Skip navigation

Cyra: A real-time risk-based security assessment framework for cyber attacks prevention in industrial control systems

Cyra: A real-time risk-based security assessment framework for cyber attacks prevention in industrial control systems

Sani, Abubakar Sadiq, Yuan, Dong, Yeoh, Phee Lep, Qiu, Jing, Bao, Wei, Vucetic, Branka and Dong, Zhao Yang (2020) Cyra: A real-time risk-based security assessment framework for cyber attacks prevention in industrial control systems. In: 2019 IEEE Power & Energy Society General Meeting (PESGM). IEEExplore . Institute of Electrical and Electronics Engineers (IEEE), Piscataway, NJ, pp. 1-5. ISBN 9781728119816 ; 9781728119823 ISSN 1944-9925 (Print), 1944-9933 (Online) (doi:https://doi.org/10.1109/PESGM40551.2019.8973948)

[img] PDF (Author's published manuscript)
33216_SANI_Cyra_A_real_time_risk_based_security_assessment_framework_for_cyber_attacks_prevention_in_industrial_control_systems.pdf - Published Version
Restricted to Repository staff only

Download (450kB) | Request a copy

Abstract

Insufficient authentication and authorization of interconnected components are major risks in the Industrial Control System (ICS). To address this, we introduce CyRA, a realtime risk-based security assessment framework that consists of a Nested-ICS security architecture, secure registration protocol, and risk-based multi-factor authentication protocol by which every component is authenticated and authorized to ensure secure communications and prevent cyber attacks in the ICS. Our proposed framework applies Zero-Knowledge Proof of Knowledge (ZKPK) to perform risk-based multi-factor authentication and authorization using a digitally signed identity that encodes secrets provided by the component. Our approach is based on Threat Modeling (TM), Vulnerability Identification (VI), and Consequence Analysis (CA) to provide adequate and efficient authentication and authorization in the ICS. The resilience of our framework is evaluated against recent well-known cyber attacks. Specifically, we conduct a risk-based security assessment for a Safety Instrumentation System (SIS) communication protocol, known as TriStation. The results show that our framework enhances the security of the protocol in dealing with real-time uncertainty of threats, vulnerabilities, and consequences from a new cyber-attack, known as TRITON malware.

Item Type: Conference Proceedings
Title of Proceedings: 2019 IEEE Power & Energy Society General Meeting (PESGM)
Uncontrolled Keywords: Industrial control system, risk-based security assessment, authentication, authorization, security protocols
Subjects: H Social Sciences > HD Industries. Land use. Labor > HD61 Risk Management
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / Department / Research Group: Faculty of Liberal Arts & Sciences
Faculty of Liberal Arts & Sciences > Internet of Things and Security (ISEC)
Related URLs:
Last Modified: 17 Aug 2021 14:45
Selected for GREAT 2016: None
Selected for GREAT 2017: None
Selected for GREAT 2018: None
Selected for GREAT 2019: None
Selected for REF2021: None
URI: http://gala.gre.ac.uk/id/eprint/33216

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics