张恺伦,江全元

2013-01-01

Abstract:With the promotion and application of wide area measurement systems (WAMS) in power system, the security of its communication system is attracting a growing body of research. To analyze the vulnerability of WAMS communication infrastructures when facing network intrusions, an assessing method of vulnerability based on attack tree model is proposed. First, the attack tree model of WAMS communication system is established, which directly reflects the intrusion scenarios when the system is maliciously attacked. Second, a more reasonable assessing method for the vulnerability of passwords and ports is proposed, as well as the vulnerability of the system with all scenarios taken into consideration. Finally, the paper puts forth the concept of vulnerability sensitivity, which can quantitatively evaluate the effect of changes in the leaf vulnerability on the system, so as to find out the critical port.

Ruiwen He,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.1109/ei250167.2020.9346835

2020-01-01

Abstract:With the development of information technology and Power Internet of Things, the increasing number of networked terminals presents new network security threats. Industrial control equipment and systems have vulnerabilities in hardware, software and firmware, and advanced persistent threat against ICS has become more complex and diverse. However, most of the research are aimed at the detection of single vulnerability, and lack attack mechanism analysis and threat assessment for attack chain. We proposed a threat assessment method based on vulnerability descriptive text and described the attributes of attack samples according to the classification results in attack targets, methods and consequences. We constructed attack graphs based on attack sample attributes and cyber-physical topology to quantitatively evaluate the feasibility and benefits of each attack path from vulnerability capabilities and the impact of devices in the physical world. Finally, we took the substation device status monitoring system as an example to verify the feasibility of this method.

Yinan Wang,Gangfeng Yan,Ronghao Zheng

DOI: https://doi.org/10.3390/app8050768

2018-01-01

Applied Sciences

Abstract:The integration of modern computing and advanced communication with power grids has led to the emergence of electrical cyber-physical systems (ECPSs). However, the massive application of communication technologies makes the power grids become more vulnerable to cyber attacks. In this paper, we study the vulnerability of ECPSs and develop defence strategies against cyber attacks. Detection and protection algorithms are proposed to deal with the emergency of cascading failures. Moreover, we propose a weight adjustment strategy to solve the unbalanced power flows problem which is caused by splitting incidents. A MATLAB-based platform with advantages of easy programming, fast calculation, and no damage to systems is built for the offline simulation and analysis of the vulnerability of ECPSs. We also propose a five-aspect method of vulnerability assessment which includes the robustness, economic costs, degree of damage, vulnerable equipment, and trip point. The study is of significance to decision makers as they can get specific advice and defence strategies about a special power system.

Peng Huang,Yinan Wang,Gangfeng Yan

DOI: https://doi.org/10.1109/iecon.2017.8216086

2017-01-01

Abstract:This paper considers a framework of electrical cyber-physical systems (ECPSs) in which each bus and branch in a power grid is equipped with a controller and a sensor. By means of measuring the damages of cyber attacks in terms of cutting off transmission lines, three solution approaches are proposed to assess and deal with the damages caused by faults or cyber attacks. Splitting incident is treated as a special situation in cascading failure propagation. A new simulation platform is built for simulating the protection procedure of ECPSs under faults. The vulnerability of ECPSs under faults is analyzed by experimental results based on IEEE 39-bus system.

Zhang Kai-lun,Tang Quan,Zhang Hong-gang

DOI: https://doi.org/10.1109/ispec50848.2020.9351155

2020-01-01

Abstract:With the promotion and application of wide area measurement systems (WAMS) in the Energy Internet, the security of its communication system is attracting a growing body of research. To analyze the vulnerability of WAMS communication infrastructures when facing network intrusions, an assessing method of vulnerability based on attack tree model is proposed. First, the attack tree model of WAMS communication system is established, which directly reflects the intrusion scenarios when the system is maliciously attacked. Second, a more reasonable assessing method for the vulnerability of passwords and ports is proposed, as well as the vulnerability of the system with all scenarios taken into consideration. Finally, the paper puts forth the definition of vulnerability sensitivity, which can quantitatively evaluate the effects of changes in the leaf vulnerability on the system, so as to find out the critical port.

Xueqin Gao,Tao Shang,Da Li,Jianwei Liu

DOI: https://doi.org/10.1109/pst55820.2022.9851965

2022-01-01

Abstract:SCADA systems are one of the critical infrastructures and face many security threats. Attackers can control SCADA systems through network attacks, destroying the normal operation of the power system. It is important to conduct a risk assessment of security threats on SCADA systems. However, existing models for risk assessment using attack trees mainly focus on describing possible intrusions rather than the interaction between threats and defenses. In this paper, we comprehensively consider intrusion likelihood and defense capability and propose a quantitative risk assessment model of security threats based on attack countermeasure tree (ACT). Each leaf node in ACT contains two attributes: exploitable vulnerabilities and defense countermeasures. An attack scenario can be constructed by means of traversing the leaf nodes. We set up six indicators to evaluate the impact of security threats in attack scenarios according to NISTIR 7628 standard. Experimental results show the attack probability of security threats and high-risk attack scenarios in SCADA systems. We can improve defense countermeasures to protect against security threats corresponding to high-risk scenarios. In addition, the model can continually update risk assessments based on the implementation of the system’s defensive countermeasures.

Zhao Tianshi,Sun Chao,Huang Yinxia

DOI: https://doi.org/10.3969/j.issn.1000-7458.2012.12.006

2012-01-01

Abstract:The CTCS-3 Train Control System is a kind of typical safety critical systems and its system assessment is complex.Through converting non-formal system requirements into semi-formal requirements,We use safety several analysis tools,such as hazard and operability studies,fault tree analysis,event tree analysis and reason and result analysis,to provide suitable risk assessment techniques for CTCS-3 Train Control System.

Chen Weihua,Jiang Quanyuan,Cao Yijia

DOI: https://doi.org/10.1109/ipec.2005.207004

2005-01-01

Abstract:With the increasing utilization of HVDC system, security assessment of HVDC system has become a hot topic. This paper presents a novel approach using the framework of vulnerability to assess HVDC system security. First, equivalent models of HVDC systems, based on Markov model and logical diagram, are built to solve "dimension disaster" problem. Second, the risk index is used as an indicator of the level of security, and its sensitivity to a changing system parameter is used as an indicator of its trend. These two indicators are combined to determine the degree of HVDC system vulnerability to contingent disturbances. Finally, artificial neural network (ANN) is applied to the fast pattern recognition and classification of system vulnerability status. A case of Gezhouba-Shanghai HVDC system in China is presented to verify correctness and effectiveness of the approach.

Xiaming Ye,Junhua Zhao,Yan Zhang,Fushuan Wen

DOI: https://doi.org/10.3390/en8065266

IF: 3.2

2015-01-01

Energies

Abstract:The distribution automation system (DAS) is vulnerable to cyber-attacks due to the widespread use of terminal devices and standard communication protocols. On account of the cost of defense, it is impossible to ensure the security of every device in the DAS. Given this background, a novel quantitative vulnerability assessment model of cyber security for DAS is developed in this paper. In the assessment model, the potential physical consequences of cyber-attacks are analyzed from two levels: terminal device level and control center server level. Then, the attack process is modeled based on game theory and the relationships among different vulnerabilities are analyzed by introducing a vulnerability adjacency matrix. Finally, the application process of the proposed methodology is illustrated through a case study based on bus 2 of the Roy Billinton Test System (RBTS). The results demonstrate the reasonability and effectiveness of the proposed methodology.

Rounak Meyur

DOI: https://doi.org/10.1109/TPEC48276.2020.9042529

2020-02-01

Abstract:The advantage of adding modern day information and communication technology (ICT) in the supervisory control and data acquisition (SCADA) system associated with the power network comes at the cost of an increased risk due to cyber intrusion. A well planned malicious attack on the SCADA system can not only compromise the communication network, but also cause catastrophic effects on the power grid in form of a widespread blackout. In this context, a lot of prior work deals with the comprehensive modeling of the cyber-physical system (CPS) and evaluating the possible vulnerabilities. In the present work, a Bayesian attack tree based approach is used to model cyber attacks in the SCADA network and the associated risk is evaluated as the combined effect on the communication and power system. This avoids the detailed modeling of every component in the CPS and considers only the critical vulnerabilities required to be exploited to perform the attack. Furthermore, the model takes into account the skill level of the adversary and the difficulty in intruding through each type of vulnerability. The proposed cyber attack model is applied on the IEEE-39 bus system with an associated SCADA network. The risk of a cyber attack on the critical vulnerabilities is evaluated for the power system.

