Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security and Privacy in Communication Systems

SecureComm 2020: Security and Privacy in Communication Networks pp 41–61Cite as

Modeling Mission Impact of Cyber Attacks on Energy Delivery Systems

Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST,volume 336)

Abstract

Today energy delivery systems (EDS) face challenges in dealing with cyberattacks that originate by exploiting the communication network assets. Traditional power systems are highly complex and heterogeneous. These systems focus on reliability, availability, and continuous performance and, thus, not designed to handle security issues. Network administrators often utilize attack graphs to analyze security in EDS. Although attack graphs are useful tools to generate attack paths and estimate possible consequences in a networked system, they lack incorporating the operational or functional dependencies. Localizing the dependencies among operational missions, tasks, and the hosting devices in a large-scale cyber-physical network is also challenging. Current research works handle the system dependency and the attack scenario modeling separately using dependency graphs and attack graphs, respectively. To address the gap of incorporating the mission operational dependencies with possible attack scenarios, in this work, we offer an approach to assess the cyberattack impact on the operational mission of the EDS by combining the logical attack graph and mission functional dependency graph. We provide the graphical modeling details and illustrate the approach using a case study of SCADA (supervisory control and data acquisition) operations within an EDS environment.

Keywords

  • Energy delivery systems
  • Attack graph
  • Mission dependency
  • Impact propagation graph
  • Impact assessment
  • Operability

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    NESSUS Vulnerability Assessment (https://www.tenable.com/products/nessus).

  2. 2.

    OpenVAS - Open Vulnerability Assessment Scanner (https://www.openvas.org/).

  3. 3.

    Common Vulnerability Scoring System (https://www.first.org/cvss/).

  4. 4.

    National Vulnerability Database (https://nvd.nist.gov/).

  5. 5.

    Declarative Logic Programming.

References

  1. Sun, X., Liu, P., Singhal, A.: Toward cyberresiliency in the context of cloud computing [resilient security]. IEEE Secur. Priv. 16(6), 71–75 (2018)

    CrossRef  Google Scholar 

  2. Cao, C., Yuan, L.-P., Singhal, A., Liu, P., Sun, X., Zhu, S.: Assessing attack impact on business processes by interconnecting attack graphs and entity dependency graphs. In: Kerschbaum, F., Paraboschi, S. (eds.) DBSec 2018. LNCS, vol. 10980, pp. 330–348. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-95729-6_21

    CrossRef  Google Scholar 

  3. Stouffer, K., Falco, J.: Recommended practice: improving industrial control systems cybersecurity with defense-in-depth strategies. Department of Homeland Security, Control systems security program, National cyber security division (2009)

    Google Scholar 

  4. Garvey, P.R., Pinto, C.A.: Introduction to functional dependency network analysis. In: The MITRE Corporation and Old Dominion, 2nd International Symposium on Engineering Systems, MIT, Cambridge, Massachusetts, vol. 5 (2009)

    Google Scholar 

  5. Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL: a logic-based network security analyzer. In: USENIX Security Symposium, Baltimore, MD, vol. 8, pp. 113–128 (2005)

    Google Scholar 

  6. Gonda, T., Pascal, T., Puzis, R., Shani, G., Shapira, B.: Analysis of attack graph representations for ranking vulnerability fixes. In: GCAI, pp. 215–228 (2018)

    Google Scholar 

  7. Rao, B., Mitra, A.: An approach to merging of two community subgraphs to form a community graph using graph mining techniques. In: 2014 IEEE International Conference on Computational Intelligence and Computing Research, pp. 1–7. IEEE (2014)

    Google Scholar 

  8. Jakobson, G.: Mission-centricity in cyber security: architecting cyber attack resilient missions. In: 2013 5th International Conference on Cyber Conflict, CYCON 2013, pp. 1–18. IEEE (2013)

