Abstract
Critical infrastructure systems are distributed environments in which the mixture of technologies and interdependencies between physical and logical components lead to complex interactions. Calculating the possible impacts of attacks and the success of proposed countermeasures in such environments represents a severe problem. We propose a process algebraic technique as a means of affecting such calculations. Our approach allows us to demonstrate equivalence w.r.t. attack and defense strategies respectively. It also forms a basis for determining the efficiency and effectiveness of countermeasures. In comparison with other methods, such as attack/defense trees and attack graphs, our approach allows us to relax assumptions regarding the ordering of events by applying structural reasoning to outcomes and reducing the state space for the analysis. An obvious application is to risk management.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Langner, R.: Robust Control System Networks. Momentum Press, New York (2012)
McEvoy, T.R., Wolthusen, S.D.: A Formal Adversary Capability Model for SCADA Environments. In: Xenakis, C., Wolthusen, S. (eds.) CRITIS 2010. LNCS, vol. 6712, pp. 93–103. Springer, Heidelberg (2011)
Mauw, S., Oostdijk, M.: Foundations of Attack Trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)
Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Foundations of Attack–Defense Trees. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 80–95. Springer, Heidelberg (2011)
Bistarelli, S., Peretti, P., Trubitsyna, I.: Analyzing Security Scenarios Using Defence Trees and Answer Set Programming. Electron. Notes Theor. Comput. Sci. 197(2), 121–129 (2008)
Ingols, K., Chu, M., Lippmann, R., Webster, S., Boyer, S.: Modeling Modern Network Attacks and Countermeasures Using Attack Graphs. In: Annual Computer Security Applications Conference, ACSAC 2009, pp. 117–126 (December 2009)
Lippmann, R.P., Ingols, K.W.: An Annotated Review of Past Papers on Attack Graphs (1998)
Braynov, S., Jadliwala, M.: Representation and Analysis of Coordinated Attacks. In: Proceedings of the 2003 ACM Workshop on Formal Methods in Security Engineering, FMSE 2003, pp. 43–51. ACM, New York (2003)
Sangiorgi, D., Walker, D.: π-Calculus: A Theory of Mobile Processes. Cambridge University Press, New York (2001)
Delaune, S., Kremer, S., Ryan, M.D.: Symbolic Bisimulation for the Applied Pi Calculus. J. Comput. Secur. 18(2), 317–377 (2010)
McEvoy, T.R., Wolthusen, S.: Agent Interaction and State Determination in SCADA Systems. In: Butts, J., Shenoi, S. (eds.) Critical Infrastructure Protection. IFIP AICT, pp. 99–109. Springer, Heidelberg (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
McEvoy, T.R., Wolthusen, S.D. (2013). Algebraic Analysis of Attack Impacts and Countermeasures in Critical Infrastructures. In: Hämmerli, B.M., Kalstad Svendsen, N., Lopez, J. (eds) Critical Information Infrastructures Security. Lecture Notes in Computer Science, vol 7722. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41485-5_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-41485-5_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41484-8
Online ISBN: 978-3-642-41485-5
eBook Packages: Computer ScienceComputer Science (R0)