In this paper we address the issue of security of SCADA systems; a topic of paramount importance because of the impact on physical security and very challenging because of the peculiarities that set SCADA systems aside from usual ICT networks. We apply the modeling technique based on structures called weighted Attack and Defense Trees (ADT) to a complex case study based on a typical SCADA architecture, in which the attack tree is enriched with the cost and the impact of the attack. We introduce a new analysis technique for weighted ADT based on the representation of the attack scenario by means of Multi- Terminal Binary Decision Diagrams (MTBDD) that allow the modeler to identify the most probable attack scenarios, in term of probability cost and impact, and gives an indication on how to mitigate the located breaches by means of suitable countermeasures. Copyright© (2013) by CAL-TEK S.r.l.

Weighted attack trees for the cybersecurity analysis of SCADA systems

Minichino, M.;Ciancamerla, E.
2013

Abstract

In this paper we address the issue of security of SCADA systems; a topic of paramount importance because of the impact on physical security and very challenging because of the peculiarities that set SCADA systems aside from usual ICT networks. We apply the modeling technique based on structures called weighted Attack and Defense Trees (ADT) to a complex case study based on a typical SCADA architecture, in which the attack tree is enriched with the cost and the impact of the attack. We introduce a new analysis technique for weighted ADT based on the representation of the attack scenario by means of Multi- Terminal Binary Decision Diagrams (MTBDD) that allow the modeler to identify the most probable attack scenarios, in term of probability cost and impact, and gives an indication on how to mitigate the located breaches by means of suitable countermeasures. Copyright© (2013) by CAL-TEK S.r.l.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.12079/3410
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
social impact