditions before the vulnerability indices are evaluated. After the indices are evaluated, an upper bound is imposed on each scenario vulnerability in order to determine the pivotal attack leaves that require countermeasure improvements. The proposed framework can be extended to security investment analysis.

[1] Chen-Ching Liu,et al. Multiple hypotheses and their credibility in on-line fault diagnosis , 2001 .

[2] Martin P. Loeb,et al. CSI/FBI Computer Crime and Security Survey , 2004 .

[3] Matt Bishop,et al. What Is Computer Security? , 2003, IEEE Secur. Priv..

[4] Andrew P. Moore,et al. Attack Modeling for Information Security and Survivability , 2001 .

[5] Massoud Amin. North America's Electricity Infrastructure: Are We Ready for More Perfect Storms? , 2003, IEEE Secur. Priv..

[6] G.N. Ericsson,et al. Management of information security for an electric power Utility-on security domains and use of ISO/IEC17799 standard , 2005, IEEE Transactions on Power Delivery.

[7] R. Power. CSI/FBI computer crime and security survey , 2001 .