Probabilistic Event Graph to Model Safety and Security for Diagnosis Purposes

  • Edwin Bourget
  • Frédéric Cuppens
  • Nora Cuppens-Boulahia
  • Samuel Dubus
  • Simon Foley
  • Youssef Laarouchi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10980)


Diagnosing accidental and malicious events in an industrial control system requires an event model with specific capacities. Most models are dedicated to either safety or security but rarely both. And the latter are developed for objectives other than diagnosis and therefore unfit for this task. In this paper, we propose an event model considering both safety and security events, usable in real-time, with a probabilistic measure of on-going and future events. This model is able to replace alerts in the context of more global scenarios, including with reinforcements or conflicts between safety and security. The model is then used to provide an analysis of some of the security and safety events in the Taum Sauk Hydroelectric Power Station.


  1. 1.
    Vesely, W.E., Goldberg, F.F., Roberts, N.H., Haasl, D.F.: Fault tree handbook. Report, DTIC Document (1981)Google Scholar
  2. 2.
    Bruce, S.: Attack trees. Dr. Dobb’s J. 24, 21–29 (1999)MathSciNetGoogle Scholar
  3. 3.
    Frigault, M., Wang, L., Singhal, A., Jajodia, S.: Measuring network security using dynamic Bayesian network. In: Proceedings of the 4th ACM Workshop on Quality of Protection, 1456368, pp. 23–30. ACM (2008)Google Scholar
  4. 4.
    Kumar, S., Spafford, E.: A pattern matching model for misuse intrusion detection (1994)Google Scholar
  5. 5.
    Bouissou, M., Bon, J.L.: A new formalism that combines advantages of fault-trees and Markov models: Boolean logic driven Markov processes. Mater. Reliab. Eng. Syst. Saf. 82(2), 149–163 (2003)CrossRefGoogle Scholar
  6. 6.
    Piètre-Cambacédès, L., Bouissou, M.: Beyond attack trees: dynamic security modeling with Boolean logic driven Markov processes (BDMP). In: Proceedings of the 2010 European Dependable Computing Conference, vol. 1827752, pp. 199–208. IEEE Computer Society (2010)Google Scholar
  7. 7.
    Bouissou, M., Villatte, N., Bouhadana, H., Bannelier, M.: Knowledge modelling and reliability processing: presentation of the figaro language and associated tools. Report, Electricite de France (EDF), December 1991CrossRefGoogle Scholar
  8. 8.
    Pernestl, A.: A Bayesian approach to fault isolation with application to diesel engine diagnosis. Thesis (2007)Google Scholar
  9. 9.
    Cuppens, F., Ortalo, R.: LAMBDA: a language to model a database for detection of attacks. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907, pp. 197–216. Springer, Heidelberg (2000). Scholar
  10. 10.
    Cuppens, F., Miège, A.: Alert correlation in a cooperative intrusion detection framework. In: Proceedings 2002 IEEE Symposium on Security and Privacy, pp. 202–215 (2002)Google Scholar
  11. 11.
    Kanoun, W., Cuppens-Boulahia, N., Cuppens, F., Dubus, S., Martin, A.: Success likelihood of ongoing attacks for intrusion detection and response systems. In: 2009 International Conference on Computational Science and Engineering, vol. 3, pp. 83–91 (2009)Google Scholar
  12. 12.
    Schroeder, B., Gibson, G.A.: Disk failures in the real world: what does an MTTF of 1,000,000 hours mean to you? In: Proceedings of the 5th USENIX Conference on File and Storage Technologies, 1267904. USENIX Association 1 (2007)Google Scholar
  13. 13.
    Cuppens, F., Autrel, F., Miège, A., Benferhat, S.: Recognizing malicious intention in an intrusion detection process. In: HIS, pp. 806–817 (2002)Google Scholar
  14. 14.
    Rogers, J., M. Watkins, C.: Overview of the Taum Sauk Pumped Storage Power Plant Upper Reservoir Failure, Reynolds County, MO (2008)Google Scholar
  15. 15.
    Team, F.T.S.I.: Report of findings on the overtopping and embankment breach of the upper dam - Taum Sauk pumped storage project, Report, 28 Apr 2006Google Scholar
  16. 16.
    Before the public service commission state of Missouri - staff’s initial incident report. Report, October 2007Google Scholar
  17. 17.
    Dacier, M., Deswarte, Y., Kaâniche, M.: Quantitative assessment of operational security: models and tools. In: Katsikas, S.K., Gritzalis, D. (eds.) Information Systems Security, pp. 179–186. Chapman & Hall, London (1996)Google Scholar
  18. 18.
    Weber, P., Medina-Oliva, G., Simon, C., Iung, B.: Overview on Bayesian networks applications for dependability, risk analysis and maintenance areas. Eng. Appl. Artif. Intell. 25(4), 671–682 (2012)CrossRefGoogle Scholar
  19. 19.
    Boudali, H., Dugan, J.B.: A new Bayesian network approach to solve dynamic fault trees (2005)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2018

Authors and Affiliations

  • Edwin Bourget
    • 1
  • Frédéric Cuppens
    • 1
  • Nora Cuppens-Boulahia
    • 1
  • Samuel Dubus
    • 3
  • Simon Foley
    • 1
  • Youssef Laarouchi
    • 2
  1. 1.IMT AtlantiqueCesson-SévignéFrance
  2. 2.EDF LabsPalaiseauFrance
  3. 3.Nokia Bell LabsNozayUSA

Personalised recommendations