TY - GEN
T1 - Achieving Cyber-Informed Engineering Through Bayesian Belief Network and Sensitivity Analysis
AU - Agbo, Chidi
AU - Mehrpouyan, Hoda
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - The security of critical infrastructures is a challenge facing nations and states today as a result of the increased complexity and interconnectivity of these systems and their control from remote locations. Ensuring the security of critical systems requires engineering cybersecurity-related risks that attackers can exploit to cause severe consequences, such as equipment damage, environmental/water pollution, monetary loss, or even loss of life. It is important to identify and prioritize actions or attacks that can lead to high-consequence events (HCEs) capable of crippling critical functions of any organization. In this work, we proposed a new approach to cybersecurity risk assessment by proposing the Consequence-Driven Cyber-Informed Engineering (CCE) approach and the Bayesian Belief Network (BBN) with Sensitivity Analysis (SA). For proof of concept, we tested the proposed approach at the Tennessee Eastman chemical plant and were able to uncover and prioritize ripple effects caused by disturbance or noise-induced attacks on critical infrastructure.
AB - The security of critical infrastructures is a challenge facing nations and states today as a result of the increased complexity and interconnectivity of these systems and their control from remote locations. Ensuring the security of critical systems requires engineering cybersecurity-related risks that attackers can exploit to cause severe consequences, such as equipment damage, environmental/water pollution, monetary loss, or even loss of life. It is important to identify and prioritize actions or attacks that can lead to high-consequence events (HCEs) capable of crippling critical functions of any organization. In this work, we proposed a new approach to cybersecurity risk assessment by proposing the Consequence-Driven Cyber-Informed Engineering (CCE) approach and the Bayesian Belief Network (BBN) with Sensitivity Analysis (SA). For proof of concept, we tested the proposed approach at the Tennessee Eastman chemical plant and were able to uncover and prioritize ripple effects caused by disturbance or noise-induced attacks on critical infrastructure.
KW - Bayesian belief network
KW - Critical infrastructures security
KW - cyber-informed engineering
KW - cybersecurity risk assessment
KW - High-consequence events
KW - Sensitivity analysis
UR - http://www.scopus.com/inward/record.url?scp=85179504093&partnerID=8YFLogxK
U2 - 10.1109/DSA59317.2023.00039
DO - 10.1109/DSA59317.2023.00039
M3 - Conference contribution
AN - SCOPUS:85179504093
T3 - Proceedings - 2023 10th International Conference on Dependable Systems and Their Applications, DSA 2023
SP - 260
EP - 271
BT - Proceedings - 2023 10th International Conference on Dependable Systems and Their Applications, DSA 2023
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 10th International Conference on Dependable Systems and Their Applications, DSA 2023
Y2 - 10 August 2023 through 11 August 2023
ER -