A critical transportation infrastructure integrated with the Internet of Things based wireless sensor network, operates as a cyber-physical system. However, the new form of IoT enabled transportation infrastructure is susceptible to cyber-physical attacks in the sensing area, due to inherent cyber vulnerabilities of IoT devices and deficient control barriers that could protect it. Traditional risk assessment processes, consider the physical and cyber space as isolated environments, resulting in IoT enabled transportation infrastructure not being assessed by stakeholders (i.e., operators, civil and security engineers) for cyber-physical attacks. In this paper, a new risk assessment approach for cyber-physical attacks against IoT based wireless sensor network is proposed. The approach relies on the identification and proposal of novel cyber-physical characteristics, in the aspect of threat source (e.g., motives), vulnerability (e.g., lack of authentication mechanisms) and types of physical impacts (e.g., casualties). Cyber-physical risk is computed as a product of the level and importance of these characteristics. Monte Carlo simulations and sensitivity analysis are performed to evaluate the results of an IoT enabled bridge subjected to cyber-physical attack scenarios. The results indicate that 76.6% of simulated cases have high-risk and control barriers operating in physical and cyber space can reduce the cyber-physical risk by 71.8%. Additionally, cyber-physical risk differentiates when the importance of the characteristics that are considered during risk assessment is overlooked. The approach is of interest to stakeholders who attempt to incorporate the cyber domain in risk assessment procedures of their system.
Transportation networks play a vital role in society's well-being. While in the past, transportation networks were considered fragile only against threats in physical space (e.g., natural hazards), this is no longer the case. Previous events (e.g., Denial of Services attack against the Swedish Transport Administration) have highlighted the susceptibility of transportation domain to cyber-attacks. The integration of Internet of Things based wireless sensor networks in the sensing layer of a critical transportation infrastructure, increase the vulnerability of transportation networks to cyber-physical attacks. Current vulnerability assessment studies that treat transportation networks in the form of a graph (i.e., nodes, edges), overlook the security issues. In this paper, a new vulnerability assessment approach for transportation network subjected to cyber-physical attack, is proposed. The novelty of the approach relies on the consideration of vulnerabilities states, both in physical and cyber space, using a Bayesian network attack graph. A new probability indicator, that considers different attacker characteristics (e.g., skills) and control barriers (e.g., cameras) is proposed to drive the assignment of probability scores to vulnerability states. Following the probability-based ranking table, we measure the vulnerability of transportation network as a drop of network efficiency, after the removal of the highest probability-based ranked nodes. A transportation network case study is used to demonstrate the application of the approach. Monte Carlo simulations are performed as a method to evaluate the results, that indicate that transportation networks are probabilistically more susceptible to cyber-physical attacks, when IoT enabled transportation infrastructure is based on deficient control barriers. The approach is of interest to stakeholders (i.e., operators, civil and security engineers) who attempt to incorporate the cyber domain in vulnerability assessment procedures of their system.
Transportation networks are fundamental to the efficient and safe functioning of modern societies. In the past, physical and cyber space were treated as isolated environments, resulting in transportation network being considered vulnerable only to threats from the physical space (e.g., natural hazards). The integration of Internet of Things-based wireless sensor networks into the sensing layer of critical transportation infrastructure has resulted in transportation networks becoming susceptible to cyber–physical attacks due to the inherent vulnerabilities of IoT devices. However, current vulnerability assessment methods lack details related to the integration of the cyber and physical space in transportation networks. In this paper, we propose a new vulnerability assessment approach for transportation networks subjected to cyber–physical attacks at the sensing layer. The novelty of the approach used relies on the combination of the physical and cyber space, using a Bayesian network attack graph that enables the probabilistic modelling of vulnerability states in both spaces. A new probability indicator is proposed to enable the assignment of probability scores to vulnerability states, considering different attacker profile characteristics and control barriers. A probability-based ranking table is developed that details the most vulnerable nodes of the graph. The vulnerability of the transportation network is measured as a drop in network efficiency after the removal of the highest probability-based ranked nodes. We demonstrate the application of the approach by studying the vulnerability of a transportation network case study to a cyber–physical attack at the sensing layer. Monte Carlo simulations and sensitivity analysis are performed as methods to evaluate the results. The results indicate that the vulnerability of the transportation network depends to a large extent on the successful exploitation of vulnerabilities, both in the cyber and physical space. Additionally, we demonstrate the usefulness of the proposed approach by comparing the results with other currently available methods. The approach is of interest to stakeholders who are attempting to incorporate the cyber domain into the vulnerability assessment procedures of their system.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.