论文信息 - Security Evaluation of Cyber-Physical Systems Using Automatically Generated Attack Trees

Security Evaluation of Cyber-Physical Systems Using Automatically Generated Attack Trees

The security of cyber-physical systems (CPS) is often lacking. This abstract presents a methodology that performs a security evaluation of these systems by automatically generating attack trees based on the system model. The assessor can define different kinds of attackers and see how the attack tree is evaluated with respect to a specific type of attacker. Optimal attacker strategies are calculated and from here the most vulnerable elements of the system can be derived.

Bart De Decker | Vincent Naessens | Jan Vossaert | Laurens Lemaire

[1] Karen A. Scarfone,et al. Guide to Industrial Control Systems (ICS) Security , 2015 .

[2] Kevin Jones,et al. A review of cyber security risk assessment methods for SCADA systems , 2016, Comput. Secur..

[3] Edward A. Lee. Cyber Physical Systems: Design Challenges , 2008, 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC).

[4] Sanford Friedenthal,et al. A Practical Guide to SysML, Third Edition: The Systems Modeling Language , 2014 .

[5] Bart De Decker,et al. A SysML Extension for Security Analysis of Industrial Control Systems , 2014, ICS-CSR.