Method for quantitative risk assessment of cyber-physical systems based on vulnerability analysis
Rasim Alguliyev; Ramiz Aliguliyev; Lyudmila Sukhostat
Kybernetika (2024)
- Volume: 60, Issue: 6, page 779-796
- ISSN: 0023-5954
Access Full Article
topAbstract
topHow to cite
topAlguliyev, Rasim, Aliguliyev, Ramiz, and Sukhostat, Lyudmila. "Method for quantitative risk assessment of cyber-physical systems based on vulnerability analysis." Kybernetika 60.6 (2024): 779-796. <http://eudml.org/doc/299889>.
@article{Alguliyev2024,
abstract = {Cyber-physical system protection against cyber-attacks is a serious problem that requires methods for assessing the cyber security risks. This paper proposes a quantitative metric to evaluate the risks of cyber-physical systems using the fuzzy Sugeno integral. The simulated attack graph, consisting of vulnerable system components, allows for obtaining various parameters for assessing the risks of attack paths characterizing the elements in the cyber and physical environment and are combined into a single quantitative assessment. Experiments are performed on a threat model using the example of a cyber-physical system for wind energy generation. The model integrates a cyber-physical network's topology and vulnerabilities, proving the proposed method's effectiveness in ensuring cyber resilience.},
author = {Alguliyev, Rasim, Aliguliyev, Ramiz, Sukhostat, Lyudmila},
journal = {Kybernetika},
keywords = {cyber-physical system; risk assessment; attack graph; graph centrality measures; Sugeno $\lambda $‐measure; fuzzy Sugeno integral; attack path},
language = {eng},
number = {6},
pages = {779-796},
publisher = {Institute of Information Theory and Automation AS CR},
title = {Method for quantitative risk assessment of cyber-physical systems based on vulnerability analysis},
url = {http://eudml.org/doc/299889},
volume = {60},
year = {2024},
}
TY - JOUR
AU - Alguliyev, Rasim
AU - Aliguliyev, Ramiz
AU - Sukhostat, Lyudmila
TI - Method for quantitative risk assessment of cyber-physical systems based on vulnerability analysis
JO - Kybernetika
PY - 2024
PB - Institute of Information Theory and Automation AS CR
VL - 60
IS - 6
SP - 779
EP - 796
AB - Cyber-physical system protection against cyber-attacks is a serious problem that requires methods for assessing the cyber security risks. This paper proposes a quantitative metric to evaluate the risks of cyber-physical systems using the fuzzy Sugeno integral. The simulated attack graph, consisting of vulnerable system components, allows for obtaining various parameters for assessing the risks of attack paths characterizing the elements in the cyber and physical environment and are combined into a single quantitative assessment. Experiments are performed on a threat model using the example of a cyber-physical system for wind energy generation. The model integrates a cyber-physical network's topology and vulnerabilities, proving the proposed method's effectiveness in ensuring cyber resilience.
