State-of-the-art industrial control systems are complex implements featuring different spatial and temporal scales among components, multiple and distinct behavioral modal-ities, context-dependent and human-in-the-loop interaction patterns. Most control systems offer entry-points for mali-cious users to disrupt their functionality severely, which is unacceptable when they are part of the national critical in-frastructure. Cyber-resilience, i.e., the ability of a system to sustain — possibly malicious — alterations while main-taining an acceptable functionality, is recognized as one of the keys to understand how much damage can be brought to a system and its surrounding environment in case of a suc-cessful cyber-attack. In this paper we compare methods to assess resilience considering both concrete simulation and symbolic simulation. Our ultimate goal is to provide main-tainers and other stakeholders with a dynamic and quanti-tative measure of cyber-resilience. Here we present some results on a case study related to waste-water treatment, in order to provide initial evidence that concrete and symbolic simulation can be used in a complementary way to analyze the security of industrial control systems.

Concrete vs. Symbolic Simulation To Assess Cyber-Resilience Of Control Systems

Murino, Giuseppina;Tacchella, Armando
2018

Abstract

State-of-the-art industrial control systems are complex implements featuring different spatial and temporal scales among components, multiple and distinct behavioral modal-ities, context-dependent and human-in-the-loop interaction patterns. Most control systems offer entry-points for mali-cious users to disrupt their functionality severely, which is unacceptable when they are part of the national critical in-frastructure. Cyber-resilience, i.e., the ability of a system to sustain — possibly malicious — alterations while main-taining an acceptable functionality, is recognized as one of the keys to understand how much damage can be brought to a system and its surrounding environment in case of a suc-cessful cyber-attack. In this paper we compare methods to assess resilience considering both concrete simulation and symbolic simulation. Our ultimate goal is to provide main-tainers and other stakeholders with a dynamic and quanti-tative measure of cyber-resilience. Here we present some results on a case study related to waste-water treatment, in order to provide initial evidence that concrete and symbolic simulation can be used in a complementary way to analyze the security of industrial control systems.
File in questo prodotto:
File Dimensione Formato  
0433_dis_ecms2018_0815.pdf

accesso chiuso

Tipologia: Documento in Post-print
Dimensione 997.31 kB
Formato Adobe PDF
997.31 kB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11567/914200
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact