The frequency and sophistication of manmade attacks has been increasing in the past few years. As a result, it is becoming increasingly important to identify potential attacker targets for complex facilities of critical infrastructure. Potential targets need to be identified in order to be able to provide physical protection around these targets or areas of their location. Target identification is an essential part of the physical protection design and evaluation process. Target identification or vital area identification has its roots in the security of nuclear facilities. The experience and methods are nowadays brought to other fields of critical infrastructure. Due to the increasing need for critical infrastructure protection, the authors present a novel approach and the tool TARGI to enhance the target identification process and to support complex critical infrastructure facilities in identifying their vulnerable targets. TARGI not only considers current approaches and exploits vast experience from the nuclear sector, but also provides the opportunity to enhance and simplify the whole current process of target identification using Attack Trees Analysis. To the best of our knowledge attack trees have not been previously employed in vital area identification. The greatest benefit of our research and development is its novel approach that makes it feasible to model the mutual interaction between assets and a potential threat. Other advantages include a reduction of expert error while performing assessments, fast reaction to threat changes, constructing of protection trees so that the users are able to actually see what to protect. Protection trees make it feasible to design facility protection based on a cost and other criteria analysis. TARGI is currently in the verification stage. It has been so far verified on several nuclear subsystems and an electricity transmission grid. The paper presents information about the novel method of target identification and the tool TARGI. The developed method is to be demonstrated on a practical case and will be suggested areas of where it can be applied to critical infrastructure.
[1]
Edward G. Amoroso,et al.
Fundamentals of computer security technology
,
1994
.
[2]
Chang-Kue Park,et al.
THE APPLICATION OF PSA TECHNIQUES TO THE VITAL AREA IDENTIFICATION OF NUCLEAR POWER PLANTS
,
2005
.
[3]
R.F. Mills,et al.
Using Attack and Protection Trees to Analyze Threats and Defenses to Homeland Security
,
2006,
MILCOM 2006 - 2006 IEEE Military Communications conference.
[4]
Robert J. Ellison,et al.
Attack Trees
,
2009,
Encyclopedia of Biometrics.
[5]
Sjouke Mauw,et al.
Foundations of Attack Trees
,
2005,
ICISC.
[6]
Barbara Kordy,et al.
DAG-based attack and defense modeling: Don't miss the forest for the attack trees
,
2013,
Comput. Sci. Rev..
[7]
Donnie Wayne Whitehead,et al.
Vital area identification for U.S. Nuclear Regulatory Commission nuclear power reactor licensees and new reactor applicants.
,
2008
.
[8]
Zdenek Vintr,et al.
Does appropriate software support for target identification exist?
,
2011,
2011 Carnahan Conference on Security Technology.
[9]
Jozef Ristvej,et al.
Journal of Homeland Security and Emergency Management Critical Infrastructure Protection Systems Effectiveness Evaluation
,
2011
.
[10]
Zdenek Vintr,et al.
Threat characterization in vital area identification process
,
2013,
2013 47th International Carnahan Conference on Security Technology (ICCST).