Hidden Vulnerabilities Due to Interdependencies between Two Systems
Critical infrastructures (CIs) deserve increased attention as our societies simply rely on most of the goods and services they are expected to continuously supply. Interdependencies within and among CIs have dramatically increased the overall complexity of related infrastructure systems, making them more vulnerable to cascading failures with widespread unpredicted consequences. It is vital to get a clear understanding of these often hidden interdependency issues and tackle them through advanced techniques. In this paper, the interdependencies between Industrial Control Systems (ICS), in particular the SCADA (Supervisory Control and Data Acquisition) system, and the underlying System Under Control (SUC) are identified and assessed using modeling/simulation methods by following a modified 4-step methodical framework. This paper mainly focuses on those techniques and analytical experiments developed for the essential step of this methodical framework, the in-depth analysis, i.e., applying a hybrid modeling/simulation approach and three in-depth experiments.
KeywordsCritical Infrastructure (CI) Interdependency study SCADA Simulation and Modeling
Unable to display preview. Download preview PDF.
- 5.Johnson, R.E.: Survey of SCADA security challenges and potential attack vectors. In: Internet Technology and Secured Transactions (ICITST) 2010, p. 5 (2010)Google Scholar
- 6.Eusgeld, I., Kröger, W.: Towards a Framework for Vulnerability Analysis of Interconnected Infrastructures. In: 9th International Probabilistic Safety Assessment & Management Conference (2008)Google Scholar
- 7.Kröger, W., Zio, E.: Vulnerable Systems. Springer (2011)Google Scholar
- 8.Pederson, P., Dudenhoeffer, D., Hartly, S., Permann, M.: Critical Infrastructure Interdependency Modeling: A Survey of U.S and International Research. Idaho National Laboratory (2006)Google Scholar
- 11.Schläpfer, M., Kessler, T., Kröger, W.: Reliability Analysis of Electric Power Systems Using an Object-oriented Hybrid Modeling Approach. In: 16th Power Systems Computation Conference (2008)Google Scholar
- 12.Nan, C., Eusgeld, I.: Exploring impacts of single failure propagation between SCADA and SUC. In: IEEE International Conference on Industrial Engineering and Engineering Management (IEEM) 2011, pp. 1564–1568 (2011)Google Scholar
- 13.van Steen, M.: Graph Theory and Complex Networks: An Introduction, 1st edn (2010)Google Scholar
- 14.Caretta Cartozo, C.: Complex networks: from biological applications to exact theoretical solutions. In: EPFL (2009)Google Scholar
- 18.Bloomfield, R., Chozos, N., Nobles, P.: Infrastructure interdependency analysis: Introductory research review (2009)Google Scholar
- 20.Nan, C., Eusgeld, I., Kroeger, W.: Assessing CI Interdependency Issues using an HLA-compliant Simulation Platform. In: The 2012 Annual European Safety and Reliability Conference, ESREL (2012)Google Scholar
- 22.Nai Fovino, I., Masera, M., Guidi, L., Carpi, G.: An experimental platform for assessing SCADA vulnerabilities and countermeasures in power plants. In: 3rd Conference on Human System Interactions (HSI), pp. 679–686 (2010)Google Scholar
- 23.Queiroz, C., Mahmood, A., Jiankun, H., Tari, Z., Xinghuo, Y.: Building a SCADA Security Testbed. In: 3rd International Conference on Network and System Security, pp. 357–364 (2009)Google Scholar