This Springer Brief presents a brief introduction to probabilistic risk assessment (PRA), followed by a discussion of abnormal event detection techniques in industrial control systems (ICS). It also provides an introduction to the use of game theory for the development of cyber-attack response models and a discussion on the experimental testbeds used for ICS cyber security research. The probabilistic risk assessment framework used by the nuclear industry provides a valid framework to understand the impacts of cyber-attacks in the physical world. An introduction to the PRA techniques such as fault trees, and event trees is provided along with a discussion on different levels of PRA and the application of PRA techniques in the context of cybersecurity. A discussion on machine learning based fault detection and diagnosis (FDD) methods and cyber-attack detection methods for industrial control systems are introduced in this book as well.
A dynamic Bayesiannetworks based method that can be used to detect an abnormal event and classify it as either a component fault induced safety event or a cyber-attack is discussed. An introduction to the stochastic game formulation of the attacker-defender interaction in the context of cyber-attacks on industrial control systems to compute optimal response strategies is presented. Besides supporting cyber-attack response, the analysis based on the game model also supports the behavioral study of the defender and the attacker during a cyber-attack, and the results can then be used to analyze the risk to the system caused by a cyber-attack. A brief review of the current state of experimental testbeds used in ICS cybersecurity research and a comparison of the structures of various testbeds and the attack scenarios supported by those testbeds is included. A description of a testbed for nuclear power applications, followed by a discussion on the design of experiments that can be carried out on the testbed and the associated results is covered as well.
This Springer Brief is a useful resource tool for researchers working in the areas of cyber security for industrial control systems, energy systems and cyber physical systems. Advanced-level students that study these topics will also find this Springer Brief useful as a study guide.
Inhaltsverzeichnis
Introduction.- Probabilistic Risk Assessment: Nuclear Power Plants and Introduction to the Context of Cyber Security.- Machine Learning based Abnormal Event Detection and Classification.- Game-Theoretic Design of Response Systems.- Experimental Testbeds and Design of Experiments.- Conclusions.
Über den Autor
Carol Smidts: Dr. Carol Smidts is a Professor at The Ohio State University. She graduated with a B.S./M.S., and a Ph.D. in Engineering Physics from the Université Libre de Bruxelles, Belgium in 1986, and in 1991, respectively. She became an Assistant Professor, and later an Associate Professor in the Reliability Engineering Program at the University of Maryland, College Park. Professor Smidts joined The Ohio State University Department of Mechanical and Aerospace Engineering as a Full Professor in 2008. Her research lies in risk and reliability analysis and in human factors, instrumentation and control, including human reliability analysis, probabilistic analysis of dynamics for complex systems, reliability analysis of digital instrumentation and control systems, software reliability modeling and software test automation, and distributed test facility design. She is a Fellow of IEEE.
Indrajit Ray: Dr. Indrajit Ray is a Professor and Associate Chair in the Department of Computer Science at the Colorado State University. Previously he was an Assistant Professor in the Computer and Information Science at University of Michigan-Dearborn. He received his Ph.D. degree in Information Technology from George Mason University in Fairfax, VA in 1997. His undergraduate degree is B.E. in Computer Science and Engineering from Bengal Engineering College, India, (currently known as Bengal Engineering and Science University) in 1984. He also received the M.E. degree in Computer Science and Engineering from Jadavpur University, India, in 1991. His research interests are in areas of data and application security, network security, security modeling, risk management, trust models, privacy and digital forensics.
