his.sePublikasjoner
Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Multi-Level Vulnerability Modeling of Cyber-Physical Systems
Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningscentrum för Informationsteknologi. (Distribuerade realtidssystem (DRTS), Distributed Real-Time Systems)ORCID-id: 0000-0003-4791-8452
Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningscentrum för Informationsteknologi. (Distribuerade realtidssystem (DRTS), Distributed Real-Time Systems)ORCID-id: 0000-0002-7312-9089
Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningscentrum för Informationsteknologi. (Distribuerade realtidssystem (DRTS), Distributed Real-Time Systems)ORCID-id: 0000-0002-8927-0968
2018 (engelsk)Konferansepaper, Poster (with or without abstract) (Fagfellevurdert)
Abstract [en]

Vulnerability is defined as ”weakness of an asset or control that can be exploited by a threat” according to ISO/IEC 27000:2009, and it is a vital cyber-security issue to protect cyber-physical systems (CPSs) employed in a range of critical infrastructures (CIs). However, how to quantify both individual and system vulnerability are still not clear. In our proposed poster, we suggest a new procedure to evaluate CPS vulnerability. We reveal a vulnerability-tree model to support the evaluation of CPS-wide vulnerability index, driven by a hierarchy of vulnerability-scenarios resulting synchronously or propagated by tandem vulnerabilities throughout CPS architecture, and that could be exploited by threat agents. Multiple vulnerabilities are linked by boolean operations at each level of the tree. Lower-level vulnerabilities in the tree structure can be exploited by threat agents in order to reach parent vulnerabilities with increasing CPS criticality impacts. At the asset-level, we suggest a novel fuzzy-logic based valuation of vulnerability along standard metrics. Both the procedure and fuzzy-based approach are discussed and illustrated through SCADA-based smart power-grid system as a case study in the poster, with our goal to streamline the process of vulnerability computation at both asset and CPS levels.

sted, utgiver, år, opplag, sider
2018.
Emneord [en]
Vulnerability Modelling, Cyber-Physical System
HSV kategori
Forskningsprogram
Distribuerade realtidssystem (DRTS)
Identifikatorer
URN: urn:nbn:se:his:diva-16423OAI: oai:DiVA.org:his-16423DiVA, id: diva2:1265280
Konferanse
The 23rd Nordic Conference on Secure IT Systems, Oslo, Norway, November 28-30, 2018
Prosjekter
ELVIRATilgjengelig fra: 2018-11-22 Laget: 2018-11-22 Sist oppdatert: 2018-12-20bibliografisk kontrollert

Open Access i DiVA

fulltext(871 kB)32 nedlastinger
Filinformasjon
Fil FULLTEXT01.pdfFilstørrelse 871 kBChecksum SHA-512
8c88e7a0fd5c9b140c624b4725b5b2ec3a9348adcd4c6964e895e5aaa9c4b6aed7277308cf2342d3768e5d269b3bc0370fa2cc9c1952bcb1440ec32f7cdbc868
Type fulltextMimetype application/pdf

Personposter BETA

Jiang, YuningAtif, YacineDing, Jianguo

Søk i DiVA

Av forfatter/redaktør
Jiang, YuningAtif, YacineDing, Jianguo
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 32 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

urn-nbn

Altmetric

urn-nbn
Totalt: 668 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf