Skip to main content
SpringerLink
Log in
Book cover

International Conference on Computer Safety, Reliability, and Security

SAFECOMP 2016: Computer Safety, Reliability, and Security pp 187–200Cite as

Modelling Cost-Effectiveness of Defenses in Industrial Control Systems

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 9922))

Abstract

Industrial Control Systems (ICS) play a critical role in controlling industrial processes. Wide use of modern IT technologies enables cyber attacks to disrupt the operation of ICS. Advanced Persistent Threats (APT) are the most threatening attacks to ICS due to their long persistence and destructive cyber-physical effects to ICS. This paper considers a simulation of attackers and defenders of an ICS, where the defender must consider the cost-effectiveness of implementing defensive measures within the system in order to create an optimal defense. The aim is to identify the appropriate deployment of a specific defensive strategy, such as defense-in-depth or critical component defense. The problem is represented as a strategic competitive optimisation problem, which is solved using a co-evolutionary particle swarm optimisation algorithm. Through the development of optimal defense strategy, it is possible to identify when each specific defensive strategies is most appropriate; where the optimal defensive strategy depends on the resources available and the relative effectiveness of those resources.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    ICS-CERT: Sept. 2014 – Feb. 2015. www.ics-cert.us-cert.gov/monitors/ICS-MM20 1502.

  2. 2.

    SANS ICS Defense Use Case, 2014. https://ics.sans.org/media/ICS-CPPE-case- Study-2-German-Steelworks_Facility.pdf.

References

  1. BSI: Industrial control system security top 10 threats and countermeasures 2014, March 2014. www.allianz-fuer-cybersicherheit.de/ACS/DE/_downloads/techniker/hardware/BSI-CS_005E.pdf

  2. Chopitea, T.: Threat modelling of hacktivist groups organization, chain of command, and attack methods (2012). http://publications.lib.chalmers.se/records/fulltext/173222/173222.pdf

  3. U.S. Department of Homeland Security: Common cybersecurity vulnerabilities in industrial control systems (2011). www.ics-cert.us-cert.gov/sites/default/files/documents/DHS_Common_Cybersecurity_Vulnerabilities_ICS_20110523.pdf

  4. Durkota, K., Lisy, V., Kiekintveld, C., Bosansky, B.: Game-theoretic algorithms for optimal network security hardening using attack graphs. In: Proceedings of International Conference on Autonomous Agents and Multiagent Systems, pp. 1773–1774 (2015)

    Google Scholar 

  5. Eberhart, R.C., Kennedy, J.: A new optimizer using particle swarm theory. In: Proceedings of 6th International Symposium on Micro Machine and Human Science, New York, vol. 1, pp. 39–43 (1995)

    Google Scholar 

  6. Falliere, N., Murchu, L.O., Chien, E.: W32. Stuxnet dossier. White paper, Symantec Corp., Security. Response 5 (2011)

    Google Scholar 

  7. Fielder, A., Panaousis, E., Malacaria, P., Hankin, C., Smeraldi, F.: Game theory meets information security management. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds.) SEC 2014. IFIP AICT, vol. 428, pp. 15–29. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  8. Fielder, A., Panaousis, E., Malacaria, P., Hankin, C., Smeraldi, F.: Decision support approaches for cyber security investment. Decis. Support Syst. 86, 13–23 (2016)

    Article  Google Scholar 

  9. Gao, K., Jianming, L., Xu, R., Wang, Y., Li, Y.: A hybrid security situation prediction model for information network based on support vector machine and particle swarm optimization. Power Syst. Technol. 4, 033 (2011)

    Google Scholar 

  10. Gebser, M., Kaminski, R., Kaufmann, B., Ostrowski, M., Schaub, T., Schneider, M.: Potassco: the Potsdam answer set solving collection. AI Commun. 24(2), 107–124 (2011)

    MathSciNet  MATH  Google Scholar 

  11. Karnan, M., Akila, M.: Personal authentication based on keystroke dynamics using soft computing techniques. In: 2nd International Conference on Communication Software and Networks, ICCSN 2010, pp. 334–338. IEEE (2010)

    Google Scholar 

  12. Kennedy, J.: Particle swarm optimization. In: Sammut, C., Webb, G.I. (eds.) Encyclopedia of Machine Learning, pp. 760–766. Springer, Berlin (2010)

