Hybrid Dependencies Between Cyber and Physical Systems
Situational awareness is often a matter of detailed local information and proportionally limited view on the bigger picture. Conversely, the big picture avoids complicating details, and as such displays the system components as atomic “black boxes”. This work proposes a combination of local and global views, accounting for a common practical division of physical and cyber domains, each of which have their own group of experts and management processes. We identify a small set of data items that is required about the physical and cyber parts of a system, along with a high-level description of how these parts interoperate. From these three ingredients, which we call physical, cyber and hybrid “awareness” (meaning just knowledge about what is there), we construct a simulation model to study cascading effects and indirect implications of distortions in a cyber-physical system. Our simulation model is composed from coupled Mealy automata, and we show an instance of it using a small cyber-physical infrastructure. This extends the awareness from “knowing what is” to “knowing what could happen next”, and as such addresses a core duty of effective risk management. Manifold extensions to this model are imaginable and discussed in the aftermath of the definition and example demonstration.
KeywordsSecurity Cascading effects Probabilistic automata Critical infrastructure
This work was supported by the European Commission’s Project SAURON (Scalable multidimensional situation awareness solution for protecting European ports) under the HORIZON 2020 Framework (Grant No. 740477).
- 1.Bañuls, V.A., Turoff, M.: Scenario construction via delphi and cross-impact analysis. Technol. Forecast. Soc. Change 78(9), 1579–1602 (2011). http://www.sciencedirect.com/science/article/pii/S0040162511000667. The Delphi technique: Past, present, and future prospectsCrossRefGoogle Scholar
- 2.Carreras, B.A., Newman, D.E., Gradney, P., Lynch, V.E., Dobson, I.: Interdependent risk in interacting infrastructure systems. In: 40th Annual Hawaii International Conference on System Sciences, HICSS 2007, p. 112, January 2007Google Scholar
- 4.Gordon, T., Hayward, H.: Initial experiments with the cross impact matrix method of forecasting. Futures 1(2), 100–116 (1968). http://www.sciencedirect.com/science/article/pii/S0016328768800035CrossRefGoogle Scholar
- 7.König, S., Schauer, S., Rass, S.: A stochastic framework for prediction of malware spreading in heterogeneous networks. In: Proceedings of NordSec Conference 2016 Secure IT Systems, Oulu, Finland, pp. 67–81. Springer (2016)Google Scholar
- 11.Ouyang, M.: Review on modeling and simulation of interdependent critical infrastructure systems. Reliab. Eng. Syst. Saf. 121, 43–60 (2014). http://www.sciencedirect.com/science/article/pii/S0951832013002056CrossRefGoogle Scholar
- 13.Paz, A., Rheinboldt, W.: Introduction to Probabilistic Automata. Elsevier Science, Burlington (2014). http://gbv.eblib.com/patron/FullRecord.aspx?p=1901751Google Scholar
- 18.SAURON: Scalable multidimensionAl sitUation awaReness sOlution for protectiNg european ports, December 2018. https://www.sauronproject.eu/
- 19.Troina, A.: Probabilistic Timed Automata for Security Analysis and Design. CreateSpace Independent Publishing Platform, Scotts Valley (2017)Google Scholar
- 20.Turoff, M.: An alternative approach to cross impact analysis. Technol. Forecast. Soc. Change 3, 309–339 (1971). http://www.sciencedirect.com/science/article/pii/S0040162571800215CrossRefGoogle Scholar
- 21.Wang, Z., Scaglione, A., Thomas, R.J.: A Markov-transition model for cascading failures in power grids. In: 2012 45th Hawaii International Conference on System Sciences. IEEE, January 2012. https://doi.org/10.1109/hicss.2012.63