Combining Bayesian Networks and Fishbone Diagrams to Distinguish Between Intentional Attacks and Accidental Technical Failures

Because of modern societies’ dependence on industrial control systems, adequate response to system failures is essential. In order to take appropriate measures, it is crucial for operators to be able to distinguish between intentional attacks and accidental technical failures. However, adequate decision support for this matter is lacking. In this paper, we use Bayesian Networks (BNs) to distinguish between intentional attacks and accidental technical failures, based on contributory factors and observations (or test results). To facilitate knowledge elicitation, we use extended fishbone diagrams for discussions with experts, and then translate those into the BN formalism. We demonstrate the methodology using an example in a case study from the water management domain.

[1]  Xinming Qian,et al.  Analysis and assessment of the Qingdao crude oil vapor explosion accident: Lessons learnt , 2015 .

[2]  Mayur S. Desai,et al.  Using a Fishbone Diagram to Develop Change Management Strategies to Achieve First-Year Student Persistence , 2013 .

[3]  R. Peter Jones,et al.  Probability based vehicle fault diagnosis: Bayesian network method , 2008, J. Intell. Manuf..

[4]  Jian Hui Liu,et al.  Application of BN in the Fault Diagnosis of Brake Failure System , 2014 .

[5]  Göran Grimvall Risks in technological systems , 2010 .

[6]  Florian Skopik,et al.  Smart Grid Security : Innovative Solutions for a Modernized Grid , 2015 .

[7]  Joel J. P. C. Rodrigues,et al.  A preeclampsia diagnosis approach using Bayesian networks , 2016, 2016 IEEE International Conference on Communications (ICC).

[8]  Domenico Cotroneo,et al.  Identifying Compromised Users in Shared Computing Infrastructures: A Data-Driven Bayesian Network Approach , 2011, 2011 IEEE 30th International Symposium on Reliable Distributed Systems.

[9]  Jill L. King,et al.  Computer-assisted diagnosis of breast cancer using a data-driven Bayesian belief network , 1999, Int. J. Medical Informatics.

[10]  Judea Pearl,et al.  Bayesian Networks , 1998, Encyclopedia of Social Network Analysis and Mining. 2nd Ed..

[11]  P Haddawy,et al.  Construction of a Bayesian network for mammographic diagnosis of breast cancer , 1997, Comput. Biol. Medicine.

[12]  M. Westcott,et al.  Development and validation of a Bayesian network for the differential diagnosis of anterior uveitis , 2016, Eye.

[13]  Daniel Nikovski,et al.  Constructing Bayesian Networks for Medical Diagnosis from Incomplete and Partially Correct Statistics , 2000, IEEE Trans. Knowl. Data Eng..

[14]  K. P. Chow,et al.  Analysis of the Digital Evidence Presented in the Yahoo! Case , 2009, IFIP Int. Conf. Digital Forensics.

[15]  Mohamed Endi,et al.  Three-layer PLC/SCADA system Architecture in process automation and data monitoring , 2010, 2010 The 2nd International Conference on Computer and Automation Engineering (ICCAE).

[16]  Max Henrion Practical issues in constructing a Bayes belief network , 1988, Int. J. Approx. Reason..

[17]  Tyson Macaulay,et al.  Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS , 2011 .

[18]  Guifen Chen,et al.  Bayesian Network and its Application in Maize Diseases Diagnosis , 2007, CCTA.

[19]  Mohammad Mansour Riahi Kashani,et al.  Bayesian network modeling for diagnosis of social anxiety using some cognitive-behavioral factors , 2013, Network Modeling Analysis in Health Informatics and Bioinformatics.

[20]  Frank W. Guldenmund,et al.  The bowtie method: a review , 2016 .

[21]  Stefano Peluso,et al.  Convergence and Mixing in Markov Chain Monte Carlo: Advanced Algorithms and Latest Developments , 2015 .

[22]  Chun Hua Zhao,et al.  Analysis of Accident Safety Risk of Tower Crane Based on Fishbone Diagram and the Analytic Hierarchy Process , 2011 .

[23]  Carmen Nadia Ciocoiu,et al.  APPLICATION OF FISHBONE DIAGRAM TO DETERMINE THE RISK OF AN EVENT WITH MULTIPLE CAUSES , 2010 .

[24]  Kevin B. Korb,et al.  Bayesian Artificial Intelligence, Second Edition , 2010 .

[25]  Gabriel Vasile,et al.  Bayesian network model for diagnosis of psychiatric diseases , 2009, Proceedings of the ITI 2009 31st International Conference on Information Technology Interfaces.

[26]  Hanna Wasyluk,et al.  Extension of the HEPAR II Model to Multiple-Disorder Diagnosis , 2000, Intelligent Information Systems.

[27]  Amjad Ali,et al.  Securing information systems in airports: A practical approach , 2011, 2011 International Conference for Internet Technology and Secured Transactions.

[28]  Cindy Irwin,et al.  Cause-and-effect analysis of risk management files to assess patient care in the emergency department. , 2004, Academic emergency medicine : official journal of the Society for Academic Emergency Medicine.

[29]  Ju An Wang,et al.  Vulnerability categorization using Bayesian networks , 2010, CSIIRW '10.

[30]  Daniel Zelterman,et al.  Bayesian Artificial Intelligence , 2005, Technometrics.

[31]  Kam-Pui Chow,et al.  Reasoning About Evidence Using Bayesian Networks , 2012, IFIP Int. Conf. Digital Forensics.

[32]  Wolter Pieters,et al.  Integrated Safety and Security Risk Assessment Methods: A Survey of Key Characteristics and Applications , 2016, CRITIS.

[33]  Göran Grimvall,et al.  Introduction: the Global Risk Arena, Technological Systems and This Book , 2010 .

[34]  O. Kipersztok,et al.  Evidence-based Bayesian networks approach to airplane maintenance , 2002, Proceedings of the 2002 International Joint Conference on Neural Networks. IJCNN'02 (Cat. No.02CH37290).

[35]  Wolter Pieters,et al.  Bayesian Network Models in Cyber Security: A Systematic Review , 2017, NordSec.

[36]  A. Mark Doggett,et al.  Root Cause Analysis: A Framework for Tool Selection , 2005 .

[37]  Ron S. Kenett,et al.  Encyclopedia of statistics in quality and reliability , 2007 .

[38]  David Hutchison,et al.  A survey of cyber security management in industrial control systems , 2015, Int. J. Crit. Infrastructure Prot..

[39]  Joseph G. Voelkel,et al.  Guide to Quality Control , 1982 .

[40]  D. Thompson,et al.  Construction of Bayesian networks for diagnostics , 2000, 2000 IEEE Aerospace Conference. Proceedings (Cat. No.00TH8484).