An Integrated Cyber Security Risk Management Approach for a Cyber-Physical System

Halima Kure, Shareeful Islam, Mohammad Razzaque
2018 Applied Sciences  
A cyber-physical system (CPS) is a combination of physical system components with cyber capabilities that have a very tight interconnectivity. CPS is a widely used technology in many applications, including electric power systems, communications, and transportation, and healthcare systems. These are critical national infrastructures. Cybersecurity attack is one of the major threats for a CPS because of many reasons, including complexity and interdependencies among various system components,
more » ... gration of communication, computing, and control technology. Cybersecurity attacks may lead to various risks affecting the critical infrastructure business continuity, including degradation of production and performance, unavailability of critical services, and violation of the regulation. Managing cybersecurity risks is very important to protect CPS. However, risk management is challenging due to the inherent complex and evolving nature of the CPS system and recent attack trends. This paper presents an integrated cybersecurity risk management framework to assess and manage the risks in a proactive manner. Our work follows the existing risk management practice and standard and considers risks from the stakeholder model, cyber, and physical system components along with their dependencies. The approach enables identification of critical CPS assets and assesses the impact of vulnerabilities that affect the assets. It also presents a cybersecurity attack scenario that incorporates a cascading effect of threats and vulnerabilities to the assets. The attack model helps to determine the appropriate risk levels and their corresponding mitigation process. We present a power grid system to illustrate the applicability of our work. The result suggests that risk in a CPS of a critical infrastructure depends mainly on cyber-physical attack scenarios and the context of the organization. The involved risks in the studied context are both from the technical and nontechnical aspects of the CPS. data, such as customer information or other valuable records [4] . It is likely that the threats of CPSs will only increase in the future as the use of these systems become widespread. However, there are sensible safety measures that organizations can consider to minimize losses from their destruction. It is possible to control damages and recover from an attack and its consequences with the appropriate insight through research and a domain expert's assistance [5] . Managing CPS security risk is not about eliminating all risks; it is about determining and understanding the risk rating of events and putting the right processes or controls in place to manage them in accordance with the organization's risk tolerance level. Risk management is a continuous process, not a one-time event [3] . In response to an event(s), there is an urgent need for organizations to truly understand their cyber-physical security status and employ the necessary and urgent corrective actions to rectify weaknesses [6] . Risk can be defined as an uncertain event that may occur due to a system malfunction or failure that could harm assets, such as human beings or the environment, and also influence the organization's achievement on strategic, operational, and financial objectives [7] . Risk management is a key discipline for making effective decisions and communicating the results within organizations. It proactively identifies potential managerial and technical problems so that appropriate actions can be taken to reduce or eliminate the probability and/or impact of these problems [8] . There are many existing risk management methods for CPSs [9-12] However risk management in CPSs is challenging because of the increased complexity of the systems, the evolution of risk levels, human factor threats comprising of unintentional breaches of security, the unsuspicious use of infected information media giving away sensitive information, and lack of awareness and human errors [13] . In addition, cascading failures occur because of interdependencies among components and infrastructures. Importantly, threats affecting one part of a CPS can propagate to other parts through the network, which interconnects different parts of the CPS and affects other parts. As security threats grow, the organization needs a comprehensive cybersecurity risk management system to identify unique cybersecurity threats and their trends. The authors of a previous paper [14] discussed the challenges for securing CPS and analyzed security mechanisms for prevention, detection and recovery, resilience, and deterrence of attacks for securing CPS. A previous work [15] proposed a layered approach for evaluating risk based on security to prevent, mitigate, and tolerate attacks both on physical power applications and cyber infrastructures. The paper identifies the importance of combining both power application security and supporting infrastructure security into the risk assessment process and provides a methodology for impact evaluation. Also, another paper Ref. [11] provides an overview of a number of important real-life issues of cybersecurity and risk assessment for supervisory control and data acquisition (SCADA) and distributed control systems (DCS). The paper discussed the various compromise graphs and augmented vulnerability trees that quantitatively determine the probability of an attack, impact of the attack, and the reduction in risk as a result of a particular countermeasure. All these works, and more, are presented in the related work section emphasize: the importance of cybersecurity risks management for CPSs. However, comprehensive and integrated risk management practice is not sufficiently addressed in these works. The novel contributions of this paper are: (i) A comprehensive integrated cybersecurity risk management framework that explicitly considers risk from a holistic perspective of the stakeholder model, cross functions risks, and existing risk management frameworks; (ii) the integration of the cascading effect from interdependent CPS components considering vulnerability, threats, and risks to an asset; and (iii) an evaluation of the proposed integrated risk management approach into a real cyber physical system. The result from this case study outlines the applicability of the proposed approach. We also compared the identified results with the existing results to demonstrate the impact of integrated risk management as approach to the CPS. The remainder of the paper is structured as follows. Section 2 outlines state-of-the-art cyber security risk management practices for the cyber physical system and existing framework and standards. Section 3 provides the rationale for the integrated risk management approach. Section 4 presents the proposed cyber security risks management framework including the concepts and
doi:10.3390/app8060898 fatcat:lszurndq3veedfgwfg2vnmhxuy