A case study in the use of attack graphs for predicting the security of cyber-physical systems


Cyber-attacks increasingly threaten Cyber-Physical Systems (CPS). Recent examples are attacks on a Florida water plant control system and firewalls protecting several Western U.S. electricity grid operators. Techniques for rigorously analysing the cybersecurity of CPS without the risk of disrupting their operations are therefore of increasing interest to CPS operators and regulators. Meanwhile, attack graphs have long been studied by researchers as a means of analysing the cybersecurity of both information and control systems. In this paper, we present a case study on the use of attack graphs for predicting the cybersecurity of a CPS within the critical national infrastructure. It explains how the attack graph was developed and analysed using existing system documentation, computer-aided techniques and human analysis. In this case study human cyber analysts with good knowledge of the CPS considered the automated predictions of the most exploitable attack paths to be credible. This enabled a detailed and evidenced analysis of the minimum level of cyber-attacker sophistication needed to compromise the CPS. The case study has evidenced that this style of CPS analysis could be used either during system design or whilst in operational use.



Software And Hardware