An Assessment of Security Analysis Tools for Cyber-Physical Systems

  • Laurens LemaireEmail author
  • Jan Vossaert
  • Bart De Decker
  • Vincent Naessens
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10224)


Cyber-Physical Systems are heavily used in today’s world. However, their security leaves much to be desired. Attacks such as the Stuxnet worm and the Ukrainian Grid Hack have shown that compromising these systems can have disastrous consequences.

It follows that additional methods for assessing the security of these systems must be explored. To this end, several tools have been developed. In this paper, five existing tools that examine the security of cyber-physical systems are presented. The input models and feedback of these tools are then compared with each other. A real life case study has been modelled in all five tools to achieve this. Two versions of this case study are implemented, one with a DMZ in the network and one without. The five tools are evaluated and their strengths and weaknesses for assessing the security of cyber-physical systems are analysed.

Finally, additional methods for the security assessment are touched upon, and we discuss how they can be used together with the tools.


Cyber-physical systems Security assessment CSET ADVISE CyberSAGE CySeMoL FAST-CPS 



Research funded by a PhD grant of the Agency for Innovation by Science and Technology in Flanders (IWT).

The CyberSAGE software, used by the authors, was developed by the “Integrative Security Assessment of Smart Grid Cyber Infrastructure” project, and is jointly owned by the Illinois Pte ADSC and The Agency for Science Technology and Research in Singapore.


  1. 1.
  2. 2.
    Abrams, M., Weiss, J.: Malicious control system cyber security attack case study-maroochy water services, Australia (2008)Google Scholar
  3. 3.
    Assante, M.: Confirmation of a coordinated attack on the Ukrainian power grid (2016).
  4. 4.
    Bogaerts, B., De Cat, B., De Pooter, S., Denecker, M.: The IDP framework reference manual (2012)Google Scholar
  5. 5.
    Evans, S., Wallner, J.: Risk-based security engineering through the eyes of the adversary. In: Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, IAW 2005, pp. 158–165. IEEE (2005)Google Scholar
  6. 6.
  7. 7.
    Ford, M.D., Keefe, K., LeMay, E., Sanders, W.H., Muehrcke, C.: Implementing the advise security modeling formalism in möbius. In: 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 1–8. IEEE (2013)Google Scholar
  8. 8.
    Homeland Security, H.C.C.: Cset: Cyber security evaluation tool (2014)Google Scholar
  9. 9.
    Langner, R.: To kill a centrifuge: a technical analysis of what stuxnet’s creators tried to achieve (2013)Google Scholar
  10. 10.
    Lee, E.A.: Cyber physical systems: design challenges. In: 2008 11th IEEE International Symposium on Object Oriented Real-Time Distributed Computing (ISORC), pp. 363–369. IEEE (2008)Google Scholar
  11. 11.
    Lemaire, L., Lapon, J., De Decker, B., Naessens, V.: A SysML extension for security analysis of industrial control systems. In: Proceedings of the 2nd International Symposium for ICS & SCADA Cyber Security Research, p. 1 (2014)Google Scholar
  12. 12.
    Lemaire, L., Vossaert, J., Jansen, J., Naessens, V.: Extracting vulnerabilities in industrial control systems using a knowledge-based system. In: Proceedings of the 3rd International Symposium for ICS & SCADA Cyber Security Research, p. 1 (2015)Google Scholar
  13. 13.
    LeMay, E., Ford, M.D., Keefe, K., Sanders, W.H., Muehrcke, C.: Model-based security metrics using adversary view security evaluation (advise). In: 2011 Eighth International Conference on Quantitative Evaluation of Systems (QEST), pp. 191–200. IEEE (2011)Google Scholar
  14. 14.
    Lippmann, R., Ingols, K., Scott, C., Piwowarski, K., Kratkiewicz, K., Artz, M., Cunningham, R.: Validating and restoring defense in depth using attack graphs. In: IEEE Military Communications Conference, MILCOM 2006, pp. 1–10. IEEE (2006)Google Scholar
  15. 15.
    Lippmann, R., Scott, C., Kratkiewicz, K., Artz, M., Ingols, K.W.: Network security planning architecture. US Patent 7,194,769, 20 March 2007Google Scholar
  16. 16.
    Matrosov, A., Researcher, S.V., Rodionov, E., Analyst, R., Harley, D.: Stuxnet Under the Microscope (2011)Google Scholar
  17. 17.
    Noel, S., Elder, M., Jajodia, S., Kalapa, P., O’Hare, S., Prole, K.: Advances in topological vulnerability analysis. In: Cybersecurity Applications & Technology Conference For Homeland Security, CATCH 2009, pp. 124–129. IEEE (2009)Google Scholar
  18. 18.
    Ou, X., Govindavajhala, S., Appel, A.W.: Mulval: A logic-based network security analyzer. In: USENIX security (2005)Google Scholar
  19. 19.
    Schlegel, R., Obermeier, S., Schneider, J.: Assessing the security of IEC 62351. In: Proceedings of the 3rd International Symposium for ICS & SCADA Cyber Security Research, pp. 11–19. British Computer Society (2015)Google Scholar
  20. 20.
    Sommestad, T., Ekstedt, M., Holm, H.: The cyber security modeling language: a tool for assessing the vulnerability of enterprise system architectures. IEEE Syst. J. 7(3), 363–373 (2013)CrossRefGoogle Scholar
  21. 21.
    Sommestad, T., Ekstedt, M., Nordström, L.: A case study applying the cyber security modeling language (2010)Google Scholar
  22. 22.
    Stouffer, K., Lightman, S., Pillitteri, V., Abrams, M., Hahn, A.: Guide to industrial control systems (ICS) security (2015)Google Scholar
  23. 23.
    Vu, A.H., Tippenhauer, N.O., Chen, B., Nicol, D.M., Kalbarczyk, Z.: CyberSAGE: a tool for automatic security assessment of cyber-physical systems. In: Norman, G., Sanders, W. (eds.) QEST 2014. LNCS, vol. 8657, pp. 384–387. Springer, Cham (2014). doi: 10.1007/978-3-319-10696-0_29 Google Scholar
  24. 24.
    Wang, E.K., Ye, Y., Xu, X., Yiu, S., Hui, L., Chow, K.: Security issues and challenges for cyber physical system. In: Proceedings of the 2010 IEEE/ACM International Conference on Green Computing and Communications & International Conference on Cyber, Physical and Social Computing, pp. 733–738. IEEE Computer Society (2010)Google Scholar
  25. 25.
    Whiteman, B.: Network risk assessment tool (NRAT). IA Newsl. 11(1), 4–8 (2008)Google Scholar
  26. 26.
    Wittocx, J., Mariën, M., Denecker, M.: The IDP system: a model expansion system for an extension of classical logic. In: Proceedings of the 2nd Workshop on Logic and Search, pp. 153–165 (2008)Google Scholar
  27. 27.
    Zetter, K.: Inside the cunning, unprecedented hack of Ukraine’s power grid (2016).

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Laurens Lemaire
    • 1
    Email author
  • Jan Vossaert
    • 1
  • Bart De Decker
    • 1
  • Vincent Naessens
    • 1
  1. 1.Department of Computer ScienceKU Leuven, IMinds-DistriNetLeuvenBelgium

Personalised recommendations