+1 Recommend
1 collections

      Celebrating 65 years of The Computer Journal - free-to-read perspectives - bcs.org/tcj65

      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      CPS Security Assessment using Automatically Generated Attack Trees

      1 , 1 , 1 , 1
      5th International Symposium for ICS & SCADA Cyber Security Research 2018 (ICS-CSR 2018)
      ICS & SCADA Cyber Security Research
      29 - 30 August 2018
      Attack Trees, Cyber-Physical Systems, Security Assessment


            Over the last decades, cyber-physical systems have evolved from isolated to complex interconnected systems that are remotely accessible. This made them easier to attack, especially since they often contain legacy components with known vulnerabilities. This paper presents a methodology to assess the security of a cyber-physical system. It automatically generates attack trees based on the system architecture. The generated attack trees are processed to provide both technical and non-technical feedback. The assessor can define different attacker models to asses the security of the system with respect to different types of attackers. The methodology is validated by providing tool support and applying it to an example ICS.


            Author and article information

            August 2018
            August 2018
            : 1-10
            [1 ]KU Leuven, imec-DistriNet, Dept of Computer Science, Belgium
            © Depamelaere et al. Published by BCS Learning and Development Ltd. Proceedings of ICS & SCADA 2018

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            5th International Symposium for ICS & SCADA Cyber Security Research 2018
            ICS-CSR 2018
            University of Hamburg, Germany
            29 - 30 August 2018
            Electronic Workshops in Computing (eWiC)
            ICS & SCADA Cyber Security Research

            1477-9358 BCS Learning & Development

            Self URI (article page): https://www.scienceopen.com/hosted-document?doi=10.14236/ewic/ICS2018.1
            Self URI (journal page): https://ewic.bcs.org/
            Electronic Workshops in Computing

            Applied computer science,Computer science,Security & Cryptology,Graphics & Multimedia design,General computer science,Human-computer-interaction
            Security Assessment,Cyber-Physical Systems,Attack Trees


            1. 2018 A safety/security risk analysis approach of industrial control systems: A cyber bowtie combining new version of attack tree with bowtie analysis Computers and Security 72 175 195

            2. 2018 Attacker-manager game tree (amgt): A new framework for visualizing and analysing the interactions between attacker and network security manager Computer Networks 133 42 58

            3. 2006 April Defense trees for economic evaluation of security investments First International Conference on Availability, Reliability and Security (ARES’06)

            4. 2004 The use of attack trees in assessing vulnerabilities in scada systems Proceedings of the international infrastructure survivability workshop

            5. 2018 Javafx tool for attack trees in cps https://github.com/WouterDep/attacktrees

            6. 2007 The use of attack and protection trees to analyze security for an online banking system Proceedings of the 40th Hawaii International Conference on System Sciences

            7. ENISA 2016 December Communication network dependencies for ICS/SCADA Systems

            8. 2014 A practical guide to SysML: the systems modeling language Morgan Kaufmann

            9. ICS-CERT 2011 May Common Cybersecurity Vulnerabilities in Industrial Control Systems

            10. ICS-CERT 2014 CSET: Cyber security evaluation tool http://ics-cert.us-cert.gov/Assessments

            11. 2016 Attack-defense trees based cyber security analysis for cpss Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD), 2016 17th IEEE/ACIS International Conference on 693 698 IEEE

            12. 2017 Choosing models for security metrics visualization Computer Network Security 75 87 Springer

            13. 2011 Foundations of attack-defense trees Formal Aspects of Security and Trust 80 95

            14. 2014 A SysML extension for security analysis of industrial control systems Proceedings of the 2Nd International Symposium on ICS & SCADA Cyber Security Research 2014, ICS-CSR 2014 1 9 BCS

            15. 2015 Extracting vulnerabilities in industrial control systems using a knowledge-based system Proceedings of the 3rd International Symposium for ICS & SCADA Cyber Security Research, ICSCSR ’15 1 10 BCS

            16. 2011 Model-based security metrics using adversary view security evaluation (advise) Quantitative Evaluation of Systems (QEST), 2011 Eighth International Conference on 191 200 IEEE

            17. 2005 Foundations of attack trees International Conference on Information Security and Cryptology 186 198 Springer

            18. 2016 6 Bubblenet: A cyber security dashboard for visualizing patterns Computer Graphics Forum 35 3 281 290

            19. 2012 August Attack countermeasure trees (act): Towards unifying the constructs of attack and defense trees Sec. and Commun. Netw. 5 8 929 943

            20. 1999 Attack trees Dr. Dobbs journal 24 12 21 29

            21. 2013 The cyber security modeling language: A tool for assessing the vulnerability of enterprise system architectures Systems Journal IEEE 7 363 373

            22. 2015 Guide to industrial control systems (ics) security

            23. 2007 Vulnerability assessment of cybersecurity for scada systems using attack trees Power Engineering Society General Meeting, 2007 IEEE 1 8 IEEE

            24. 2014 Cybersage: a tool for automatic security assessment of cyber-physical systems International Conference on Quantitative Evaluation of Systems 384 387 Springer

            25. 2008 The idp system: a model expansion system for an extension of classical logic Proceedings of the 2nd Workshop on Logic and Search 153 165

            26. 2009 June A game-theoretic intrusion response and recovery engine 2009 IEEE/IFIP International Conference on Dependable Systems Networks 439 448


            Comment on this article