Cristin-resultat-ID: 1930276
Sist endret: 1. september 2021, 04:47
NVI-rapporteringsår: 2021
Resultat
Vitenskapelig artikkel
2021

Bayesian Network Model to Distinguish between Intentional Attacks and Accidental Technical Failures: A Case Study of Floodgates

Bidragsytere:
  • Sabarathinam Chockalingam
  • Wolter Pieters
  • André Teixeira og
  • Pieter van Gelder

Tidsskrift

Cybersecurity
ISSN 2523-3246
e-ISSN 2523-3246
NVI-nivå 1

Om resultatet

Vitenskapelig artikkel
Publiseringsår: 2021
Publisert online: 2021
Volum: 4
Sider: 1 - 19
Artikkelnummer: 29
Open Access

Importkilder

Scopus-ID: 2-s2.0-85113988932

Klassifisering

Vitenskapsdisipliner

Sikkerhet og sårbarhet

Emneord

Bayesiansk Tiltro Nettverk • Sikkerhet • Kunnskapsakkvisisjon • Vannforvaltning • Trygd • Angrepshåndtering • Cyber security

Beskrivelse Beskrivelse

Tittel

Bayesian Network Model to Distinguish between Intentional Attacks and Accidental Technical Failures: A Case Study of Floodgates

Sammendrag

Water management infrastructures such as floodgates are critical and increasingly operated by Industrial Control Systems (ICS). These systems are becoming more connected to the internet, either directly or through the corporate networks. This makes them vulnerable to cyber-attacks. Abnormal behaviour in floodgates operated by ICS could be caused by both (intentional) attacks and (accidental) technical failures. When operators notice abnormal behaviour, they should be able to distinguish between those two causes to take appropriate measures, because for example replacing a sensor in case of intentional incorrect sensor measurements would be ineffective and would not block corresponding the attack vector. In the previous work, we developed the attack-failure distinguisher framework for constructing Bayesian Network (BN) models to enable operators to distinguish between those two causes, including the knowledge elicitation method to construct the directed acyclic graph and conditional probability tables of BN models. As a full case study of the attack-failure distinguisher framework, this paper presents a BN model constructed to distinguish between attacks and technical failures for the problem of incorrect sensor measurements in floodgates, addressing the problem of floodgate operators. We utilised experts who associate themselves with the safety and/or security community to construct the BN model and validate the qualitative part of constructed BN model. The constructed BN model is usable in water management infrastructures to distinguish between intentional attacks and accidental technical failures in case of incorrect sensor measurements. This could help to decide on appropriate response strategies and avoid further complications in case of incorrect sensor measurements.

Bidragsytere

Sabarathinam Chockalingam

  • Tilknyttet:
    Forfatter
    ved Risiko, sikkerhet og sikring ved Institutt for energiteknikk
  • Tilknyttet:
    Forfatter
    ved Technische Universiteit Delft

Wolter Pieters

  • Tilknyttet:
    Forfatter
    ved Radboud Universiteit
  • Tilknyttet:
    Forfatter
    ved Technische Universiteit Delft

André Teixeira

  • Tilknyttet:
    Forfatter
    ved Uppsala universitet

Pieter van Gelder

  • Tilknyttet:
    Forfatter
    ved Technische Universiteit Delft
1 - 4 av 4