LA - eng
KW - cyber-physical system; risk assessment; attack graph; graph centrality measures; Sugeno $\lambda $‐measure; fuzzy Sugeno integral; attack path
UR - http://eudml.org/doc/299889
ER -
References
top- Akbarzadeh, A., Katsikas, S., , In: IEEE/ACM 42nd International Conference on Software Engineering Workshops (ICSEW), IEEE 2020, pp. 230-236. DOI
- Alhomidi, M., Reed, M., , Int. J. Netw. Secur. Appl. 6 (2014), 3, 31-43. DOI
- Beyza, J., Yusta, J. M., , Energies 14 (2021), 7, 1-18. DOI
- Bhuiyan, M. Z. A., Anders, G. J., Philhower, J., Du, S., , IET Cyper-Phys. Syst.: Theory Appl. 4 (2019), 3, 233-239. DOI
- Chermitti, A., Bencherif, M., Nakoul, Z., Bibitriki, N., Benyoucef, B., , Physics Procedia 55 (2014), 192-198. DOI
- Chen, B., Yang, Z., Zhang, Y., Chen, Y., Zhao, J., , IEEE Access 8 (2020), 8, 148331-148344. DOI
- Cheng, Y., Elsayed, E., Chen, X., , Reliab. Eng. Syst. Safe. 209 (2021), 1-13. DOI
- CVSS, , 2020. DOI
- Fang, D. Z., David, A. K., Kai, C., Yunli, C., , IEE Proc., Gener. Transm. Distrib. 152 (2005), 2, 201-207. DOI
- Freeman, L. C., , Sociometry 40 (1977), 35-41. DOI
- FVL, , 2022. DOI
- Henneaux, P., Labeau, P. E., Maun, J. C., Haarla, L., , IEEE Trans. Power Syst. 31 (2015), 2393-2403. DOI
- Kartli, N., Bostanci, E., Guzel, M.S., , Computing 106 (2024), 3195-3227. MR4794582DOI
- Katz, L., , Psychometrika 18 (1953), 39-43. MR0058182DOI
- Leao, B. P., Vempati, J., Bhela, S., Ahlgrim, T., Arnold, D., , In: arXiv preprint: DOI
- Li, X., Zhou, C., Tian, Y. C., Xiong, N., Qin, Y., , IEEE Trans. Ind. Inf. 14 (2018), 608-618. DOI
- Liu, C., Alrowaili, Y., Saxena, N., Konstantinou, C., , Energies 14 (2021), 1-19. DOI
- Liu, K., Xie, Y., Xie, S., Sun, L., , J. Process Control 132 (2023), 1-10. DOI
- Lyu, X., Ding, Y., Yang, S. H., , IEEE Access 8 (2020), 88506-88517. DOI
- Martínez, G.E., Gonzalez, C.I., Mendoza, O., Melin, P., , J. Imaging 5 (2019), 8, 1-20. DOI
- Mason, O., Verwoerd, M., , IET Syst. Boil. 1 (2007), 89-119. DOI
- Murofushi, T., Sugeno, M., , J. Math. Anal. Appl. 159 (1991), 2, 532-549. MR1120951DOI
- Nourian, A., Madnick, S., , IEEE Trans. Dependable Secur. Comput. 15 (2018), 1, 2-13. DOI
- Ou, X., Singhal, A., Quantitative Security Risk Assessment of Enterprise Networks., Springer, 2011.
- Qu, Z., Sun, W., Dong, J., Zhao, J., Li, Y., , Front. Energy Res. 10 (2023), 1-12. DOI
- Rahman, I., Mohamad-Saleh, J., , Appl. Soft Comput. 69 (2018), 72-130. DOI
- Salayma, M., , Front. Internet of Things 3 (2024), 1-25. DOI
- Semertzis, I., Rajkumar, V. S., Ştefanov, A., Fransen, F., Palensky, P., Quantitative risk assessment of cyber-attacks on cyber-physical systems using attack graphs., In: 10th IEEE Workshop on Modelling and Simulation of Cyber-Physical Energy Systems (MSCPES), IEEE 2022, pp. 1-6.
- Shen, Y., Lin, L., , Kybernetika 58 (2022), 4, 637-660. MR4521860DOI
- Shikhaliyev, R., , Probl. Inf. Technol. 15 (2024), 1, 37-43. DOI
- Suh-Lee, C., Jo, J., Quantifying security risk by measuring network risk conditions., In: IEEE/ACIS 14thInternational Conference on Computer and Information Science (ICIS), IEEE 2015, pp. 9-14.
- Wang, Z., Zhai, C., Zhang, H., Xiao, G., Chen, G., Xu, Y., , Kybernetika 58 (2022), 2, 218-236. DOI
- Xiao, F., McCalley, J. D., , IEEE Trans. Power Syst. 24 (2009), 1, 78-85. DOI
- Zhang, Q., Zhou, C., Tian, Y. C., Xiong, N., Qin, Y., Hu, B., , IEEE Trans. Ind. Inf. 14 (2018), 6, 2497-2506. DOI
NotesEmbed ?
topTo embed these notes on your page include the following JavaScript code on your page where you want the notes to appear.