UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Vulnerability-Based Impact Criticality Estimation for Industrial Control Systems

Ani, UD; He, H; Tiwari, A; (2020) Vulnerability-Based Impact Criticality Estimation for Industrial Control Systems. In: Proceedings of the 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). The Institute of Electrical and Electronics Engineers (IEEE) Green open access

[thumbnail of Uani_CameraReady-CyberScience2020_Submitted.pdf]
Preview
Text
Uani_CameraReady-CyberScience2020_Submitted.pdf - Accepted Version

Download (822kB) | Preview

Abstract

Cyber threats directly affect the critical reliability and availability of modern Industry Control Systems (ICS) in respects of operations and processes. Where there are a variety of vulnerabilities and cyber threats, it is necessary to effectively evaluate cyber security risks, and control uncertainties of cyber environments, and quantitative evaluation can be helpful. To effectively and timely control the spread and impact produced by attacks on ICS networks, a probabilistic Multi-Attribute Vulnerability Criticality Analysis (MAVCA) model for impact estimation and prioritised remediation is presented. This offer a new approach for combining three major attributes: vulnerability severities influenced by environmental factors, the attack probabilities relative to the vulnerabilities, and functional dependencies attributed to vulnerability host components. A miniature ICS testbed evaluation illustrates the usability of the model for determining the weakest link and setting security priority in the ICS. This work can help create speedy and proactive security response. The metrics derived in this work can serve as sub-metrics inputs to a larger quantitative security metrics taxonomy; and can be integrated into the security risk assessment scheme of a larger distributed system.

Type: Proceedings paper
Title: Vulnerability-Based Impact Criticality Estimation for Industrial Control Systems
Event: 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)
Location: Dublin, Ireland
Dates: 15th-19th June 2020
ISBN-13: 978-1-7281-6428-1
Open access status: An open access version is available from UCL Discovery
DOI: 10.1109/cybersecurity49315.2020.9138886
Publisher version: https://doi.org/10.1109/CyberSecurity49315.2020.91...
Language: English
Additional information: This version is the author accepted manuscript. For information on re-use, please refer to the publisher's terms and conditions.
Keywords: Cybersecurity, Functional Dependency, Industrial Control System (ICS), ICS Security, Security Criticality Analysis, Security Impact Analysis, Vulnerability Analysis
UCL classification: UCL
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > STEaPP
URI: https://discovery.ucl.ac.uk/id/eprint/10108350
Downloads since deposit
248Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item