Abstract
This paper describes a next-generation security information and event management (SIEM) platform that performs real-time impact assessment of cyber attacks that target monitoring and control systems in interdependent critical infrastructures. To assess the effects of cyber attacks on the services provided by critical infrastructures, the platform combines security analysis with simulations produced by the Infrastructure Interdependencies Simulator (i2Sim). The approach is based on the mixed holistic reductionist (MHR) methodology that models the relationships between functional components of critical infrastructures and the provided services. The effectiveness of the approach is demonstrated using a scenario involving a dam that feeds a hydroelectric power plant. The scenario considers an attack on a legacy SCADA system and wireless sensor network that reduces electricity production and degrades the services provided by the interdependent systems. The results demonstrate that the attack is detected in a timely manner, risk assessment is performed effectively and service level variations can be predicted. The paper also shows how the impact of attacks on services can be estimated when limits are imposed on information sharing.
Chapter PDF
Similar content being viewed by others
References
AlienVault, OSSIM Sensor ( www.alienvault.com/wiki/doku.php?id=documentation:agent ).
C. Alcaraz and J. Lopez, A security analysis for wireless sensor mesh networks in highly critical systems, IEEE Transactions on Systems, Man and Cybernetics, Part C: Applications and Reviews, vol. 40(4), pp. 419–428, 2010.
A. Alsubaie, A. Di Pietro, J. Marti, P. Kini, T. Lin, S. Palmieri and A. Tofani, A platform for disaster response planning with interdependency simulation functionality, in Critical Infrastructure Protection VII, J. Butts and S. Shenoi (Eds.), Heidelberg, Germany, pp. 183–197, 2013.
X. Bai, X. Meng, Z. Du, M. Gong and Z. Hu, Design of wireless sensor network in SCADA system for wind power plant, Proceedings of the IEEE International Conference on Automation and Logistics, pp. 3023–3027, 2008.
P. Baronti, P. Pillai, V. Chook, S. Chessa, A. Gotta and Y. Hu, Wireless sensor networks: A survey on the state of the art and the 802.15.4 and ZigBee standards, Computer Communications, vol. 30(7), pp. 1655–1695, 2007.
L. Coppolino, S. D’Antonio, V. Formicola and L. Romano, Enhancing SIEM technology to protect critical infrastructures, Proceedings of the Seventh International Workshop on Critical Information Infrastructure Security, pp. 10–21, 2010.
L. Coppolino, S. D’Antonio, V. Formicola and L. Romano, Integration of a system for critical infrastructure protection with the OSSIM SIEM platform: A dam case study, Proceedings of the Thirtieth International Conference on Computer Safety, Reliability and Security, pp. 199–212, 2011.
H. Debar, D. Curry and B. Feinstein, The Intrusion Detection Message Exchange Format (IDMEF), RFC 4765, 2007.
S. De Porcellinis, S. Panzieri and R. Setola, Modeling critical infrastructure via a mixed holistic reductionistic approach, International Journal of Critical Infrastructures, vol. 5(1/2), pp. 86–99, 2009.
A. Di Pietro, C. Foglietta, S. Palmieri and S. Panzieri, Assessing the impact of cyber attacks on interdependent physical systems, in Critical Infrastructure Protection VII, J. Butts and S. Shenoi (Eds.), Heidelberg, Germany, pp. 215–227, 2013.
A. Di Pietro and S. Panzieri, Taxonomy of SCADA systems security testbeds, to appear in International Journal of Critical Infrastructures.
Z. Dyka and P. Langendorfer, Improving the security of wireless sensor networks by protecting the sensor nodes against side channel attacks, in Wireless Networks and Security, S. Khan and A. Pathan (Eds.), Springer-Verlag, Berlin Heidelberg, Germany, pp. 303–328, 2013.
N. Falliere, L. O’Murchu and E. Chien, W32.Stuxnet Dossier, Version 1.4, Symantec, Mountain View, California, 2011.
A. Ghorbani and E. Bagheri, The state of the art in critical infrastructure protection: A framework for convergence, International Journal of Critical Infrastructures, vol. 4(3), pp. 215–244, 2008.
J. Hasler, Investigating Russia’s biggest dam explosion: What went wrong, Popular Mechanics ( www.popularmechanics.com/technology/engineering/gonzo/4344681 ), February 2, 2010.
J. Marti, Multisystem simulation: Analysis of critical infrastructures for disaster response, in Networks of Networks: The Last Frontier of Complexity, G. D’Agostino and A. Scala (Eds.), Springer International Publishing, Cham, Switzerland, pp. 255–277, 2014.
D. Martins and H. Guyennet, Wireless sensor network attacks and security mechanisms: A short survey, Proceedings of the Thirteenth International Conference on Network-Based Systems, pp. 313–320, 2010.
K. Poulsen, Slammer worm crashed Ohio nuke plant network, Security Focus ( www.securityfocus.com/news/6767 ), August 19, 2003.
Prelude-IDS, Prelude LML ( www.prelude-ids.org/wiki/prelude/PreludeLml ), 2013.
C. Rapp, Home of SMC: The State Machine Compiler ( http://smc.sourceforge.net ), 2013.
S. Rinaldi, J. Peerenboom and T. Kelly, Identifying, understanding and analyzing critical infrastructure interdependencies, IEEE Control Systems, vol. 21(6), pp. 11–25, 2001.
R. Roman, C. Alcaraz and J. Lopez, The role of wireless sensor networks in the area of critical information infrastructure protection, Information Security Technical Report, vol. 12(1), pp. 24–31, 2007.
L. Romano, S. D’Antonio, V. Formicola and L. Coppolino, Protecting the WSN zones of a critical infrastructure via enhanced SIEM technology, Proceedings of the Thirty-First International Conference on Computer Safety, Reliability and Security, pp. 222–234, 2012.
G. Satumitra and L. Duenas-Osorio, Synthesis of modeling and simulation methods in critical infrastructure interdependencies research, in Sustainable and Resilient Critical Infrastructure Systems, K. Gopalakrishnan and S. Peeta (Eds.), Springer-Verlag, Berlin Heidelberg, Germany, pp. 1–51, 2010.
M. Theoharidou, P. Kotzanikolaou and D. Gritzalis, A multi-layer criticality assessment methodology based on interdependencies, Computers and Security, vol. 29(6), pp. 643–658, 2010
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 IFIP International Federation for Information Processing
About this paper
Cite this paper
Formicola, V., Di Pietro, A., Alsubaie, A., D’Antonio, S., Marti, J. (2014). Assessing the Impact of Cyber Attacks on Wireless Sensor Nodes That Monitor Interdependent Physical Systems. In: Butts, J., Shenoi, S. (eds) Critical Infrastructure Protection VIII. ICCIP 2014. IFIP Advances in Information and Communication Technology, vol 441. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45355-1_14
Download citation
DOI: https://doi.org/10.1007/978-3-662-45355-1_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-45354-4
Online ISBN: 978-3-662-45355-1
eBook Packages: Computer ScienceComputer Science (R0)