Analysing Mission-critical Cyber-physical Systems with AND/OR Graphs and MaxSAT

Barrère, Martín; Hankin, Chris

doi:10.1145/3451169

Cited by 6 publications

(2 citation statements)

References 67 publications

(92 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Stellios et al modeled both the cyber connectivity and physical interactions to prioritize APs, no matter which AP is hidden or underestimated at risks [5]. Barrère et al built AND/OR dependency graphs to identify a minimal number of the ICS components with overlapping security measures or critical missions [12,13]. Considering the cost of remediations and security budgets for securing the IoT, Yiğit et al leveraged a compact AG to construct a cost-effective protecting strategy applied to the large-scale environment [14].…”

Section: Related Workmentioning

confidence: 99%

A Prioritizing Interdiction Surface-Based Vulnerability Remediation Composite Metric for Industrial Control Systems

Wang

Zhang

Liu

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Recently, industrial control system (ICS) has gradually been a primary attack target. The main reason is that increasing vulnerabilities exposed provide opportunities for launching multistep and multihost attacks to breach security policies. To that end, vulnerability remediations are crucial for the ICS. However, there exist three problems to be tackled in a sound way. First of all, it is impractical to remove all vulnerabilities for preventing the multistep and multihost attacks in the consideration of the actual ICS demands. Secondly, ranking vulnerability remediations lacks a guidance. The last problem is that there is a lack of a metric for qualifying the security level after each remediation. In this paper, an ICS-oriented assessment methodology is proposed for the vulnerability remediations. It consists of three phases corresponding to the above problems, including (1) prioritizing Interdiction Surfaces, (2) ranking vulnerability remediations, and (3) calculating composite metrics. The Interdiction Surface describes a minimum set of vulnerabilities of which the complete removal may interdict all discovered attack paths in the system. Particularly, it innovates to take the urgent security demands of the ICS into account. Subsequently, ranking the vulnerability in the optimal Interdiction Surface is conducive to guide the remediations with the priority. A composite metric is ultimately given to assess the security level after vulnerability remediations. The effectiveness of the proposed methodology is validated in an ICS scenario which is similar to the real-world practice. Results show that the entire procedure is suitable for the context of the ICS. Simultaneously, the composite metric enhances both the comprehensiveness and the compatibility in contrast with attack path-based metrics. Hence, it overcomes the shortcomings when they are used in isolation.

show abstract

Section: Related Workmentioning

confidence: 99%

A Prioritizing Interdiction Surface-Based Vulnerability Remediation Composite Metric for Industrial Control Systems

Wang

Zhang

Liu

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

“…The AND branch means all parents need to be satisfied, while the OR branch requires just one to be fulfilled. Research has delved into the integration of AND/OR graphs into the realm of cybersecurity [11], as well as their application in game theory [93]. CPAG are the class of attack graphs that effectively encompasses both cyber and physical aspects of an attacker attempting to breach a network's security [85].…”

Section: Cyber-physical Attack Graphsmentioning

confidence: 99%

Computable Analysis and Game Theory: From Foundations to Applications

Crook

View full text Add to dashboard Cite

This body of research showcases several facets of the intersection between computer science and game theory. On the foundational side, we explore the obstructions to the computability of Nash equilibria in the setting of computable analysis. In particular, we study the Weihrauch degree of the problem of ﬁnding a Nash equilibrium for a multiplayer game in normal form. We conclude that the Weihrauch degree Nash for multiplayer games lies between AoUC∗[0,1] and AoUC⋄[0,1] (Theorem 5.3). As a slight detour, we also explore the demarcation between computable and non-computable computational problems pertaining to the veriﬁcation of machine learning. We demonstrate that many veriﬁcation questions are computable without the need to specify a machine learning framework (Section 7.2). As well as looking into the theory of learners, robustness and sparisty of training data. On the application side, we study the use of Hypergames in Cybersecurity. We look into cybersecurity AND/OR attack graphs and how we could turn them into a hypergame (8.1). Hyper Nash equilibria is not an ideal solution for these games, however, we propose a regret-minimisation based solution concept. In Section 8.2, we survey the area of Hypergames and their connection to cybersecurity, showing that even if there is a small overlap, the reach is limited. We suggest new research directions such as adaptive games, generalisation and transferability (Section 8.3).

show abstract