Modeling impact of attacks, recovery, and attackability conditions for situational awareness

Hasan Cam; Pierre Mouallem; Yilin Mo; Bruno Sinopoli; Benjamin Nkrumah

doi:10.1109/CogSIMA.2014.6816560

Modeling impact of attacks, recovery, and attackability conditions for situational awareness

Hasan Cam
, Pierre Mouallem
, Yilin Mo
, Bruno Sinopoli
, Benjamin Nkrumah

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

19 Scopus citations

Abstract

A distributed cyber control system comprises various types of assets, including sensors, intrusion detection systems, scanners, controllers, and actuators. The modeling and analysis of these components usually require multi-disciplinary approaches. This paper presents a modeling and dynamic analysis of a distributed cyber control system for situational awareness by taking advantage of control theory and time Petri net. Linear time-invariant systems are used to model the target system, attacks, assets influences, and an anomaly-based intrusion detection system. Time Petri nets are used to model the impact and timing relationships of attacks, vulnerability, and recovery at every node. To characterize those distributed control systems that are perfectly attackable, algebraic and topological attackability conditions are derived. Numerical evaluation is performed to determine the impact of attacks on distributed control system.

Original language	English
Title of host publication	2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014
Publisher	IEEE Computer Society
Pages	181-187
Number of pages	7
ISBN (Print)	9781479935642
DOIs	https://doi.org/10.1109/CogSIMA.2014.6816560
State	Published - 2014
Event	2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014 - San Antonio, TX, United States Duration: Mar 3 2014 → Mar 6 2014

Publication series

Name	2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014

Conference

Conference	2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014
Country/Territory	United States
City	San Antonio, TX
Period	03/3/14 → 03/6/14

Access to Document

10.1109/CogSIMA.2014.6816560

Cite this

Cam, H., Mouallem, P., Mo, Y., Sinopoli, B., & Nkrumah, B. (2014). Modeling impact of attacks, recovery, and attackability conditions for situational awareness. In 2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014 (pp. 181-187). Article 6816560 (2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014). IEEE Computer Society. https://doi.org/10.1109/CogSIMA.2014.6816560

Cam, Hasan ; Mouallem, Pierre ; Mo, Yilin et al. / Modeling impact of attacks, recovery, and attackability conditions for situational awareness. 2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014. IEEE Computer Society, 2014. pp. 181-187 (2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014).

@inproceedings{144af172894a4d58973cb94bb1037fe7,

title = "Modeling impact of attacks, recovery, and attackability conditions for situational awareness",

abstract = "A distributed cyber control system comprises various types of assets, including sensors, intrusion detection systems, scanners, controllers, and actuators. The modeling and analysis of these components usually require multi-disciplinary approaches. This paper presents a modeling and dynamic analysis of a distributed cyber control system for situational awareness by taking advantage of control theory and time Petri net. Linear time-invariant systems are used to model the target system, attacks, assets influences, and an anomaly-based intrusion detection system. Time Petri nets are used to model the impact and timing relationships of attacks, vulnerability, and recovery at every node. To characterize those distributed control systems that are perfectly attackable, algebraic and topological attackability conditions are derived. Numerical evaluation is performed to determine the impact of attacks on distributed control system.",

author = "Hasan Cam and Pierre Mouallem and Yilin Mo and Bruno Sinopoli and Benjamin Nkrumah",

year = "2014",

doi = "10.1109/CogSIMA.2014.6816560",

language = "English",

isbn = "9781479935642",

series = "2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014",

publisher = "IEEE Computer Society",

pages = "181--187",

booktitle = "2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014",

note = "2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014 ; Conference date: 03-03-2014 Through 06-03-2014",

}

Cam, H, Mouallem, P, Mo, Y, Sinopoli, B & Nkrumah, B 2014, Modeling impact of attacks, recovery, and attackability conditions for situational awareness. in 2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014., 6816560, 2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014, IEEE Computer Society, pp. 181-187, 2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014, San Antonio, TX, United States, 03/3/14. https://doi.org/10.1109/CogSIMA.2014.6816560

Modeling impact of attacks, recovery, and attackability conditions for situational awareness. / Cam, Hasan; Mouallem, Pierre; Mo, Yilin et al.
2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014. IEEE Computer Society, 2014. p. 181-187 6816560 (2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Modeling impact of attacks, recovery, and attackability conditions for situational awareness

AU - Cam, Hasan

AU - Mouallem, Pierre

AU - Mo, Yilin

AU - Sinopoli, Bruno

AU - Nkrumah, Benjamin

PY - 2014

Y1 - 2014

N2 - A distributed cyber control system comprises various types of assets, including sensors, intrusion detection systems, scanners, controllers, and actuators. The modeling and analysis of these components usually require multi-disciplinary approaches. This paper presents a modeling and dynamic analysis of a distributed cyber control system for situational awareness by taking advantage of control theory and time Petri net. Linear time-invariant systems are used to model the target system, attacks, assets influences, and an anomaly-based intrusion detection system. Time Petri nets are used to model the impact and timing relationships of attacks, vulnerability, and recovery at every node. To characterize those distributed control systems that are perfectly attackable, algebraic and topological attackability conditions are derived. Numerical evaluation is performed to determine the impact of attacks on distributed control system.

AB - A distributed cyber control system comprises various types of assets, including sensors, intrusion detection systems, scanners, controllers, and actuators. The modeling and analysis of these components usually require multi-disciplinary approaches. This paper presents a modeling and dynamic analysis of a distributed cyber control system for situational awareness by taking advantage of control theory and time Petri net. Linear time-invariant systems are used to model the target system, attacks, assets influences, and an anomaly-based intrusion detection system. Time Petri nets are used to model the impact and timing relationships of attacks, vulnerability, and recovery at every node. To characterize those distributed control systems that are perfectly attackable, algebraic and topological attackability conditions are derived. Numerical evaluation is performed to determine the impact of attacks on distributed control system.

UR - https://www.scopus.com/pages/publications/84902108763

U2 - 10.1109/CogSIMA.2014.6816560

DO - 10.1109/CogSIMA.2014.6816560

M3 - Conference contribution

AN - SCOPUS:84902108763

SN - 9781479935642

T3 - 2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014

SP - 181

EP - 187

BT - 2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014

PB - IEEE Computer Society

T2 - 2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014

Y2 - 3 March 2014 through 6 March 2014

ER -

Cam H, Mouallem P, Mo Y, Sinopoli B, Nkrumah B. Modeling impact of attacks, recovery, and attackability conditions for situational awareness. In 2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014. IEEE Computer Society. 2014. p. 181-187. 6816560. (2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2014). doi: 10.1109/CogSIMA.2014.6816560

Modeling impact of attacks, recovery, and attackability conditions for situational awareness

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this