Attack Path Analysis for Cyber Physical Systems
MetadataVis full innførsel
The identification and analysis of potential paths that an adversary may exploit to attack Cyber Physical Systems comprising sub-systems enables the comprehensive understanding of the attacks and the impact that may have to the overall system, thus facilitating the definition of appropriate countermeasures that will satisfy the pertinent security requirements. To this end, several attack modelling techniques can be employed, the attack graph being the most prevalent among them. Unfortunately, the discovery and analysis of all possible attack paths in an attack graph is not possible in systems even of a moderate size. In this work we propose a novel systematic method for discovering and analyzing attack paths in real-world scale interconnected Cyber Physical Systems. The method considers the criticality of each sub-system in discovering paths and the risk to the overall system that each path presents to analyze and prioritize paths. We illustrate the workings of the method by applying to the navigational Cyber Physical Systems of the Cyber-Enabled Ship to identify and analyze highly critical attack paths originating from the Automatic Identification System (AIS) and targeting the Autonomous Navigation System (ANS).