Today energy delivery systems (EDS) face challenges in dealing with cyberattacks that originate by exploiting the communication network assets. Traditional power systems are highly complex and heterogeneous. These systems focus on reliability, availability, and continuous performance and, thus, not designed to handle security issues. Network administrators often utilize attack graphs to analyze security in EDS. Although attack graphs are useful tools to generate attack paths and estimate possible consequences in a networked system, they lack incorporating the operational or functional dependencies. Localizing the dependencies among operational missions, tasks, and the hosting devices in a large-scale cyber-physical network is also challenging. Current research works handle the system dependency and the attack scenario modeling separately using dependency graphs and attack graphs, respectively. To address the gap of incorporating the mission operational dependencies with possible attack scenarios, in this work, we offer an approach to assess the cyberattack impact on the operational mission of the EDS by combining the logical attack graph and mission functional dependency graph. We provide the graphical modeling details and illustrate the approach using a case study of SCADA (supervisory control and data acquisition) operations within an EDS environment.
- Energy delivery systems
- Attack graph
- Mission dependency
- Impact propagation graph
- Impact assessment
This is a preview of subscription content, access via your institution.
Tax calculation will be finalised at checkout
Purchases are for personal use onlyLearn about institutional subscriptions
NESSUS Vulnerability Assessment (https://www.tenable.com/products/nessus).
OpenVAS - Open Vulnerability Assessment Scanner (https://www.openvas.org/).
Common Vulnerability Scoring System (https://www.first.org/cvss/).
National Vulnerability Database (https://nvd.nist.gov/).
Declarative Logic Programming.
Sun, X., Liu, P., Singhal, A.: Toward cyberresiliency in the context of cloud computing [resilient security]. IEEE Secur. Priv. 16(6), 71–75 (2018)
Cao, C., Yuan, L.-P., Singhal, A., Liu, P., Sun, X., Zhu, S.: Assessing attack impact on business processes by interconnecting attack graphs and entity dependency graphs. In: Kerschbaum, F., Paraboschi, S. (eds.) DBSec 2018. LNCS, vol. 10980, pp. 330–348. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-95729-6_21
Stouffer, K., Falco, J.: Recommended practice: improving industrial control systems cybersecurity with defense-in-depth strategies. Department of Homeland Security, Control systems security program, National cyber security division (2009)
Garvey, P.R., Pinto, C.A.: Introduction to functional dependency network analysis. In: The MITRE Corporation and Old Dominion, 2nd International Symposium on Engineering Systems, MIT, Cambridge, Massachusetts, vol. 5 (2009)
Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL: a logic-based network security analyzer. In: USENIX Security Symposium, Baltimore, MD, vol. 8, pp. 113–128 (2005)
Gonda, T., Pascal, T., Puzis, R., Shani, G., Shapira, B.: Analysis of attack graph representations for ranking vulnerability fixes. In: GCAI, pp. 215–228 (2018)
Rao, B., Mitra, A.: An approach to merging of two community subgraphs to form a community graph using graph mining techniques. In: 2014 IEEE International Conference on Computational Intelligence and Computing Research, pp. 1–7. IEEE (2014)
Jakobson, G.: Mission-centricity in cyber security: architecting cyber attack resilient missions. In: 2013 5th International Conference on Cyber Conflict, CYCON 2013, pp. 1–18. IEEE (2013)
Guariniello, C., DeLaurentis, D.: Supporting design via the system operational dependency analysis methodology. Res. Eng. Des. 28(1), 53–69 (2017)
Albanese, M., Jajodia, S.: A graphical model to assess the impact of multi-step attacks. J. Def. Model. Simul. 15(1), 79–93 (2018)
Liu, C., Singhal, A., Wijesekera, D.: Mapping evidence graphs to attack graphs. In: IEEE International Workshop on Information Forensics and Security, WIFS 2012, pp. 121–126. IEEE (2012)
Jajodia, S., Noel, S., Kalapa, P., Albanese, M., Williams, J.: Cauldron mission-centric cyber situational awareness with defense in depth. In: 2011 Military Communications Conference, MILCOM 2011, pp. 1339–1344. IEEE (2011)
Haque, M.A., Shetty, S., Krishnappa, B.: Modeling cyber resilience for energy delivery systems using critical system functionality. In: Resilience Week, RWS 2019, vol. 1, pp. 33–41. IEEE (2019)
Haque, M.A., Shetty, S., Krishnappa, B.: Cyber-physical system resilience: frameworks, metrics, complexities, challenges, and future directions. In: Complexity Challenges in Cyber Physical Systems: Using Modeling and Simulation (M&S) to Support Intelligence, Adaptation and Autonomy, pp. 301–337 (2019)
Sun, X., Singhal, A., Liu, P.: Towards actionable mission impact assessment in the context of cloud computing. In: Livraga, G., Zhu, S. (eds.) DBSec 2017. LNCS, vol. 10359, pp. 259–274. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61176-1_14
This material is based upon work supported by the Department of Energy under Award Number DE-OE0000780.
Editors and Affiliations
© 2020 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Haque, M.A., Shetty, S., Kamhoua, C.A., Gold, K. (2020). Modeling Mission Impact of Cyber Attacks on Energy Delivery Systems. In: Park, N., Sun, K., Foresti, S., Butler, K., Saxena, N. (eds) Security and Privacy in Communication Networks. SecureComm 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 336. Springer, Cham. https://doi.org/10.1007/978-3-030-63095-9_3
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-63094-2
Online ISBN: 978-3-030-63095-9