Redundancy Planning for Cost Efficient Resilience to Cyber Attacks

Soikkeli, Jukka; Casale, Giuliano; Muñoz-González, Luis; Lupu, Emil

doi:10.1109/tdsc.2022.3151462

Cited by 3 publications

(2 citation statements)

References 36 publications

(58 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Further approaches have considered how to associate the attack progression through the system to its impact on the system model (e.g. [19]). It is then possible to conduct a cost based analysis to identify the most cost effective countermeasures or to evaluate the cost effectiveness of different mitigating strategies.…”

Section: Tamelessmentioning

confidence: 99%

“…For example, when system elements are compromised, this can be taken into account and the new probabilities of compromise can be calculated [22], [17]. The new probabilities of compromise can be used to choose countermeasures [23] and can also be combined with system models and cost models for resilience analysis as shown in [19]. However, our focus here is on the analysis and the generation of the graph for hybrid systems and we leave such extensions for further work.…”

Section: Attack Graphsmentioning

confidence: 99%

See 1 more Smart Citation

A Hybrid Threat Model for Smart Systems

Valenza

Karafili

Steiner

et al. 2023

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Cyber-physical systems and their smart components have a pervasive presence in all our daily activities. Unfortunately, identifying the potential threats and issues in these systems and selecting enough protection is challenging given that such environments combine human, physical and cyber aspects to the system design and implementation. Current threat models and analysis do not take into consideration all three aspects of the analyzed system, how they can introduce new vulnerabilities or protection measures to each other. In this work, we introduce a novel threat model for cyber-physical systems that combines the cyber, physical, and human aspects. Our model represents the system's components relations and security properties by taking into consideration these three aspects. Together with the threat model we also propose a threat analysis method that allows understanding the security state of the system's components. The threat model and the threat analysis have been implemented into an automatic tool, called TAMELESS, that automatically analyzes threats to the system, verifies its security properties, and generates a graphical representation, useful for security architects to identify the proper prevention/mitigation solutions. We show and prove the use of our threat model and analysis with three cases studies from different sectors.

show abstract

Section: Tamelessmentioning

confidence: 99%