A comprehensive Network Security Risk Model for process control networks.

The risk of cyber attacks on process control networks (PCN) is receiving significant attention due to the potentially catastrophic extent to which PCN failures can damage the infrastructures and commodity flows that they support. Risk management addresses the coupled problems of (1) reducing the likelihood that cyber attacks would succeed in disrupting PCN operation and (2) reducing the severity of consequences in the event of PCN failure or manipulation. The Network Security Risk Model (NSRM) developed in this article provides a means of evaluating the efficacy of candidate risk management policies by modeling the baseline risk and assessing expectations of risk after the implementation of candidate measures. Where existing risk models fall short of providing adequate insight into the efficacy of candidate risk management policies due to shortcomings in their structure or formulation, the NSRM provides model structure and an associated modeling methodology that captures the relevant dynamics of cyber attacks on PCN for risk analysis. This article develops the NSRM in detail in the context of an illustrative example.

[1]  Yacov Y. Haimes,et al.  Journal of Homeland Security and Emergency Management A Roadmap for Quantifying the Efficacy of Risk Management of Information Security and Interdependent , 2011 .

[2]  Cynthia A. Phillips,et al.  A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[3]  T. Basar,et al.  A game theoretic approach to decision and analysis in network intrusion detection , 2003, 42nd IEEE International Conference on Decision and Control (IEEE Cat. No.03CH37475).

[4]  James H. Lambert,et al.  Reducing vulnerability of water supply systems to attack , 1998 .

[5]  Jeannette M. Wing,et al.  Game strategies in network security , 2005, International Journal of Information Security.

[6]  Yacov Y. Haimes,et al.  Total Risk Management , 1991 .

[7]  Miles A. McQueen,et al.  Time-to-Compromise Model for Cyber Risk Reduction Estimation , 2006, Quality of Protection.

[8]  Y. Haimes,et al.  Leontief-Based Model of Risk in Complex Interconnected Infrastructures , 2001 .

[9]  Willa K. Ehrlich,et al.  Application of software reliability modeling to product quality and test process , 1990, [1990] Proceedings. 12th International Conference on Software Engineering.

[10]  Yacov Y. Haimes,et al.  Are we forgetting the risks of information technology? , 2000, Computer.

[11]  Yacov Y. Haimes,et al.  Hierarchical Holographic Modeling , 1981, IEEE Transactions on Systems, Man, and Cybernetics.

[12]  John N. Tsitsiklis,et al.  An Analysis of Stochastic Shortest Path Problems , 1991, Math. Oper. Res..

[13]  Do Le Paul Minh,et al.  Applied Probability Models , 2000 .

[14]  S. Kaplan,et al.  On The Quantitative Definition of Risk , 1981 .

[15]  Yacov Y Haimes,et al.  Risk Filtering, Ranking, and Management Framework Using Hierarchical Holographic Modeling , 2002, Risk analysis : an official publication of the Society for Risk Analysis.

[16]  Barry M. Horowitz,et al.  Journal of Homeland Security and Emergency Management Adaptive Two-Player Hierarchical Holographic Modeling Game for Counterterrorism Intelligence Analysis , 2011 .

[17]  Joost R. Santos,et al.  Modeling the Demand Reduction Input‐Output (I‐O) Inoperability Due to Terrorism of Interconnected Infrastructures * , 2004, Risk analysis : an official publication of the Society for Risk Analysis.

[18]  Yacov Y. Haimes,et al.  Multiobjective Decision Making: Theory and Methodology , 1983 .

[19]  Makis Stamatelatos,et al.  Fault tree handbook with aerospace applications , 2002 .

[20]  Mehmet Sahinoglu,et al.  Compound-Poisson Software Reliability Model , 1992, IEEE Trans. Software Eng..

[21]  Y. Haimes Risk Modeling, Assessment, and Management: Haimes/Risk Modeling, Assessment 2e , 2005 .

[22]  T. Basar,et al.  A game theoretic analysis of intrusion detection in access control systems , 2004, 2004 43rd IEEE Conference on Decision and Control (CDC) (IEEE Cat. No.04CH37601).

[23]  E. Byres,et al.  The Use of Attack Trees in Assessing Vulnerabilities in SCADA Systems , 2004 .

[24]  Miles A. McQueen,et al.  Quantitative Cyber Risk Reduction Estimation Methodology for a Small SCADA Control System , 2006, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).

[25]  Yacov Y. Haimes,et al.  Risk modeling, assessment, and management , 1998 .