A Methodology to Measure the "Cost" of CPS Attacks: Not all CPS Networks are Created Equal

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

20 Downloads (Pure)

Samenvatting

Cyber-Physical Systems (CPS) are (connected) computer systems used to monitor and control physical processes using digital control programs. Cyberattacks targeting CPS can cause physical impact with potentially devastating consequences. While some past attacks required expert CPS knowledge (e.g., Stuxnet), other attacks could be implemented by anyone, solely with pure IT knowledge. Understanding what causes these differences is essential in effectively defending CPS, however, as of now, there is no way of qualifying let alone quantifying them. In this paper, we first define a notion of (non-monetary) attack 'cost' focusing on the required CPS-specific attacker knowledge. We then identify several context factors that may influence this cost and, finally, provide a methodology to analyze the relation between attack cost and CPS-context using past cyberattacks. To validate the methodology in a reproducible way, we apply it to publicly reported CPS incidents with physical impact. Though this constitutes only a small set of attacks, our methodology is able to find correlations between context factors and the attack cost, as well as significant differences in context factors between CPS domains.

Originele taal-2Engels
TitelIEEE European Symposium on Security and Privacy Workshops
Pagina's112-129
Aantal pagina's18
ISBN van elektronische versie979-8-3503-6729-4
DOI's
StatusGepubliceerd - 20 aug. 2024
Evenement6th Workshop on Attackers and Cyber-Crime Operations - Vienna, Oostenrijk
Duur: 8 jul. 20248 jul. 2024
Congresnummer: 6
https://wacco-workshop.org/past/2024/index.html

Publicatie series

Naam
UitgeverijIEEE
ISSN van elektronische versie2768-0657

Workshop

Workshop6th Workshop on Attackers and Cyber-Crime Operations
Verkorte titelWACCO 2024
Land/RegioOostenrijk
StadVienna
Periode8/07/248/07/24
Internet adres

Financiering

This research was funded by the Dutch Research Council (NWO), grant number 628.001.032 (DEPICT) and NWA.1160.18.301 (INTERSECT). We thank Daniel dos Santos from Forescout and Stash Kempinski (TU/e) for sharing feedback and domain expertise. We thank the anonymous reviewers for their helpful comments and pointers to relevant literature. As part of the openreport model followed by the Workshop on Attackers & CyberCrime Operations (WACCO), all the reviews for this paper are publicly available at https://github.com/wacco-workshop/WACCO/tree/main/WACCO-2024. For the purpose of open access, a CC-BY-4.0 public copyright licence is applied to any Author Accepted Manuscript.

FinanciersFinanciernummer
Nederlandse Organisatie voor Wetenschappelijk Onderzoek628.001.032, NWA.1160.18.301

    Vingerafdruk

    Duik in de onderzoeksthema's van 'A Methodology to Measure the "Cost" of CPS Attacks: Not all CPS Networks are Created Equal'. Samen vormen ze een unieke vingerafdruk.

    Citeer dit