A Complex Network-Based Critical Node Identification Method for Industrial Control Systems Using Range of Failure Impacts

Critical node identification of Industrial Control System (ICS) can theoretically identify key components and help to allocate security protection resources reasonably. However, traditional critical node identification algorithms are difficult to adapt to the current security defense requirements. In this paper, we propose a critical node identification method adapted to the safety requirements of an ICS. In simulations, we use the Tennessee Eastman Process (TEP) as an example to test and analyze our critical node identification algorithm. The simulation results show that our algorithm can obtain criticality ranking results that meet the theoretical expectations. Moreover, the attack results on the TEP testbed show that the criticality ranking results obtained by our algorithm is 25% higher than that by the contrast algorithm.

[1]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[2]  Stefano Panzieri,et al.  Finding critical nodes in infrastructure networks , 2017, Int. J. Crit. Infrastructure Prot..

[3]  Panos M. Pardalos,et al.  Detecting critical nodes in sparse graphs , 2009, Comput. Oper. Res..

[4]  Seth Blumsack,et al.  A Centrality Measure for Electrical Networks , 2008, Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008).

[5]  E. F. Vogel,et al.  A plant-wide industrial process control problem , 1993 .

[6]  Sigurd Skogestad,et al.  Plantwide control: the search for the self-optimizing control structure , 2000 .

[7]  Sigurd Skogestad,et al.  Self-optimizing control of a large-scale plant: The Tennessee Eastman process , 2001 .

[8]  M. Cheng,et al.  A game theory approach to vulnerability analysis: Integrating power flows with topological analysis , 2016 .

[9]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[10]  C. Hwang,et al.  Fuzzy Multiple Attribute Decision Making Methods , 1992 .

[11]  Enrico Pons,et al.  A perspective overview of topological approaches for vulnerability analysis of power transmission grids , 2015, Int. J. Crit. Infrastructures.

[12]  Ludovic Piètre-Cambacédès,et al.  A survey of approaches combining safety and security for industrial control systems , 2015, Reliab. Eng. Syst. Saf..