Published: April 28, 2022
Author(s)
Matthew Jablonski (GMU), Duminda Wijesekera (GMU), Anoop Singhal (NIST)
Conference
Name: The 12th ACM Conference on Data and Application Security and Privacy
Dates: 04/25/2022 - 04/27/2022
Location: Baltimore, Maryland, USA
Citation: Sat-CPS '22: Proceedings of the 2022 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems, pp. 13-20
We describe a formalized systems theoretic method for creating cyber-physical system (CPS) risk overlays that augment existing tree-based models used in CPS risk and threat analysis processes. This top-down approach objectively scopes the system's threat surface for some risk scenario consequence by analyzing its underlying control attributes and communication flows between relevant internal hardware and software sub-components. The resulting analysis should assist with the qualitative selection of causal events when utilizing attack and fault tree models, which have traditionally conducted this event selection using subjective and bottom-up methods. Objectively scoping the tree-based model analysis using a proven systems theoretic approach should also improve defensive and safety planning during the system development life cycle. We provide a control system case study using attack-defense trees and show how this approach may also be reduced to attack trees, fault trees, and attack-fault trees.
We describe a formalized systems theoretic method for creating cyber-physical system (CPS) risk overlays that augment existing tree-based models used in CPS risk and threat analysis processes. This top-down approach objectively scopes the system's threat surface for some risk scenario consequence by...
See full abstract
We describe a formalized systems theoretic method for creating cyber-physical system (CPS) risk overlays that augment existing tree-based models used in CPS risk and threat analysis processes. This top-down approach objectively scopes the system's threat surface for some risk scenario consequence by analyzing its underlying control attributes and communication flows between relevant internal hardware and software sub-components. The resulting analysis should assist with the qualitative selection of causal events when utilizing attack and fault tree models, which have traditionally conducted this event selection using subjective and bottom-up methods. Objectively scoping the tree-based model analysis using a proven systems theoretic approach should also improve defensive and safety planning during the system development life cycle. We provide a control system case study using attack-defense trees and show how this approach may also be reduced to attack trees, fault trees, and attack-fault trees.
Hide full abstract
Keywords
Security Risk Analysis; Attack Trees; Threat Surface
Control Families
None selected
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