Quanyan Zhu: Dr. Quanyan Zhu received B. Eng. in Honors Electrical Engineering from Mc Gill University in 2006, M. A. Sc. from the University of Toronto in 2008, and Ph.D. from the University of Illinois at Urbana-Champaign (UIUC) in 2013. After stints at Princeton University, he is currently an associate professor at the Department of Electrical and Computer Engineering, New York University (NYU). He is an affiliated faculty member of the Center for Urban Science and Progress (CUSP) and Center for Cyber Security (CCS) at NYU. He is a recipient of many awards, including NSF CAREER Award, NYU Goddard Junior Faculty Fellowship, NSERC Postdoctoral Fellowship (PDF), NSERC Canada Graduate Scholarship (CGS), and Mavis Future Faculty Fellowships. He spearheaded and chaired INFOCOM Workshop on Communications and Control on Smart Energy Systems (CCSES), Midwest Workshop on Control and Game Theory (WCGT), and ICRA workshop on Security and Privacy of Robotics. His current research interests include game theory, machine learning, cyber deception, network optimization and control, smart cities, Internet of Things, and cyber-physical systems. He has served as the general chair or the TPC chair of the 7th and the 11th Conference on Decision and Game Theory for Security (Game Sec) in 2016 and 2020, the 9th International Conference on NETwork Games, COntrol and OPtimisation (NETGCOOP) in 2018, the 5th International Conference on Artificial Intelligence and Security (ICAIS 2019) in 2019, and 2020 IEEE Workshop on Information Forensics and Security (WIFS). He is a co-author of three recent books published by Springer: Cyber-Security in Critical Infrastructures: A Game-Theoretic Approach (with S. Rass, S. Schauer, and S. König), A Game- and Decision-Theoretic Approach to Resilient Interdependent Network Analysis and Design (with J. Chen), and Cross-Layer Design for Secure and Resilient Cyber-Physical Systems: A Decision and Game Theoretic Approach (with Z. Xu).
Pavan Kumar Vaddi: Mr. Pavan Kumar Vaddi is a Ph.D. student in the Reliability and Risk Laboratory in the department of Mechanical and Aerospace Engineering at The Ohio State University. He received his B.Tech. degree in Mechanical Engineering from Indian Institute of Technology Madras in 2017. His research interests include fault diagnosis and risk assessment for cyber physical systems.
Yunfei Zhao: Dr. Yunfei Zhao is a Research Associate Engineer at The Ohio State University, where he was a Post-doctoral Researcher for 3 years. He earned his doctoral degree in Nuclear Engineering from Tsinghua University and his bachelor’s degree in Thermal Energy Engineering from Shandong University. Dr. Zhao’s research interests include human reliability analysis, cybersecurity, fault diagnostics, and maintenance optimization for complex engineering systems.
Linan Huang: Dr. Linan Huang received his B.Eng. degree in electrical engineering from the Beijing Institute of Technology (BIT) in 2016. He received his Ph.D. degree in Electrical Engineering at New York University (NYU) Tandon School of Engineering in 2022. He was the recipient of the Ernst Weber fellowship from the Department of Electrical and Computer Engineering (ECE) to support his studies and research and was advised by Professor Quanyan Zhu at the Laboratory for Agile and Resilient Complex Systems (LARX). During his Ph.D., he was awarded the best student paper award at the 2021 Conference on Decision and Game Theory for Security (Game Sec 2021) and the 2022 Dante Youla award for research excellence by the NYU ECE department. His research interests are broadly in dynamic decision-making of multi-agent systems, mechanism design, artificial intelligence, security, and resilience of cyber-physical systems.
Xiaoxu Diao: Dr. Xiaoxu Diao is a post-doctoral researcher working in the Reliability and Risk Laboratory in the Department of Mechanical and Aerospace Engineering, The Ohio State University. He received his MTech and Ph.D. degrees in Software Reliability Engineering from the School of Reliability and System Engineering at Beihang University, Beijing, China, in 2006 and 2015, respectively. He has participated in several research and projects regarding software reliability and testing. His research interests are real-time embedded systems, software testing methods, and safety-critical systems.
Rakibul Talukder: Mr. Rakibul Talukder is a graduate student in the Computer Science Department at Colorado State University. He received a Bachelor’s degree in Computer Science and Technology from Bangladesh University of Engineering and Technology in 2017.
Michael C. Pietrykowski: Dr. Michael Pietrykowski received his Ph.D. degree in Nuclear Engineering in the Department of Mechanical and Aerospace Engineering at The Ohio State University in 2022. He holds a B.S. in Electrical and Computer Engineering (2011) and M.S. in Nuclear Engineering (2017) from the same institution. His research interests include distributed digital instrumentation and control systems.