Systematic review of features for co‐simulating security incidents in <scp>Cyber‐Physical</scp> Systems

Czekster, Ricardo M.; Morisset, Charles; Clark, John A.; Soudjani, Sadegh; Patsios, Charalampos; Davison, P.

doi:10.1002/spy2.150

Cited by 9 publications

(5 citation statements)

References 44 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…CTI is still in its early stages as more mature tools and techniques are developed and adopted by organisations. It must be used in conjunction with other techniques such as attack modelling techniques (AMT) [40] such as attack trees or fault tree analysis, cosimulation [41], focus on APT or LCA, threat modelling, or advanced statistical analysis (ML/AI), to mention a few.…”

Section: Discussionmentioning

confidence: 99%

cyberaCTIve: a STIX-based Tool for Cyber Threat Intelligence in Complex Models

Czekster¹,

Metere²,

Morisset³

2022

Preprint

Self Cite

View full text Add to dashboard Cite

Cyber threat intelligence (CTI) is practical realworld information that is collected with the purpose of assessing threats in cyber-physical systems (CPS). A practical notation for sharing CTI is STIX. STIX offers facilities to create, visualise and share models; however, even a moderately simple project can be represented in STIX as a quite complex graph, suggesting to spread CTI across multiple simpler sub-projects. Our tool aims to enhance the STIX-based modelling task in contexts when such simplifications are infeasible. Examples can be the microgrid and, more in general, the smart grid.

show abstract

Section: Discussionmentioning

confidence: 99%

cyberaCTIve: a STIX-based Tool for Cyber Threat Intelligence in Complex Models

Czekster¹,

Metere²,

Morisset³

2022

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…CTI is still in its early stages as more mature tools and techniques are developed and adopted by organisations. It must be used in conjunction with other techniques such as attack modelling techniques (AMT) [92] where examples are attack trees or fault tree analysis, co-simulation [93], focus on advanced persistent threats or load changing attacks [11], threat modelling, or advanced statistical analysis (artificial intelligence/machine learning) [76,94], to name a few.…”

Section: Discussionmentioning

confidence: 99%

Incorporating Cyber Threat Intelligence into Complex Cyber-Physical Systems: A STIX Model for Active Buildings

2022

Self Cite

View full text Add to dashboard Cite

Active buildings can be briefly described as smart buildings with distributed and renewable energy resources able to energise other premises in their neighbourhood. As their energy capacity is significant, they can provide ancillary services to the traditional power grid. As such, they can be a worthy target of cyber-attacks potentially more devastating than if targeting traditional smart buildings. Furthermore, to handshake energy transfers, they need additional communications that add up to their attack surface. In such a context, security analysis would benefit from collection of cyber threat intelligence (CTI). To facilitate the analysis, we provide a base active building model in STIX in the tool cyberaCTIve that handles complex models. Active buildings are expected to implement standard network security measures, such as intrusion-detection systems. However, to timely respond to incidents, real-time detection should promptly update CTI, as it would significantly speed up the understanding of the nature of incidents and, as such, allow for a more effective response. To fill this gap, we propose an extension to the tool cyberaCTIve with a web service able to accept (incursion) feeds in real-time and apply the necessary modifications to a STIX model of interest.

show abstract

“…Co-simulation has been widely used in the engineering [10] and cyber-physical system [10,55] problem domains. DEVS-based co-simulation models have been frequently applied for these domains both in a strict sense, where all component models are DEVS models and in a hybrid sense, where DEVS component models interact with non-DEVS component models [56][57][58][59][60].…”

Section: Composable Modeling Techniquesmentioning

confidence: 99%

Comparing the Complexity and Efficiency of Composable Modeling Techniques for Multi-Scale and Multi-Domain Complex System Modeling and Simulation Applications: A Probabilistic Analysis

Wagner

2024

Systems

View full text Add to dashboard Cite

Modeling and simulation of complex systems frequently requires capturing probabilistic dynamics across multiple scales and/or multiple domains. Cyber–physical, cyber–social, socio–technical, and cyber–physical–social systems are common examples. Modeling and simulating such systems via a single, all-encompassing model is often infeasible, and thus composable modeling techniques are sought. Co-simulation and closure modeling are two prevalent composable modeling techniques that divide a multi-scale/multi-domain system into sub-systems, use smaller component models to capture each sub-system, and coordinate data transfer between component models. While the two techniques have similar goals, differences in their methods lead to differences in the complexity and computational efficiency of a simulation model built using one technique or the other. This paper presents a probabilistic analysis of the complexity and computational efficiency of these two composable modeling techniques for multi-scale/multi-domain complex system modeling and simulation applications. The aim is twofold: to promote awareness of these two composable modeling approaches and to facilitate complex system model design by identifying circumstances that are amenable to either approach.

show abstract

Systematic review of features for co‐simulating security incidents in Cyber‐Physical Systems

Cited by 9 publications

References 44 publications

cyberaCTIve: a STIX-based Tool for Cyber Threat Intelligence in Complex Models

cyberaCTIve: a STIX-based Tool for Cyber Threat Intelligence in Complex Models

Incorporating Cyber Threat Intelligence into Complex Cyber-Physical Systems: A STIX Model for Active Buildings

Comparing the Complexity and Efficiency of Composable Modeling Techniques for Multi-Scale and Multi-Domain Complex System Modeling and Simulation Applications: A Probabilistic Analysis

Contact Info

Product

Resources

About