    Google Scholar 

  9. Guariniello, C., DeLaurentis, D.: Supporting design via the system operational dependency analysis methodology. Res. Eng. Des. 28(1), 53–69 (2017)

    CrossRef  Google Scholar 

  10. Albanese, M., Jajodia, S.: A graphical model to assess the impact of multi-step attacks. J. Def. Model. Simul. 15(1), 79–93 (2018)

    CrossRef  Google Scholar 

  11. Liu, C., Singhal, A., Wijesekera, D.: Mapping evidence graphs to attack graphs. In: IEEE International Workshop on Information Forensics and Security, WIFS 2012, pp. 121–126. IEEE (2012)

    Google Scholar 

  12. Jajodia, S., Noel, S., Kalapa, P., Albanese, M., Williams, J.: Cauldron mission-centric cyber situational awareness with defense in depth. In: 2011 Military Communications Conference, MILCOM 2011, pp. 1339–1344. IEEE (2011)

    Google Scholar 

  13. Haque, M.A., Shetty, S., Krishnappa, B.: Modeling cyber resilience for energy delivery systems using critical system functionality. In: Resilience Week, RWS 2019, vol. 1, pp. 33–41. IEEE (2019)

    Google Scholar 

  14. Haque, M.A., Shetty, S., Krishnappa, B.: Cyber-physical system resilience: frameworks, metrics, complexities, challenges, and future directions. In: Complexity Challenges in Cyber Physical Systems: Using Modeling and Simulation (M&S) to Support Intelligence, Adaptation and Autonomy, pp. 301–337 (2019)

    Google Scholar 

  15. Sun, X., Singhal, A., Liu, P.: Towards actionable mission impact assessment in the context of cloud computing. In: Livraga, G., Zhu, S. (eds.) DBSec 2017. LNCS, vol. 10359, pp. 259–274. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61176-1_14

    CrossRef  Google Scholar 

Download references

Acknowledgment

This material is based upon work supported by the Department of Energy under Award Number DE-OE0000780.

Author information

Authors and Affiliations

  1. Department of Computational Modeling and Simulation Engineering, Old Dominion University, Norfolk, VA, USA

    Md Ariful Haque & Sachin Shetty

  2. Network Security Research, The U.S. Army Research Laboratory, Adelphi, MD, USA

    Charles A. Kamhoua

  3. Naval Surface Warfare Center, Crane Division, Crane, IN, USA

    Kimberly Gold

Authors
  1. Md Ariful Haque
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sachin Shetty
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Charles A. Kamhoua
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kimberly Gold
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Md Ariful Haque .

Editor information

Editors and Affiliations

  1. Yonsei University, Seoul, Korea (Republic of)

    Prof. Noseong Park

  2. George Mason University, Fairfax, VA, USA

    Kun Sun

  3. Dipartimento di Informatica, Universita degli Studi, Milan, Milano, Italy

    Prof. Sara Foresti

  4. University of Florida, Gainesville, FL, USA

    Kevin Butler

  5. Division of Nephrology, University of Alabama, Birmingham, AL, USA

    Dr. Nitesh Saxena

A Appendix

A Appendix

Fig. 8.
figure 8

Complete mission impact assessment graph for the case study (nodes Datalog clauses are given in Table 7)

Full size image
Table 7. Datalog clauses of Fig. 8
Full size table

Rights and permissions

Reprints and Permissions

Copyright information

© 2020 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Haque, M.A., Shetty, S., Kamhoua, C.A., Gold, K. (2020). Modeling Mission Impact of Cyber Attacks on Energy Delivery Systems. In: Park, N., Sun, K., Foresti, S., Butler, K., Saxena, N. (eds) Security and Privacy in Communication Networks. SecureComm 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 336. Springer, Cham. https://doi.org/10.1007/978-3-030-63095-9_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-63095-9_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-63094-2

  • Online ISBN: 978-3-030-63095-9

  • eBook Packages: Computer ScienceComputer Science (R0)

search

Navigation