Engineering,Computer Science

Hai Wan,Tian Wang,Jin Huang,Xibin Zhao,Lei Sun

DOI: https://doi.org/10.16511/j.cnki.qhdxxb.2016.23.010

2016-01-01

Abstract:Train communication network (TCN) is a specialized industrial control network,whose safety and security problems are of great importance.The wire train bus (WTB) is one of the link layer communication modules of TCN architectures.A potential risk and a possible attack method were found based on the analysis of WTB communication protocol.Formal modeling verification and experiments show that the attack method is feasible.Based on the characteristics of the attack method,this paper also proposes a precautionary method.

Tao Zhang,Mingzeng Hu,Xiaochun Yun,Yongzheng Zhang

DOI: https://doi.org/10.1007/978-3-540-31979-5_26

2005-01-01

Abstract:For analyzing computer system security, the system visitor could be classified into five kinds by his privilege to access system resource, and presented the model base on privilege escalation. The attacker can enhance his privilege by exploiting vulnerability, according to distribution of vulnerabilities privilege set, we could construct fault tree to reflect distinctly potential attack path, and so this method could quantificational express security state at different security policy via analyzing fault tree.

ZuXi Chen,HongKai Lin,Meng Mei,YongHua Zhu,XiaoYong Wang,ZhongWei Xu,XiangYu Luo

DOI: https://doi.org/10.1016/j.heliyon.2024.e31776

IF: 3.776

2024-05-24

Heliyon

Abstract:Safety-critical systems, such as the railway signal system, are subject to potentially high costs from failures, including loss of life and property damage. The use of new technology, including communication-based train control (CBTC) systems with software and computers, has changed the types of accidents that occur. Software-related issues and dysfunctional interactions between system components controlled by the software are increasingly the cause of incidents. Developing a "safe" safety-critical system requires accurate and complete safety requirements, which are the foundation of system development. Traditional hazard analysis techniques are insufficient for identifying the causes of accidents in modern railway signaling systems. Systems-Theoretic Process Analysis (STPA) is a powerful new hazard analysis method designed to address these limitations. Building upon this foundation, a hierarchical approach to safety requirement development has been further developed. This approach combines STPA analysis with a hierarchical modeling approach to establish traceability links from safety requirements to specific architectures, refine and allocate system-level safety requirements to relevant subsystems, and abstract safety requirements at higher hierarchical levels to enable easy changes to lower-level implementations. This paper employs the aforementioned methodology within the context of the CBTC system, thereby enhancing risk management and hazard analysis, enabling early insights, and facilitating the generation of safety requirements of CBTC System.

甘早斌,吴平,路松峰,李瑞轩

DOI: https://doi.org/10.3969/j.issn.1671-0428.2006.11.013

2007-01-01

Abstract:This paper extended the attack tree model,and proposed a new quantitative risk evaluation method.While the risk value of the leaf node(atomic attack) was quantified,the multi-attribute utility theory was adopted,which could make the result more reasonable.Presented all algorithms for each steps of this new evaluation method that offered a good foundation for the implementation of the automatic evaluation tool.

Mouna Rekik,Christophe Gransart,Marion Berbineau

DOI: https://doi.org/10.1109/ssd.2018.8570650

2018-03-01

Abstract:Future railway systems should bring convenience to people's lives. In fact, the efficiency and the safety of railway services are improving due to the evolution from bespoke stand-alone systems to open-platform, standardized equipment and the increasing use of networked control and automation systems and connected technologies. However, this dependency of automation, control and communication technologies makes railway systems increasingly vulnerable to cyber-physical security threats which affect the overall performance. This paper deals with cyber-physical security concerns facing these systems. As such, vulnerabilities and characteristics of railway threat landscape are analyzed. We then discuss threats facing these assets, their direct impacts and cascading consequences on the whole system.

Xiang Ji,Huiqun Yu,Guisheng Fan,Wenhao Fu

DOI: https://doi.org/10.1109/SNPD.2016.7515980

2016-01-01

Abstract:Cyber-physical system (CPS) is the fuse of cyber world and the dynamic physical world and it is being widely used in areas closely related to people's livelihood. Therefore, the security issues of CPS have drawn a global attention and an appropriate risk assessment for CPS is in urgent need. The existing proposals using attack trees for risk assessment mainly focus on depicting the possible intrusions, not for interactions between threats and defenses. In this paper, a risk assessment idea for cyber-physical system with the use of attack-defense tree (ADTree) is proposed, considering the effect of both the attack cost and defense cost. The effectiveness of the proposed approach is evaluated by a set of metrics like probability of success, attack and defense cost and the impact of an attack. In addition, we introduce two economic factors (ROA and ROI) to evaluate the performance of ADTree. Finally, an illustration case of threat risk analysis in SCADA system is given to demonstrate our approach. Overall, our approach provides an effective means of risk assessment and countermeasures evaluation in the evolutional process of security management for cyber-physical system security.

