Towards analyzing the impact of intrusion prevention and response on cyber-physical system availability: A case study of NPP

Abstract

The idea of industry 4.0 is quite pertinent for CPS. The integration of cyber components enhances a physical system's capabilities by incorporating intelligence into objects and services. On the other hand, these systems are more vulnerable to cyber-attacks than traditional hard-wired electro-mechanical systems and infrastructure as they are accessible through the Internet. Most of such systems are safety–critical, where successful attacks may result in catastrophic situations by disturbing a critical system's functionalities. To disrupt the physical process, the attacker should have a deep understanding of operational and control parameters and failure conditions of system components. The attacker first intrudes into the system and subsequently abuses the process parameters to disrupt the physical process. Consideration of these issues is important to evaluate the security of CPS. Hence, this work presents a Generalized Stochastic Petri Net (GSPN) based approach to analyze the effect of integrating the preventive and reactive measures against cyber attacks. By analyzing the model, system security is quantitatively estimated in terms of security metrics such as mean-time-to disrupt and system availability. We validate the combined effect of preventive and responsive measures on a case study of Nuclear power plant (NPP), which is one of the primary sources of electric power generation. © 2021 Elsevier Ltd