METICS: A Holistic Cyber Physical System Model for IEEE 14-bus Power System Security

Jillepalli, Ananth A.; Leon, Daniel Conte de; Johnson, Brian K.; Chakhchoukh, Yacine; Oyewumi, Ibukun A.; Ashrafuzzaman, Md.; Sheldon, Frederick T.; Alves-Foss, Jim; Haney, Michael

doi:10.1109/malware.2018.8659367

Cited by 6 publications

(2 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The statistical results obtained on the reported risks in CPS from our studies show that the most reported impact of the identified risks consisted of (1) communication disruptions 57,105 , (2) system or sub‐system being compromised, 106,107 and (3) leading to system's abnormal behavior 108 and thus failure as a result of a malicious attack 109–111 . Another frequently reported impact is related to the physical aspect of the CPS and that is the equipment failure leading to financial losses, for example, Lopez et al 73 …”

Section: Findings Of Our Reviewmentioning

confidence: 76%

Security risks in cyber physical systems—A systematic mapping study

Zahid

Inayat

Daneva

et al. 2021

J Software Evolu Process

View full text Add to dashboard Cite

The increased need for constant connectivity and complete automation of existing systems fuels the popularity of Cyber Physical Systems (CPS) worldwide. Increasingly more, these systems are subjected to cyber attacks. In recent years, many major cyber‐attack incidents on CPS have been recorded and, in turn, have been raising concerns in their users' minds. Unlike in traditional IT systems, the complex architecture of CPS consisting of embedded systems integrated with the Internet of Things (IoT) requires rather extensive planning, implementation, and monitoring of security requirements. One crucial step to planning, implementing, and monitoring of these requirements in CPS is the integration of the risk management process in the CPS development life cycle. Existing studies do not clearly portray the extent of damage that the unattended security issues in CPS can cause or have caused, in the incidents recorded. An overview of the possible risk management techniques that could be integrated into the development and maintenance of CPS contributing to improving its security level in its actual environment is missing. In this paper, we are set out to highlight the security requirements and issues specific to CPS that are discussed in scientific literature and to identify the state‐of‐the‐art risk management processes adopted to identify, monitor, and control those security issues in CPS. For that, we conducted a systematic mapping study on the data collected from 312 papers published between 2000 and 2020, focused on the security requirements, challenges, and the risk management processes of CPS. Our work aims to form an overview of the security requirements and risks in CPS today and of those published contributions that have been made until now, towards improving the reliability of CPS. The results of this mapping study reveal (i) integrity authentication and confidentiality as the most targeted security attributes in CPS, (ii) model‐based techniques as the most used risk identification and assessment and management techniques in CPS, (iii) cyber‐security as the most common security risk in CPS, (iv) the notion of “mitigation measures” based on the type of system and the underline internationally recognized standard being the most used risk mitigation technique in CPS, (v) smart grids being the most targeted systems by cyber‐attacks and thus being the most explored domain in CPS literature, and (vi) one of the major limitations, according to the selected literature, concerns the use of the fault trees for fault representation, where there is a possibility of runtime system faults not being accounted for. Finally, the mapping study draws implications for practitioners and researchers based on the findings.

show abstract

Section: Findings Of Our Reviewmentioning

confidence: 76%

Security risks in cyber physical systems—A systematic mapping study

Zahid

Inayat

Daneva

et al. 2021

J Software Evolu Process

View full text Add to dashboard Cite

show abstract

“…The transition is opening previously unavailable or limited networking capabilities to improve operational capabilities and efficiencies for industrial systems and infrastructure such as the power grid [1]. Expanded use of networked communications in turn is increasing the attack vectors for the organizations, especially from outside actors [2]. As a result of the transition and the accompanying change in attack vectors, organizations need engineers skilled in configuring, operating, and maintaining their CPS devices.…”

Section: Introductionmentioning

confidence: 99%

Hands-on Lab Exercises for Onsite and Remote Education Delivery in a CPS Communication Systems Course Using ISAAC

Jillepalli,

Gress,

Bainy

et al.

2023 ASEE Annual Conference &Amp; Exposition Proceedings

View full text Add to dashboard Cite

A Formal Model and Verification for HESTIA: An Automated, Adversary-Aware Risk Assessment Process for Cyber Infrastructure

et al. 2022

Self Cite

View full text Add to dashboard Cite

Due to the characteristics and connectivity of today's critical infrastructure systems, cyberattacks on these systems are currently difficult to prevent in an efficient and sustainable manner. Prevention and mitigation strategies need accurate identification and evaluation of: system vulnerabilities, potential threats and attacks, and applicable hardening measures. Furthermore, the ability to prioritize hardening measures based on accurate assessments of risk is needed. In addition, the consideration of the availability, applicability, and cost of potential mitigation strategies is also needed. To address this challenge we created HESTIA: High-level and Extensible System for Training and Infrastructure risk Assessment. In this article we present a formal model of the HESTIA system. We then also present a formal verification of the HESTIA semantic model.

show abstract

METICS: A Holistic Cyber Physical System Model for IEEE 14-bus Power System Security

Cited by 6 publications

References 9 publications

Security risks in cyber physical systems—A systematic mapping study

Security risks in cyber physical systems—A systematic mapping study

Hands-on Lab Exercises for Onsite and Remote Education Delivery in a CPS Communication Systems Course Using ISAAC

A Formal Model and Verification for HESTIA: An Automated, Adversary-Aware Risk Assessment Process for Cyber Infrastructure

Contact Info

Product

Resources

About