Vulnerability modeling and analysis for critical infrastructure protection applications

Marrone, S.; Nardone, Roberto; Tedesco, Annarita; D'Amore, Pasquale; Vittorini, Valeria; Setola, Roberto; Cillis, Francesca De; Mazzocca, Nicola

doi:10.1016/j.ijcip.2013.10.001

Cited by 57 publications

(23 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…On the other hand, the use of SecAM does not hamper the application of other UML profiles proposed in the literature and their related transformation approaches aimed at evaluating Concerning the functional requirements analysis, the UML-2-GSPN transformation technique applied in the paper enables to get a Petri Net model that can be used for checking the correctness of the UML specification, by using either state-based techniques (e.g., model checking) or linear algebra/linear programming-based techniques (e.g., invariants computation, structural bound/liveness computation). As future work, we aim at combining SecAM with other formal methods, e.g., Fault Trees or Bayesian Networks as in [32], to be able to address different kinds of analysis.…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Modelling Security of Critical Infrastructures: A Survivability Assessment

Rodríguez

Merseguer

Bernardi

2014

The Computer Journal

View full text Add to dashboard Cite

Critical infrastructures, usually designed to handle disruptions caused by human errors or random acts of nature, define assets whose normal operation must be guaranteed to maintain its essential services for human daily living. Malicious intended attacks to these targets need to be considered during system design. To face with these situations, defense plans must be developed in advance. In this paper, we present a UML profile, named SecAM, that enables the modelling and security specification for critical infrastructures during the early phases (requirements, design) of systems development life-cycle. SecAM endows security assessment, through survivability analysis, of different security solutions before system deployment. As a case study, we evaluate the survivability of the Saudi Arabia crude-oil pipeline network under two different attack scenarios. The stochastic analysis, carried out with Generalized Stochastic Petri nets, quantitatively estimates the minimisation of attack damages into the crude-oil network.

show abstract

Section: Discussionmentioning

confidence: 99%

“…Marrone et al [32] model vulnerabilities using UML profiling and propose an analysis based on Bayesian networks. UML-CI is proposed in [33] as a profile for modelling critical infrastructures not focussed on security analysis but on management.…”

Section: Related Workmentioning

confidence: 99%

Modelling Security of Critical Infrastructures: A Survivability Assessment

Rodríguez

Merseguer

Bernardi

2014

The Computer Journal

View full text Add to dashboard Cite

show abstract

“…Automatic fare collection system (12) Screen doors (13) Escalator (14) Environment control system (15) Water supply and drainage system (16) Electrical and mechanical control system (17)…”

Section: Degreementioning

confidence: 99%

“…With the increasing of complexity and hazards, there is a need to develop new perspective or approach for infrastructure safety. In the context of the existing literature, some attention is already paid to vulnerability of infrastructure system [11][12][13]. Vulnerability analysis is applied within the management of CIs and some achievements have been made by exploring the impacts of random disturbances, deliberate attacks, and natural disasters.…”

Section: Introductionmentioning

confidence: 99%

Complexity and Vulnerability Analysis of Critical Infrastructures: A Methodological Approach

Deng

Song

Zhou

et al. 2017

Mathematical Problems in Engineering

View full text Add to dashboard Cite

Vulnerability analysis of network models has been widely adopted to explore the potential impacts of random disturbances, deliberate attacks, and natural disasters. However, almost all these models are based on a fixed topological structure, in which the physical properties of infrastructure components and their interrelationships are not well captured. In this paper, a new research framework is put forward to quantitatively explore and assess the complexity and vulnerability of critical infrastructure systems. Then, a case study is presented to prove the feasibility and validity of the proposed framework. After constructing metro physical network (MPN), Pajek is employed to analyze its corresponding topological properties, including degree, betweenness, average path length, network diameter, and clustering coefficient. With a comprehensive understanding of the complexity of MPN, it would be beneficial for metro system to restrain original near-miss or accidents and support decision-making in emergency situations. Moreover, through the analysis of two simulation protocols for system component failure, it is found that the MPN turned to be vulnerable under the condition that the high-degree nodes or high-betweenness edges are attacked. These findings will be conductive to offer recommendations and proposals for robust design, risk-based decision-making, and prioritization of risk reduction investment.

show abstract

“…It provides technical help to the involved departments, organizing coaching to personnel, serving as lead agency for non-governmental organizations (NGOs) and international cooperation, coordinating with the centralized through National Emergency Operation Centre (NEOC) and requiring the department or agency to create there required resources and personnel (Marrone et al, 2013).…”

Section: Introductionmentioning

confidence: 99%

Standard Criteria Response Mechanism of Pakistan Disaster Management Authority (PDMA) and Asian Development Bank (ADB): Evidence from Pakistan

Khattak

Ahad

Khan

et al. 2017

ASSRJ

View full text Add to dashboard Cite

Since the dawn of history and civilization human beings have suffered colossal losses due to natural and anthropogenic causes of various types, scales and dimensions. Floods and earthquakes of relatively recent past exposed the degree and vulnerability of Pakistan in general and Khyber Pakhtunkhwa (KPK) in particular. This study aimed to evaluate the capacity, affectivity and weakness of Pakistan Disaster Management Authority (PDMA) and compare and contrast it with the standards of Asian Development Bank (ADB). Data obtained through comprehensive questionnaires were processed through SPSS to determine the most important and least important five factors affecting disaster management in this specified region. The data analysis results of this study revealed and concluded that Pakistan Disaster Management Authority has yet to reach to a level where it is seen as a successful and effective organization that has the ability and capacity to deal with the mega disaster caused by natural and anthropogenic agents/sources.

show abstract

Vulnerability modeling and analysis for critical infrastructure protection applications

Cited by 57 publications

References 9 publications

Modelling Security of Critical Infrastructures: A Survivability Assessment

Modelling Security of Critical Infrastructures: A Survivability Assessment

Complexity and Vulnerability Analysis of Critical Infrastructures: A Methodological Approach

Standard Criteria Response Mechanism of Pakistan Disaster Management Authority (PDMA) and Asian Development Bank (ADB): Evidence from Pakistan

Contact Info

Product

Resources

About