Extended multilevel flow model-based dynamic risk assessment for cybersecurity protection in industrial production systems

Cybersecurity protection becomes an essential requirement for industrial production systems, while industrial production systems are moving from isolation to interconnection with the development of information and communication technology. Dynamic risk assessment plays an important role in cybersecurity protection, providing the real-time security situation to the industrial production systems managers. Currently, few researches in this domain focus on the physical process of industrial production systems, let alone considering the combination of attack propagation in cyber space and the abnormal events happening in physical space for risk assessment. In this article, an extended multilevel flow model-based dynamic risk assessment approach for industrial production systems is proposed, where the extended multilevel flow model models the production process graphically and describes the relationships among devices, functions, and flows quantitatively. Based on the extended multilevel flow model of industrial production systems, a Bayesian network is built to analyze the attack propagation over time, and the consequences of cyber attack in production process are assessed quantitatively. Some simulations on a chemical process system are carried out to verify the effectiveness of the proposed approach. The results demonstrate that this approach can assess the dynamic cybersecurity risk of industrial production systems in a quantitative way.

[1]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[2]  Wei Liang,et al.  A novel failure mode analysis model for gathering system based on Multilevel Flow Modeling and HAZOP , 2013 .

[3]  Jan Eric Larsson,et al.  Diagnosis Based on Explicit Means-End Models , 1996, Artif. Intell..

[4]  Robin Smith,et al.  Chemical Process: Design and Integration , 2005 .

[5]  F. Downton,et al.  Introduction to Mathematical Statistics , 1959 .

[6]  Yacov Y Haimes,et al.  A comprehensive Network Security Risk Model for process control networks. , 2009, Risk analysis : an official publication of the Society for Risk Analysis.

[7]  Bart Baesens,et al.  Toward Comprehensible Software Fault Prediction Models Using Bayesian Network Classifiers , 2013, IEEE Transactions on Software Engineering.

[8]  S. Kaplan,et al.  On The Quantitative Definition of Risk , 1981 .

[9]  Richard Piggin Cyber security trends: What should keep CEOs awake at night , 2016, Int. J. Crit. Infrastructure Prot..

[10]  Rohani Mohd Zin,et al.  Process Modelling of Combined Degumming and Bleaching in Palm Oil Refining Using Artificial Neural Network , 2010 .

[11]  Ming Yang,et al.  Implementation of an integrated real-time process surveillance and diagnostic system for nuclear power plants , 2016 .

[12]  G. Manimaran,et al.  Cybersecurity for Critical Infrastructures: Attack and Defense Modeling , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[13]  J. J. Klemeš,et al.  An algebraic approach to identifying bottlenecks in linear process models of multifunctional energy systems , 2012, Theoretical Foundations of Chemical Engineering.

[14]  Kevin Jones,et al.  A review of cyber security risk assessment methods for SCADA systems , 2016, Comput. Secur..

[15]  Naixue Xiong,et al.  Asset-Based Dynamic Impact Assessment of Cyberattacks for Risk Analysis in Industrial Control Systems , 2018, IEEE Transactions on Industrial Informatics.

[16]  Naixue Xiong,et al.  Design and Analysis of Multimodel-Based Anomaly Intrusion Detection Systems in Industrial Process Automation , 2015, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[17]  Sushil Jajodia,et al.  Measuring network security using dynamic bayesian network , 2008, QoP '08.

[18]  Jian Guan,et al.  Chapter 4 – A Digraph Model for Risk Identification and Management in SCADA Systems , 2013 .

[19]  Nima Khakzad,et al.  Safety analysis in process facilities: Comparison of fault tree and Bayesian network approaches , 2011, Reliab. Eng. Syst. Saf..

[20]  Michel Dagenais,et al.  ARITO: Cyber-attack response system using accurate risk impact tolerance , 2013, International Journal of Information Security.

[21]  Jean-Marie Flaus,et al.  A safety/security risk analysis approach of Industrial Control Systems: A cyber bowtie - combining new version of attack tree with bowtie analysis , 2018, Comput. Secur..

[22]  Franck Guarnieri,et al.  A Simplified Approach to Risk Assessment Based on System Dynamics: An Industrial Case Study , 2016, Risk analysis : an official publication of the Society for Risk Analysis.

[23]  Karl Henrik Johansson,et al.  Secure Control Systems: A Quantitative Risk Management Approach , 2015, IEEE Control Systems.

[24]  Naixue Xiong,et al.  Multimodel-Based Incident Prediction and Risk Assessment in Dynamic Cybersecurity Protection for Industrial Control Systems , 2016, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[25]  Marzouk Benali,et al.  Dynamic multiobjective optimization of large-scale industrial production systems: An emerging strategy , 2007 .

[26]  Béla Genge,et al.  A system dynamics approach for assessing the impact of cyber attacks on critical infrastructures , 2015, Int. J. Crit. Infrastructure Prot..

[27]  Indrajit Ray,et al.  Dynamic Security Risk Management Using Bayesian Attack Graphs , 2012, IEEE Transactions on Dependable and Secure Computing.

[28]  Martin T. Hagan,et al.  Gauss-Newton approximation to Bayesian learning , 1997, Proceedings of International Conference on Neural Networks (ICNN'97).

[29]  Nima Khakzad,et al.  Dynamic safety assessment of natural gas stations using Bayesian network. , 2017, Journal of hazardous materials.

[30]  Siddharth Sridhar,et al.  Cyber–Physical System Security for the Electric Power Grid , 2012, Proceedings of the IEEE.

[31]  Gunther Reinhart,et al.  A holistic approach for the cognitive control of production systems , 2010, Adv. Eng. Informatics.

[32]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[33]  Aysegul Aksoy,et al.  Modeling of the activated sludge process by using artificial neural networks with automated architecture screening , 2008, Comput. Chem. Eng..