A Bayesian Network Based Critical Infrastructure Risk Model
Critical infrastructures (CIs) provide important services to society and economy, like electricity, or communication networks to enable telephone calls and internet access. CI services are expected to provide safety and security features like data Confidentiality and Integrity as well as to ensure service Availability (CIA). The complexity and interdependency of CI services makes it hard for CI providers to guarantee those features or even to be able to monitor the CIA risk by taking into account that an incident in one CI service can cascade to another CI service due to a dependency.
CI security modelling tries to address some of the problems by providing a model for on-line risk monitoring. The model displays risk on the CI service level and can capture the dependencies to other CI services and include them in risk estimation. In this work Bayesian networks (BNs) are introduced to the CI security model to provide a method to derive CI service risk and allow features like risk prediction and handling of interdependencies. To the best of our knowledge this is the first time that BNs are used for on-line risk estimation in CIs.
KeywordsBayesian Network Parent Node Critical Infrastructure Dynamic Bayesian Network Directed Cycle
Unable to display preview. Download preview PDF.
- 1.Aubert, J., Schaberreiter, T., Incoul, C., Khadraoui, D.: Real-time security monitoring of interdependent services in critical infrastructures. case study of a risk-based approach. In: 21th European Safety and Reliability Conference, ESREL 2010 (2010)Google Scholar
- 2.Aubert, J., Schaberreiter, T., Incoul, C., Khadraoui, D., Gateau, B.: Risk-based methodology for real-time security monitoring of interdependent services in critical infrastructures. In: ARES 2010 International Conference on Availability, Reliability, and Security, pp. 262–267 (2010), doi:10.1109/ARES.2010.102Google Scholar
- 4.Caldeira, F., Schaberreiter, T., Monteiro, E., Aubert, J., Simoes, P., Khadraoui, D.: Trust based interdependency weighting for on-line risk monitoring in interdependent critical infrastructures. In: 2011 6th International Conference on Risk and Security of Internet and Systems, CRiSIS, pp. 1–7 (2011)Google Scholar
- 6.Eronen, J., Laakso, M.: A case for protocol dependency. IEEE International Workshop on Critical Infrastructure Protection, 22–32 (2005)Google Scholar
- 7.Haimes, Y.Y., Kaplan, S., Lambert, J.H.: Risk filtering, ranking, and management framework using hierarchical holographic modeling. In: Risk Analysis, vol. 22(2), Society for Risk Analysis (2002)Google Scholar
- 8.Haslum, K., Arnes, A.: Multisensor real-time risk assessment using continuous-time hidden markov models. In: 2006 International Conference on Computational Intelligence and Security, vol. 2, pp. 1536–1540 (2006), doi:10.1109/ICCIAS.2006.295318Google Scholar
- 9.Panzieri, S., Setola, R., Ulivi, G.: An approach to model complex interdependent infrastructures. In: 16th IFAC World Congress (2005); CISIA, Critical InfrastructuresGoogle Scholar
- 10.Pietikiinen, P., Karjalainen, K., Eronen, J., Rning, J.: Socio-technical security assessment of a voip system. In: The Fourth International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010 (2010)Google Scholar
- 12.Schaberreiter, T., Aubert, J., Khadraoui, D.: Critical infrastructure security modelling and resci-monitor: A risk based critical infrastructure model. In: IST-Africa Conference Proceedings, pp. 1–8 (2011)Google Scholar
- 13.Schaberreiter, T., Caldeira, F., Aubert, J., Monteiro, E., Khadraoui, D., Simones, P.: Assurance and trust indicators to evaluate accuracy of on-line risk in critical infrastructures. In: 6th International Conference on Critical Information Infrastructure Security, CRITIS 2011 (2011)Google Scholar
- 14.Schaberreiter, T., Kittil, K., Halunen, K., Rning, J., Khadraoui, D.: Risk assessment in critical infrastructure security modelling based on dependency analysis (short paper). In: 6th International Conference on Critical Information Infrastructure Security, CRITIS 2011 (2011)Google Scholar
- 15.Sokolowski, J., Turnitsa, C., Diallo, S.: A conceptual modeling method for critical infrastructure modeling. In: 41st Annual Simulation Symposium, ANSS 2008, pp. 203–211 (2008), doi:10.1109/ANSS-41.2008.31Google Scholar