Bayesian Network Based C2P Risk Assessment for Cyber-Physical Systems

Abstract

Cyber-Physical Systems (CPS) refer to a new generation of intelligent systems with integrated computational performance and physical capabilities. However, with the expansion of system complexity and the enhancement of system openness, most CPS become not only safety-critical but also security-critical since they involv physical objects, computer networks and communications. In the past decade, it is no longer rare to see safety incidents and security attacks happening in industries. Identifying risks in CPS is critical to ensure the normal operation of these systems. The Cyber-to-Physical (C2P) risk is defined as the impact of cyber threats on physical process safety. In this paper, a C2P risk assessment model based on hierarchical Bayesian Network (BN) is proposed, and the feasibility of this model is verified by constructing two undesired event scenarios on a typical CPS. The quantitative risk values are explained and compared through qualitative risk analysis and assessment.