| Title | Formal Impact Metrics for Cyber-physical Attacks |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Lanotte, Ruggero, Merro, Massimo, Munteanu, Andrei, Tini, Simone |
| Conference Name | 2021 IEEE 34th Computer Security Foundations Symposium (CSF) |
| Keywords | Computational modeling, computer security, cyber-physical attacks, Cyber-physical systems, Cyberspace, impact metrics, Intrusion detection, Measurement, Metrics, Probabilistic logic, pubcrawl, security metrics, timed and hybrid models |
| Abstract | Cyber-Physical systems (CPSs) are exposed to cyber- physical attacks, i.e., security breaches in cyberspace that adversely affect the physical processes of the systems.We define two probabilistic metrics to estimate the physical impact of attacks targeting cyber-physical systems formalised in terms of a probabilistic hybrid extension of Hennessy and Regan's Timed Process Language. Our impact metrics estimate the impact of cyber-physical attacks taking into account: (i) the severity of the inflicted damage in a given amount of time, and (ii) the probability that these attacks are actually accomplished, according to the dynamics of the system under attack. In doing so, we pay special attention to stealthy attacks, i. e., attacks that cannot be detected by intrusion detection systems. As further contribution, we show that, under precise conditions, our metrics allow us to estimate the impact of attacks targeting a complex CPS in a compositional way, i.e., in terms of the impact on its sub-systems. |
| DOI | 10.1109/CSF51468.2021.00040 |
| Citation Key | lanotte_formal_2021 |
Formal Impact Metrics for Cyber-physical Attacks