Model-Based Evaluation of the Resilience of Critical Infrastructures Under Cyber Attacks

  • Oleksandr Netkachov
  • Peter PopovEmail author
  • Kizito Salako
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8985)


In this paper we report recent results on modelling the impact of cyber-attacks on the resilience of complex industrial systems. We use a hybrid model of the system under study, in which both accidental network failures and the malicious behaviour of an Adversary are modelled stochastically, while the consequences of failures and attacks are modelled in detail using deterministic models. This modelling approach is demonstrated on a complex case study - a reference power transmission network (NORDIC 32), enhanced with a detailed model of the computer and communication network used for monitoring, protection and control compliant with the international standard IEC 61850. We studied the resilience of the modelled system under different scenarios: (i) a base-line scenario in which the modelled system operates in the presence of accidental failures without cyber-attacks; (ii) several different scenarios of cyberattacks. We discuss the usefulness of the modelling approach, of the findings, and outline directions for further work.


Critical infrastructures Power transmission network IEC 61850 Stochastic modelling 



This work was partially supported by the European Commission, under FP7 AFTER project, grant agreement number 261788 and under the Artemis JU project SESAMO, grant agreement number 295354.


  1. 1.
    Stouffer, K., Falco, J., Kent, K.: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security. NIST, p. 164 (2006)Google Scholar
  2. 2.
    Bloomfield, R.E. et al.: Preliminary Interdependency Analysis (PIA): Method and tool support. Adelard LLP, p. 56 (2010)Google Scholar
  3. 3.
    Bloomfield, R.E. et al.: Stochastic modelling of the effects of dependencies between critical infrastructures. In: Critical Information Infrastructures Security: 4th International Workshop, CRITIS, 2010, Bonn. Springer, Germany (2009)Google Scholar
  4. 4.
    Ford, M.D., et al.: Implementing the ADVISE security modeling formalism in Mobius. In: The 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). Budapest, Hungary (2013)Google Scholar
  5. 5.
    Ten, C.-W., et al.: Vulnerability assessment of cybersecurity for SCADA systems. IEEE Trans. Power Syst. 23(4), 1836–1846 (2008)CrossRefGoogle Scholar
  6. 6.
    Netkachov, O., Popov, P., Salako, K.: Quantification of the impact of cyber attack in critical infrastructures. In: Bondavalli, A., Ceccarelli, A., Ortmeier, F. (eds.) SAFECOMP 2014. LNCS, vol. 8696, pp. 316–327. Springer, Heidelberg (2014)Google Scholar
  7. 7.
    US-CERT, Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-In-Depth Strategies. US-CERT, p. 44 (2009)Google Scholar
  8. 8.
    Krautsevich, L., Martinelli, F., Yautsiukhin, A.: Towards modelling adaptive attacker’s behaviour. In: Garcia-Alfaro, J., Cuppens, F., Cuppens-Boulahia, N., Miri, A., Tawbi, N. (eds.) FPS 2012. LNCS, vol. 7743, pp. 357–364. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  9. 9.
    Johnson, B. et al.: Are security experts useful? bayesian nash equilibria for network security games with limited information. In: 15th European Conference on Research in Computer Security. Springer, Athens (2010)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Oleksandr Netkachov
    • 1
  • Peter Popov
    • 1
    Email author
  • Kizito Salako
    • 1
  1. 1.Centre for Software ReliabilityCity University LondonLondonUK

Personalised recommendations