کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
---|---|---|---|---|
275971 | 1429508 | 2010 | 9 صفحه PDF | دانلود رایگان |
This paper presents a framework for quantifying the risk induced by the potential for cyber attacks levied against network-supported operations. It also permits a formal assessment of candidate risk management policies that address network host vulnerabilities and host-process coupling. The framework incorporates a novel application of Petri net state coverability analysis coupled with process failure mode analysis. It extends previous work on Petri nets for attack analysis in three ways: (i) new metrics that quantify risk as a function of Petri net state and techniques for evaluating the metrics based on the minimal coverability set of a Petri net; (ii) a new method for coupling a Petri net representation of a computer network attack to a process failure modes model; and (iii) a new method for identifying high-value risk management opportunities. The paper concludes by presenting an application of the analysis techniques to evaluate risk in process control networks.
Journal: International Journal of Critical Infrastructure Protection - Volume 3, Issue 2, July 2010, Pages 67–75