| Title | Game Theoretical Model for Cybersecurity Risk Assessment of Industrial Control Systems |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Nassar, Mohamed, Khoury, Joseph, Erradi, Abdelkarim, Bou-Harb, Elias |
| Conference Name | 2021 11th IFIP International Conference on New Technologies, Mobility and Security (NTMS) |
| Date Published | April 2021 |
| Publisher | IEEE |
| ISBN Number | 978-1-6654-4399-9 |
| Keywords | compositionality, Damage Assessment, Games, Human Behavior, integrated circuits, Monte Carlo methods, pubcrawl, resilience, Resiliency, SCADA systems, SCADA Systems Security, Scalability, Sensor systems, Sensors, Social Agents, Tools |
| Abstract | Supervisory Control and Data Acquisition (SCADA) and Distributed Control Systems (DCS) use advanced computing, sensors, control systems, and communication networks to monitor and control industrial processes and distributed assets. The increased connectivity of these systems to corporate networks has exposed them to new security threats and made them a prime target for cyber-attacks with the potential of causing catastrophic economic, social, and environmental damage. Recent intensified sophisticated attacks on these systems have stressed the importance of methodologies and tools to assess the security risks of Industrial Control Systems (ICS). In this paper, we propose a novel game theory model and Monte Carlo simulations to assess the cybersecurity risks of an exemplary industrial control system under realistic assumptions. We present five game enrollments where attacker and defender agents make different preferences and we analyze the final outcome of the game. Results show that a balanced defense with uniform budget spending is the best strategy against a look-ahead attacker. |
| URL | https://ieeexplore.ieee.org/document/9432668 |
| DOI | 10.1109/NTMS49979.2021.9432668 |
| Citation Key | nassar_game_2021 |
Game Theoretical Model for Cybersecurity Risk Assessment of Industrial Control Systems