Hidden Vulnerabilities Due to Interdependencies between Two Systems

  • Cen Nan
  • Irene Eusgeld
  • Wolfgang Kröger
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7722)


Critical infrastructures (CIs) deserve increased attention as our societies simply rely on most of the goods and services they are expected to continuously supply. Interdependencies within and among CIs have dramatically increased the overall complexity of related infrastructure systems, making them more vulnerable to cascading failures with widespread unpredicted consequences. It is vital to get a clear understanding of these often hidden interdependency issues and tackle them through advanced techniques. In this paper, the interdependencies between Industrial Control Systems (ICS), in particular the SCADA (Supervisory Control and Data Acquisition) system, and the underlying System Under Control (SUC) are identified and assessed using modeling/simulation methods by following a modified 4-step methodical framework. This paper mainly focuses on those techniques and analytical experiments developed for the essential step of this methodical framework, the in-depth analysis, i.e., applying a hybrid modeling/simulation approach and three in-depth experiments.


Critical Infrastructure (CI) Interdependency study SCADA Simulation and Modeling 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Rinaldi, S.M., Peerenboom, J.P., Kelly, T.: Identifying, Understanding, and Analyzing Critical Infrastructure Interdependencies. IEEE Control Systems Magazine 21, 11–25 (2001)CrossRefGoogle Scholar
  2. 2.
    Griot, C.: Modelling and simulation for critical infrastructure interdependency assessment: A meta-review for model characterisation. International Journal of Critical Infrastructure 6, 363–379 (2010)CrossRefGoogle Scholar
  3. 3.
    Igure, V.M., Laughter, S.A., Williams, R.: Security Issues in SCADA Networks. Journal of Computers and Security 25, 498–506 (2006)CrossRefGoogle Scholar
  4. 4.
    Christansson, H., Luiijf, E.: Creating a European SCADA Security Testbed. In: Goetz, E., Shenoi, S. (eds.) Critical Infrastructure Protection. IFIP, vol. 253, pp. 237–247. Springer, Boston (2007)CrossRefGoogle Scholar
  5. 5.
    Johnson, R.E.: Survey of SCADA security challenges and potential attack vectors. In: Internet Technology and Secured Transactions (ICITST) 2010, p. 5 (2010)Google Scholar
  6. 6.
    Eusgeld, I., Kröger, W.: Towards a Framework for Vulnerability Analysis of Interconnected Infrastructures. In: 9th International Probabilistic Safety Assessment & Management Conference (2008)Google Scholar
  7. 7.
    Kröger, W., Zio, E.: Vulnerable Systems. Springer (2011)Google Scholar
  8. 8.
    Pederson, P., Dudenhoeffer, D., Hartly, S., Permann, M.: Critical Infrastructure Interdependency Modeling: A Survey of U.S and International Research. Idaho National Laboratory (2006)Google Scholar
  9. 9.
    Johansson, J., Hassel, H.: An approach for modelling interdependent infrastructures in the context of vulnerability analysis. Reliability Engineering and System Safety 95, 1335–1344 (2010)CrossRefGoogle Scholar
  10. 10.
    Nan, C., Kröger, W., Probst, P.: Exploring critical infrastructure interdependnecy by hybrid simulation approach. In: ESREL 2011, pp. 2483–2491 (2011)CrossRefGoogle Scholar
  11. 11.
    Schläpfer, M., Kessler, T., Kröger, W.: Reliability Analysis of Electric Power Systems Using an Object-oriented Hybrid Modeling Approach. In: 16th Power Systems Computation Conference (2008)Google Scholar
  12. 12.
    Nan, C., Eusgeld, I.: Exploring impacts of single failure propagation between SCADA and SUC. In: IEEE International Conference on Industrial Engineering and Engineering Management (IEEM) 2011, pp. 1564–1568 (2011)Google Scholar
  13. 13.
    van Steen, M.: Graph Theory and Complex Networks: An Introduction, 1st edn (2010)Google Scholar
  14. 14.
    Caretta Cartozo, C.: Complex networks: from biological applications to exact theoretical solutions. In: EPFL (2009)Google Scholar
  15. 15.
    Gallos, L.K., Cohen, R., Argyrakis, P., Bunde, A., Havlin, S.: Stability and Topology of Scale-Free Networks under Attack and Defense Strategies. Physical Review Letters 94, 188701 (2005)CrossRefGoogle Scholar
  16. 16.
    Kröger, W.: Critical infrastructure at risk: A Need For A New Conceptual Approach and Extended Analytical Tools. Reliability Engineering and System Safety 93, 1781–1787 (2008)CrossRefGoogle Scholar
  17. 17.
    Eusgeld, I., Nan, C., Dietz, S.: System-of-systems. Approach for Interdependent Critical Infrastructures. Reliability Engineering and System Safety 96, 679–686 (2011)CrossRefGoogle Scholar
  18. 18.
    Bloomfield, R., Chozos, N., Nobles, P.: Infrastructure interdependency analysis: Introductory research review (2009)Google Scholar
  19. 19.
    Nan, C., Eusgeld, I.: Adopting HLA standard for interdependency study. Reliability Engineering and System Safety 96, 149–159 (2010)CrossRefGoogle Scholar
  20. 20.
    Nan, C., Eusgeld, I., Kroeger, W.: Assessing CI Interdependency Issues using an HLA-compliant Simulation Platform. In: The 2012 Annual European Safety and Reliability Conference, ESREL (2012)Google Scholar
  21. 21.
    Balducelli, C., Bologna, S., Lavalle, L., Vicoli, G.: Safeguarding information intensive critical infrastructures against novel types of emerging failures. Reliability Engineering and System Safety 92, 1218–1229 (2007)CrossRefGoogle Scholar
  22. 22.
    Nai Fovino, I., Masera, M., Guidi, L., Carpi, G.: An experimental platform for assessing SCADA vulnerabilities and countermeasures in power plants. In: 3rd Conference on Human System Interactions (HSI), pp. 679–686 (2010)Google Scholar
  23. 23.
    Queiroz, C., Mahmood, A., Jiankun, H., Tari, Z., Xinghuo, Y.: Building a SCADA Security Testbed. In: 3rd International Conference on Network and System Security, pp. 357–364 (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Cen Nan
    • 1
  • Irene Eusgeld
    • 2
  • Wolfgang Kröger
    • 1
  1. 1.ETH ZürichZürichSwitzerland
  2. 2.University of Duisburg-EssenEssenGermany

Personalised recommendations