Coupled Petri nets for computer network risk analysis

This paper presents a framework for quantifying the risk induced by the potential for cyber attacks levied against network-supported operations. It also permits a formal assessment of candidate risk management policies that address network host vulnerabilities and host-process coupling. The framework incorporates a novel application of Petri net state coverability analysis coupled with process failure mode analysis. It extends previous work on Petri nets for attack analysis in three ways: (i) new metrics that quantify risk as a function of Petri net state and techniques for evaluating the metrics based on the minimal coverability set of a Petri net; (ii) a new method for coupling a Petri net representation of a computer network attack to a process failure modes model; and (iii) a new method for identifying high-value risk management opportunities. The paper concludes by presenting an application of the analysis techniques to evaluate risk in process control networks.