    Google Scholar 

  13. Klíma, R., Lisý, V., Kiekintveld, C.: Combining online learning and equilibrium computation in security games. In: Khouzani, M.H.R., Panaousis, E., Theodorakopoulos, G. (eds.) GameSec 2015. LNCS, vol. 9406, pp. 130–149. Springer, Heidelberg (2015). doi:10.1007/978-3-319-25594-1_8

    Chapter  Google Scholar 

  14. Korzhyk, D., Conitzer, V., Parr, R.: Complexity of computing optimal Stackelberg strategies in security resource allocation games. In: AAAI (2010)

    Google Scholar 

  15. Kuipers, D., Fabro, M.: Control Systems Cyber Security: Defense in Depth Strategies. Department of Energy, United States (2006)

    Google Scholar 

  16. Lemay, A.: Defending the SCADA network controlling the electrical grid from advanced persistent threats. Ph.D. thesis, École Polytechnique de Montréal (2013)

    Google Scholar 

  17. Lippmann, R.P., Ingols, K.W., Scott, C., Piwowarski, K., Kratkiewicz, K.J., Artz, M., Cunningham, R.: Evaluating and Strengthening Enterprise Network Security Using Attack Graphs. Defense Technical Information Center, Fort Belvoir (2005)

    Google Scholar 

  18. Ma, Z., Smith, P.: Determining Risks from advanced multi-step attacks to critical information infrastructures. In: Luiijf, E., Hartel, P. (eds.) CRITIS 2013. LNCS, vol. 8328, pp. 142–154. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  19. Noel, S., Jajodia, S., Wang, L., Singhal, A.: Measuring security risk of networks using attack graphs. Int. J. Next-Gener. Comput. 1(1), 135–147 (2010)

    Google Scholar 

  20. Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: Proceedings of 13th ACM Conference on Computer and Communications Security, pp. 336–345. ACM (2006)

    Google Scholar 

  21. Pham, V., Cid, C.: Are we compromised? Modelling security assessment games. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 234–247. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  22. Poli, R.: Analysis of the publications on the applications of particle swarm optimisation. J. Artif. Evol. Appl. 2008, 3 (2008)

    Google Scholar 

  23. Poli, R., Kennedy, J., Blackwell, T.: Particle swarm optimization. Swarm Intell. 1(1), 33–57 (2007)

    Article  Google Scholar 

  24. Small, P.E.: Defense in Depth: An Impractical Strategy for a Cyber World. SANS Institute, Bethesda (2011)

    Google Scholar 

  25. Srinoy, S.: Intrusion detection model based on particle swarm optimization and support vector machine. In: IEEE Symposium on Computational Intelligence in Security and Defense Applications, CISDA, pp. 186–192. IEEE (2007)

    Google Scholar 

  26. Stouffer, K., Falco, J., Scarfone, K.: Guide to industrial control systems (ICS) security. NIST Special Publication (2011). http://csrc.nist.gov/publications/nistpubs/800-82/SP800-82-final.pdf

  27. Tsai, J., Rathi, S., Kiekintveld, C., Ordez, F., Tambe, M.: IRIS - A tool for strategic security allocation in transportation networks, vol. 2, pp. 1327–1334. International Foundation for Autonomous Agents and Multiagent Systems (IFAAMAS), 1 (2009)

    Google Scholar 

  28. Wang, L., Noel, S., Jajodia, S.: Minimum-cost network hardening using attack graphs. Comput. Commun. 29(18), 3812–3824 (2006)

    Article  Google Scholar 

Download references

Acknowledgement

This work is funded by the EPSRC project RITICS: Trustworthy Industrial Control Systems (EP/L021013/1).

Author information

Authors and Affiliations

  1. Institute for Security Science and Technology, Imperial College London, London, UK

    Andrew Fielder, Tingting Li & Chris Hankin

Authors
  1. Andrew Fielder
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tingting Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chris Hankin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tingting Li .

Editor information

Editors and Affiliations

  1. Norwegian University of Science and Technology , Trondheim, Norway

    Amund Skavhaug

  2. University of Toulouse , Toulouse, France

    Jérémie Guiochet

  3. Thales Transportation Systems GmbH , Ditzingen, Germany

    Friedemann Bitsch

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Fielder, A., Li, T., Hankin, C. (2016). Modelling Cost-Effectiveness of Defenses in Industrial Control Systems. In: Skavhaug, A., Guiochet, J., Bitsch, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2016. Lecture Notes in Computer Science(), vol 9922. Springer, Cham. https://doi.org/10.1007/978-3-319-45477-1_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-45477-1_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-45476-4

  • Online ISBN: 978-3-319-45477-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation