A Probabilistic Model to Predict the Survivability of SCADA Systems

Recent spate of cyber attacks against critical infrastructure systems, which are vital to society, have shown that in addition to be infeasible to stop every possible attack it is imperative to keep such systems running. Survivability models and tools are good to evaluate system's capacity to handling undesired events. Current survivability measurement techniques are limited, since they only use performance to model system behavior, and do not take into account service interdependencies. This paper introduces a probabilistic model that offers a new direction in measuring survivability. The proposed model solves the issues with current models by combining the formalism of Bayesian networks with information diversity. Service interdependencies are properly taken into account and the information diversity metric is used to represent service behavior. In addition, the model is evaluated through a simulation of a SCADA system, where the entire process to construct and to use the model is detailed.

[1]  H. Frank Survivability Analysis of Command and Control Communications Networks - Part II , 1974, IEEE Transactions on Communications.

[2]  A. Madansky Identification of Outliers , 1988 .

[3]  David J. Spiegelhalter,et al.  Sequential updating of conditional probabilities on directed graphical structures , 1990, Networks.

[4]  T.Y. Lin,et al.  Anomaly detection , 1994, Proceedings New Security Paradigms Workshop.

[5]  Fred J. Kaudel,et al.  Framework for network survivability performance , 1994, IEEE J. Sel. Areas Commun..

[6]  Nancy R. Mead,et al.  Survivable Network Systems: An Emerging Discipline , 1997 .

[7]  Suresh L. Konda,et al.  A Simulation Model for Managing Survivability of Networked Information Systems , 2000 .

[8]  Andrew P. Moore,et al.  Foundations for Survivable System Development: Service Traces, Intrusion Traces, and Evaluation Models , 2001 .

[9]  Somesh Jha,et al.  Survivability analysis of networked systems , 2001, Proceedings of the 23rd International Conference on Software Engineering. ICSE 2001.

[10]  Jeannette M. Wing Survivability analysis of networked systems , 2000, FORTE.

[11]  W. Bossert,et al.  The Measurement of Diversity , 2001 .

[12]  William H. Sanders,et al.  Model-based evaluation: from dependability to security , 2004, IEEE Transactions on Dependable and Secure Computing.

[13]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[14]  Wojciech Molisz Survivability function - a measure of disaster-based routing performance , 2004, IEEE Journal on Selected Areas in Communications.

[15]  Vickie R. Westmark A definition for information system survivability , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[16]  François Jammes,et al.  Service-oriented paradigms in industrial automation , 2005, IEEE Transactions on Industrial Informatics.

[17]  John Y. Hung,et al.  Denial of service attacks on network-based control systems: impact and mitigation , 2005, IEEE Transactions on Industrial Informatics.

[18]  Janusz Kolbusz,et al.  Network Traffic Model for Industrial Environment , 2005, IEEE Transactions on Industrial Informatics.

[19]  Ronald L. Krutz Securing SCADA systems , 2005 .

[20]  Yun Liu and Kishore S. Trivedi,et al.  Survivability Quantification: The Analytical Modeling Approach , 2006 .

[21]  Yuan-shun Dai Advanced Parallel And Distributed Computing: Evaluation, Improvement And Practice , 2006 .

[22]  Vinay M. Igure,et al.  Security issues in SCADA networks , 2006, Comput. Secur..

[23]  Sandip C. Patel,et al.  Securing SCADA systems , 2008, Inf. Manag. Comput. Secur..

[24]  G. Lambert-Torres,et al.  Improving a methodology to extract rules to identify attacks in power system critical infrastructure: New results , 2008, 2008 IEEE/PES Transmission and Distribution Conference and Exposition.

[25]  Kishor S. Trivedi,et al.  Network survivability modeling , 2009, Comput. Networks.

[26]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[27]  Nicholas Kyriakopoulos,et al.  A comparative analysis of network dependability, fault-tolerance, reliability, security, and survivability , 2009, IEEE Communications Surveys & Tutorials.

[28]  Nir Friedman,et al.  Probabilistic Graphical Models - Principles and Techniques , 2009 .

[29]  Andrzej M. Goscinski,et al.  Toward a Framework for Cloud Security , 2010, ICA3PP.

[30]  Joseph W. Weiss,et al.  Protecting Industrial Control Systems from Electronic Threats , 2010 .

[31]  Comparison of Embedded System Design for Industrial Applications , 2011, IEEE Transactions on Industrial Informatics.

[32]  Zahir Tari,et al.  SCADASim—A Framework for Building SCADA Simulations , 2011, IEEE Transactions on Smart Grid.

[33]  Alfredo Pironti,et al.  Formal Vulnerability Analysis of a Security System for Remote Fieldbus Access , 2011, IEEE Transactions on Industrial Informatics.

[34]  Jiankun Hu,et al.  Seamless integration of dependability and security concepts in SOA: A feedback control system based framework and taxonomy , 2011, J. Netw. Comput. Appl..

[35]  Igor Nai Fovino,et al.  A Multidimensional Critical State Analysis for Detecting Intrusions in SCADA Systems , 2011, IEEE Transactions on Industrial Informatics.

[36]  Chao Lan,et al.  Anomaly Detection , 2018, Encyclopedia of GIS.

[37]  Bir Bhanu,et al.  Dynamic Bayesian Networks for Vehicle Classification in Video , 2012, IEEE Transactions on Industrial Informatics.