In this paper we address the issue of security of SCADA systems; a topic of paramount importance because of the impact on physical security and very challenging because of the peculiarities that set SCADA systems aside from usual ICT networks. We apply the modeling technique based on structures called weighted Attack and Defense Trees (ADT) to a complex case study based on a typical SCADA architecture, in which the attack tree is enriched with the cost and the impact of the attack. We introduce a new analysis technique for weighted ADT based on the representation of the attack scenario by means of Multi- Terminal Binary Decision Diagrams (MTBDD) that allow the modeler to identify the most probable attack scenarios, in term of probability cost and impact, and gives an indication on how to mitigate the located breaches by means of suitable countermeasures. Copyright© (2013) by CAL-TEK S.r.l.
|Titolo:||Weighted attack trees for the cybersecurity analysis of SCADA systems|
|Data di pubblicazione:||2013|
|Appare nelle tipologie:||4.1 Contributo in Atti di convegno|