1 Introduction
1.1 Contribution
1.2 Structure
2 Related work
2.1 CPS resilience
2.2 Attack graphs for CPS resilience
3 An isomorphic process model
3.1 CPS process modeling
-
The states of the modelled system are all considered stabilizable and protected from measurement noise.
-
The linear closed-loop system (1) (2) is stable, which requires matrix A to be stable (i.e. have reproducible values) and that control input \(u(t)\) to be observable for all modelled processes.
-
The dependency graph model assumes a single initiating event (disruption) at a single component that results in cascading disruptions of states in other components inside a process flow.
3.2 Dependency paths and cumulative risks
3.3 Risk assessment input
3.4 Centrality graph metrics
4 Methodology
4.1 The three steps of our methodology
4.2 CPRSA tool
5 Use case experimentation
5.1 Reference architecture
5.2 Input assessment data and tool output
ID | Paths | Node risk | Cum. dependency risk |
---|---|---|---|
P1 | Lierda Grill Temperature Monitor 1 (Z1) -> Rockwell ControlLogix 1756-5585 PLC 1 (Z1) -> Cisco 1120 - Zone 1 -> Rockwell ControlLogix 1756-5585 PLC (Central Controller) | 4.6 | 29.11 |
P2 | Lierda Grill Temperature Monitor 1 (Z2) -> Rockwell ControlLogix 1756-5585 PLC 1 (Z2) -> Local Data server -> Cisco 1120 - Zone 2 -> Rockwell ControlLogix 1756-5585 PLC (Central Controller) | 2.0 | 26.61 |
P3 | Rockwell ControlLogix 1756-5585 PLC 1 (Z1) -> Cisco 1120 - Zone 1 -> Rockwell ControlLogix 1756-5585 PLC (Central Controller) | 4.8 | 21.15 |
P4 | IT Business Database Server -> Netgear WNR612v2 - Business Router -> SCADA App Server -> SCADA Workstations (Windows 10) | 3.8 | 20.9 |
Node | Betweeness | Closseness |
---|---|---|
Netgear WNR612v2 - Business Router | 12.50 | 0.25 |
Local Data server | 6.00 | 0.17 |
Cisco 1120 routers | 5.25 | 0.11 |
SCADA App Server | 4.00 | 0.08 |
Rockwell ControlLogix 1756-5585 | 2.50 | 0.50 |
Netgear WNR612v2—Business Router | 2.07 | 0.33 |
Cisco 1120 - Zone 2 | 1.25 | 0.28 |
Component name | CVE | Base score (Likelihood–Impact) |
---|---|---|
GE Proficy Historian | CVE-2022-46732 | 10.0 (1.0–10.0)* |
Netgear WNR612v2 Wireless Router | CVE-2023-23110 | 6.0 (0.6–8.8) |
IT Business DB Server | CVE-2008-5416 | 8.5 (0.85–10) |
IT App Server | CVE-2022-34918 | 4 (0.4–10) |
Business Workstations | CVE-2022-21922 | 7.5 (0.8–9.5) |
IT Printer | CVE-2022-23284 | 3 (0.3–9.5) |
Rockwell ControlLogix 1756-5585 PLC (Central Controller) | CVE-2020-12001 | 6.0 (1.0–6.0)* |
Cisco 1120 Connected Grid Router | CVE-2020-3426 | 9 (0.9–8.8) |
Lierda Grill Temperature | CVE-2019-15304 | 9.5 (0.95–9.5)* |