QIAN Sheng,WANG Qi,YAN Yunsong,FENG Ke,XIA Haifeng

DOI: https://doi.org/10.12158/j.2096-3203.2022.03.002

2022-01-01

Abstract:The security and stability control system is an important defense line to ensure the reliable operation of the power grid. Serious physical consequences can be caused by cyber attacks against the security and stability control system. In order to quantitatively evaluate the impact of cyber attacks on security and stability control system and solve the problem that the existing risk assessment methods do not fully consider the susceptibility of cyber attacks,a risk assessment method of security and stability control system considering the impact of cyber attacks is proposed. Firstly,the hierarchical structure of the security and stability control system is analyzed. Then,the risk points of cyber attacks on the stability control device body and device's inter-station communication from the three perspectives of attack object,attack methods,and attack consequences are analyzed. Secondly,the susceptibility of cyber attacks is quantified based on the fuzzy analytic hierarchy process,and a successful probability model of cyber attacks for security and stability control system is established combined with the defense unit model of cyber attacks built by Petri nets. Finally,the risk assessment is carried out on the standard and actual systems combined with the physical consequences and the probability of successful attacks. The risk values under two conditions of normal operation and cyber attack are calculated to verify the validity of the proposed model.

Chen,Gang Chen

DOI: https://doi.org/10.1109/aiipcc57291.2022.00077

2022-01-01

Abstract:With the rapid development and popular utilization of computer network system, the proportion of attacks against computer network system has been increasing year by year. The traditional security vulnerability assessment method only evaluates individual vulnerabilities in isolation, and the assessment results do not reflect the degree of impact of vulnerabilities on the whole network. To address this problem this paper proposes a computer network system security assessment method, which uses the CVSSv3 evaluation index to assess vulnerabilities based on vulnerability association graph and risk matrix, while taking into account the association relationship between the fore-order vulnerability nodes, back-order vulnerability nodes and the vulnerability itself. The vulnerability correlation hazard calculated by the method can accurately reflect the degree of impact of the vulnerability on the whole computer network system, and the accuracy and effectiveness of the method is proved through experiments.

Matthew Tassava,Cameron Kolodjski,Jeremy Straub

2023-06-07

Abstract:A system vulnerability analysis technique (SVAT) for complex mission critical systems (CMCS) was developed in response to the need to be able to conduct penetration testing on large industrial systems which cannot be taken offline or risk disablement or impairment for conventional penetration testing. SVAT-CMCS facilitates the use of known vulnerability and exploit information, incremental testing of system components and data analysis techniques to identify attack pathways in CMCSs. This data can be utilized for corrective activities or to target controlled manual follow-up testing. This paper presents the SVAT-CMCS paradigm and describes its implementation in a software tool, which was built using the Blackboard Architecture, that can be utilized for attack pathway identification. The performance of this tool is characterized using three example models. In particular, it explores the path generation speed and the impact of link cap restrictions on system operations, under different levels of network size and complexity. Accurate fact-rule processing is also tested using these models. The results show significant decreases in path generation efficiency as the link cap and network complexity increase; however, rule processing accuracy is not impacted.

Cryptography and Security

He Wen

DOI: https://doi.org/10.48550/arXiv.2306.08631

2023-06-15

Abstract:Cyberattacks on industrial control systems (ICS) have been drawing attention in academia. However, this has not raised adequate concerns among some industrial practitioners. Therefore, it is necessary to identify the vulnerable locations and components in the ICS and investigate the attack scenarios and techniques. This study proposes a method to assess the risk of cyberattacks on ICS with an improved Common Vulnerability Scoring System (CVSS) and applies it to a continuous stirred tank reactor (CSTR) model. The results show the physical system levels of ICS have the highest severity once cyberattacked, and controllers, workstations, and human-machine interface are the crucial components in the cyberattack and defense.

Cryptography and Security,Artificial Intelligence