VERCASM-CPS: Vulnerability analysis and cyber risk assessment for cyber-physical systems

11Citations
Citations of this article
31Readers
Mendeley users who have this article in their library.

Abstract

Since Cyber-Physical Systems (CPS) are widely used in critical infrastructures, it is essential to protect their assets from cyber attacks to increase the level of security, safety and trustworthiness, prevent failure developments, and minimize losses. It is necessary to analyze the CPS configuration in an automatic mode to detect the most vulnerable CPS components and reconfigure or replace them promptly. In this paper, we present a methodology to determine the most secure CPS configuration by using a public database of cyber vulnerabilities to identify the most secure CPS components. We also integrate the CPS cyber risk analysis with a Controlled Moving Target Defense, which either replaces the vulnerable CPS components or re-configures the CPS to harden it, while the vulnerable components are being replaced. Our solution helps to design a more secure CPS by updating the configuration of existing CPS to make them more resilient against cyber attacks. In this paper, we will compare cyber risk scores for different CPS configurations and show that the Windows® 10 build 20H2 operating system is more secure than Linux Ubuntu® 20.04, while Red Hat® Enterprise® Linux is the most secure in some system configurations.

Cite

CITATION STYLE

APA

Northern, B., Burks, T., Hatcher, M., Rogers, M., & Ulybyshev, D. (2021). VERCASM-CPS: Vulnerability analysis and cyber risk assessment for cyber-physical systems. Information (Switzerland), 12(10). https://doi.org/10.3390/info12100408

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free