Zhang, Fan, Bu, Bing.
2021.
A Cyber Security Risk Assessment Methodology for CBTC Systems Based on Complex Network Theory and Attack Graph. 2021 7th Annual International Conference on Network and Information Systems for Computers (ICNISC). :15—20.
Cyber security risk assessment is very important to quantify the security level of communication-based train control (CBTC) systems. In this paper, a methodology is proposed to assess the cyber security risk of CBTC systems that integrates complex network theory and attack graph method. On one hand, in order to determine the impact of malicious attacks on train control, we analyze the connectivity of movement authority (MA) paths based on the working state of nodes, the connectivity of edges. On the other hand, attack graph is introduced to quantify the probabilities of potential attacks that combine multiple vulnerabilities in the cyber world of CBTC. Experiments show that our methodology can assess the security risks of CBTC systems and improve the security level after implementing reinforcement schemes.
Zhao, Junyi, Tang, Tao, Bu, Bing, Li, Qichang.
2021.
A Three-dimension Resilience State Space-based Approach to Resilience Assessment of CBTC system. 2021 IEEE International Intelligent Transportation Systems Conference (ITSC). :3673—3678.
Traditional passive defense methods cannot resist the constantly updated and evolving cyber attacks. The concept of resilience is introducing to measure the ability of the system to maintain its function under attack. It matters in evaluating the security of modern industrial systems. This paper presents a 3D Resilience State Space method to assess Communication-based train control (CBTC) system resilience under malware attack. We model the spread of malware as two functions: the communicability function \$f\$(x) and the susceptibility function 9 (x). We describe the characteristics of these two function in the CBTC complex network by using the percolation theory. Then we use a perturbation formalism to analyze the impact of malware attack on information flow and use it as an indicator of the cyber layer state. The CBTC cyber-physical system resilience metric formalizes as the system state transitions in three-dimensional state space. The three dimensions respectively represent the cyber layer state, the physical layer state, and the transmission layer state. The simulation results reveal that the proposed framework can effectively assess the resilience of the CBTC system. And the anti-malware programs can prevent the spread of malware and improve CBTC system resilience.