Taxonomy-Driven Graph-Theoretic Framework for Manufacturing Cybersecurity Risk Modeling and Assessment

Rahman, Md Habibor; Hamedani, Erfan Yazdandoost; Son, Young-Jun; Shafae, Mohammed

doi:10.1115/1.4063729

Our system is currently under heavy load due to increased usage. We're actively working on upgrades to improve performance. Thank you for your patience.

Journal of Computing and Information Science in Engineering

2024

DOI: 10.1115/1.4063729

|View full text |Cite

Taxonomy-Driven Graph-Theoretic Framework for Manufacturing Cybersecurity Risk Modeling and Assessment

Md Habibor Rahman,

Erfan Yazdandoost Hamedani,

Young-Jun Son

et al.

Abstract: Identifying, analyzing, and evaluating cybersecurity risks is essential to devise effective decision-making strategies to secure critical manufacturing against potential cyberattacks. However, a manufacturing-specific quantitative approach to effectively model threat events and evaluate the unique cybersecurity risks in discrete manufacturing systems is lacking. In response, this paper introduces the first taxonomy-driven graph-theoretic model and framework to formally represent this unique cybersecurity threa… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2024

2025

Publication Types

Select...

Article3

Relationship

Self Cite0

Independent3

Authors

Journals

Cited by 3 publications

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

An approach for assessing the functional vulnerabilities criticality of CPS components

Alguliyev,

Aliguliyev,

Sukhostat

2025

Cyber Security and Applications

View full text Add to dashboard Cite

An approach for assessing the functional vulnerabilities criticality of CPS components

Alguliyev,

Aliguliyev,

Sukhostat

2025

Cyber Security and Applications

View full text Add to dashboard Cite

Manufacturing cybersecurity threat attributes and countermeasures: Review, meta-taxonomy, and use cases of cyberattack taxonomies

Rahman

Wuest

Shafae

2023

Journal of Manufacturing Systems

View full text Add to dashboard Cite

Legacy ICS Cybersecurity Assessment Using Hybrid Threat Modeling—An Oil and Gas Sector Case Study

Badawy,

Sherief,

Abdel-Hamid

2024

Applied Sciences

View full text Add to dashboard Cite

As security breaches are increasingly widely reported in today’s culture, cybersecurity is gaining attention on a global scale. Threat modeling methods (TMM) are a proactive security practice that is essential for pinpointing risks and limiting their impact. This paper proposes a hybrid threat modeling framework based on system-centric, attacker-centric, and risk-centric approaches to identify threats in Operational Technology (OT) applications. OT is made up of software and hardware used to manage, secure, and control industrial control systems (ICS), and its environments include factories, power plants, oil and gas refineries, and pipelines. To visualize the “big picture” of its infrastructure risk profile and improve understanding of the full attack surface, the proposed framework builds on several threat modeling methodologies: PASTA modeling, STRIDE, and attack tree components. Nevertheless, the continuity and stability of vital infrastructure will continue to depend heavily on legacy equipment. Thus, protecting the availability, security, and safety of industrial environments and vital infrastructure from cyberattacks requires operational technology (OT) cybersecurity. The feasibility of the proposed approach is illustrated with a case study from a real oil and gas production plant control system where numerous significant cyberattacks in recent years have targeted OT networks more frequently as hackers realized the possibility of disruption due to insufficient OT security, particularly for outdated systems. The proposed framework achieved better results in detecting threats and severity in the design of the case study system, helping to increase security and support cybersecurity assessment of legacy control systems.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Taxonomy-Driven Graph-Theoretic Framework for Manufacturing Cybersecurity Risk Modeling and Assessment

Cited by 3 publications

References 42 publications

An approach for assessing the functional vulnerabilities criticality of CPS components

An approach for assessing the functional vulnerabilities criticality of CPS components

Manufacturing cybersecurity threat attributes and countermeasures: Review, meta-taxonomy, and use cases of cyberattack taxonomies

Legacy ICS Cybersecurity Assessment Using Hybrid Threat Modeling—An Oil and Gas Sector Case Study

Contact Info

Product

Resources

About