Skip to main content

A Semantic-Based Approach for Assessing the Impact of Cyber-Physical Attacks: A Healthcare Infrastructure Use Case

Part of the Lecture Notes in Computer Science book series (LNAI,volume 12879)

Abstract

This paper proposes an integrated approach to study impact propagation of cyber and physical incidents within critical healthcare infrastructures. This approach is based on a semantic modeling and reasoning engine which takes into account assets and input/output incident types while running propagation through a network graph. Besides, it calculates impact scores based on the protection degree value of each asset. We illustrate our contribution through an attack scenario on the “Covid vaccine theft”. The evaluation of the approach shows promising results.

Keywords

  • Semantic modeling
  • Critical infrastructures
  • Cyber-physical attacks
  • Impact propagation

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-86982-3_16
  • Chapter length: 8 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   64.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-86982-3
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   84.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.

Notes

  1. 1.

    https://www.safecare-project.eu.

References

  1. ANSSI: Ebios risk manager - the method (2019). https://www.ssi.gouv.fr/en/guide/ebios-risk-manager-the-method/

  2. Ben-Asher, N., Oltramari, A., Erbacher, R.F., Gonzalez, C.: Ontology-based adaptive systems of cyber defense. In: STIDS, pp. 34–41 (2015)

    Google Scholar 

  3. Fenz, S., Ekelhart, A.: Formalizing information security knowledge. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, pp. 183–194 (2009)

    Google Scholar 

  4. Guttman, B., Roback, E.A.: An Introduction to Computer Security: The NIST Handbook. Diane Publishing, Collingdale (1995)

    CrossRef  Google Scholar 

  5. Hannou, F.Z., Atigui, F., Lammari, N., Cherfi, S.S.: An ontology-based model for cyber-physical security management in healthcare context. In: Strauss, C., Kotsis, G., Tjoa, A.M., Khalil, I. (eds.) Expert Systems Applications. LNCS, vol. 12924, pp. 22–34. Springer, Heidelberg (2021). https://doi.org/10.1007/978-3-030-86475-0_3

    CrossRef  Google Scholar 

  6. Kim, M., Dey, S., Lee, S.: Ontology-driven security requirements recommendation for apt attack, pp. 150–156 (2019). https://doi.org/10.1109/REW.2019.00032

  7. Liu, C.Y., Jeng, A.P., Chang, C.H., Wang, R.G., Chou, C.C.: Combining building information modeling and ontology to analyze emergency events in buildings. In: ISARC. Proceedings of the International Symposium on Automation and Robotics in Construction, vol. 35, pp. 1–6. IAARC Publications (2018)

    Google Scholar 

  8. Luh, R., Marschalek, S., Kaiser, M., Janicke, H., Schrittwieser, S.: Semantics-aware detection of targeted attacks: a survey. J. Comput. Virol. Hack. Tech. 13(1), 47–85 (2016). https://doi.org/10.1007/s11416-016-0273-3

    CrossRef  Google Scholar 

  9. Schauer, S., Grafenauer, T., König, S., Warum, M., Rass, S.: Estimating cascading effects in cyber-physical critical infrastructures. In: Nadjm-Tehrani, S. (ed.) CRITIS 2019. LNCS, vol. 11777, pp. 43–56. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-37670-3_4

    CrossRef  Google Scholar 

  10. Szpyrka, M., Jasiul, B.: Evaluation of cyber security and modelling of risk propagation with petri nets. Symmetry 9(3), 32 (2017)

    MathSciNet  CrossRef  Google Scholar 

  11. Szpyrka, M., Jasiul, B., Wrona, K., Dziedzic, F.: Telecommunications networks risk assessment with Bayesian networks. In: Saeed, K., Chaki, R., Cortesi, A., Wierzchoń, S. (eds.) CISIM 2013. LNCS, vol. 8104, pp. 277–288. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40925-7_26

    CrossRef  Google Scholar 

  12. Velasco, J.L., Valencia-García, R., Fernández-Breis, J.T., Toval, A.: Modelling reusable security requirements based on an ontology framework. J. Res. Pract. Inf. Technol. 41(2), 119–133 (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Fatma-Zohra Hannou .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Rihany, M., Hannou, FZ., Mimouni, N., Hamdi, F., Tourron, P., Julien, PA. (2021). A Semantic-Based Approach for Assessing the Impact of Cyber-Physical Attacks: A Healthcare Infrastructure Use Case. In: Braun, T., Gehrke, M., Hanika, T., Hernandez, N. (eds) Graph-Based Representation and Reasoning. ICCS 2021. Lecture Notes in Computer Science(), vol 12879. Springer, Cham. https://doi.org/10.1007/978-3-030-86982-3_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-86982-3_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-86981-6

  • Online ISBN: 978-3-030-86982-3

  • eBook Packages: Computer ScienceComputer Science (R0)