skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: A Framework for Development of Risk-Informed Autonomous Adaptive Cyber Controller

Journal Article · · Journal of Computing and Information Science in Engineering
DOI:https://doi.org/10.1115/1.4043040· OSTI ID:1597086
ORCiD logo [1];  [1];  [1]; ORCiD logo [1];  [1];  [1]
  1. BATTELLE (PACIFIC NW LAB)
+ Show Author Affiliations

This article details a framework and methodology to risk-inform the decisions of an unsupervised cyber controller. A risk assessment methodology within this framework uses a combination of fault trees, event trees and attack graphs to trace and map cyber elements with business processes. The methodology attempts to prevent and mitigate cyberattacks by using adaptive controllers that proactively reconfigure a network based on actionable risk estimates. The estimates are based on vulnerabilities and potential business consequences. A generic enterprise control system is used to demonstrate the wide applicability of the methodology. In addition, data needs, implementation, and potential pitfalls are discussed.

Research Organization:
Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
Sponsoring Organization:
USDOE
DOE Contract Number:
AC05-76RL01830
OSTI ID:
1597086
Report Number(s):
PNNL-SA-129745
Journal Information:
Journal of Computing and Information Science in Engineering, Vol. 19, Issue 4
Country of Publication:
United States
Language:
English

References (22)

Risk Management of Autonomous Marine Systems and Operations
  • Utne, Ingrid Bouwer; Sørensen, Asgeir J.; Schjølberg, Ingrid
  • ASME 2017 36th International Conference on Ocean, Offshore and Arctic Engineering, Volume 3B: Structures, Safety and Reliability https://doi.org/10.1115/OMAE2017-61645
conference September 2017
Cyber Security Issues in Navigation Systems of Marine Vessels From a Control Perspective
  • Hassani, Vahid; Crasta, Naveena; Pascoal, António M.
  • ASME 2017 36th International Conference on Ocean, Offshore and Arctic Engineering, Volume 7B: Ocean Engineering https://doi.org/10.1115/OMAE2017-61771
conference September 2017
Vulnerabilities of Cyber-Physical Linear Control Systems to Sophisticated Attacks
  • Radisavljevic-Gajic, Verica; Park, Seri; Chasaki, Danai
  • ASME 2017 Dynamic Systems and Control Conference, Volume 2: Mechatronics; Estimation and Identification; Uncertain Systems and Robustness; Path Planning and Motion Control; Tracking Control Systems; Multi-Agent and Networked Systems; Manufacturing; Intelligent Transportation and Vehicles; Sensors and Actuators; Diagnostics and Detection; Unmanned, Ground and Surface Robotics; Motion and Vibration Control Applications https://doi.org/10.1115/DSCC2017-5386
conference November 2017
Cyber Security Assessment of Component Off-the-Shelf Based NPP I&C System Using IMECA Technique
  • Zelinko, Ilona; Kharchenko, Vyacheslav; Leontiev, Konstantin
  • 2017 25th International Conference on Nuclear Engineering, Volume 9: Student Paper Competition https://doi.org/10.1115/ICONE25-67120
conference October 2017
Internet of Things (IoT)-Based Apparatus and Method for Rail Crossing Alerting of Static or Dynamic Rail Track Intrusions conference July 2017
SFTA-Based Approach for Safety/Reliability Analysis of Operational Use-Cases in Cyber-Physical Systems journal July 2017
Cyber security risk assessment for SCADA and DCS networks journal October 2007
On The Quantitative Definition of Risk journal March 1981
A review of cyber security risk assessment methods for SCADA systems journal February 2016
Risk assessment method for cybersecurity of cyber-physical systems based on inter-dependency of vulnerabilities conference December 2015
Pra: a Perspective on Strengths, Current Limitations, and Possible Improvements journal February 2014
An autonomous control framework for advanced reactors journal August 2017
Software-defined energy communication networks: From substation automation to future smart grids conference October 2013
Cyber-security in substation automation systems journal February 2016
Cyber Integrated Metrology, Learning and Evaluation System: An Approach Towards Smart Factories
  • Helgoson, Martin; Westlin, Pontus; Kalhori, Vahid
  • ASME 2017 International Mechanical Engineering Congress and Exposition, Volume 2: Advanced Manufacturing https://doi.org/10.1115/IMECE2017-71336
conference January 2018
Cyber-physical security challenges in manufacturing systems journal April 2014
A Distributed Intelligence Approach to Using Collaborating Unmanned Aerial Vehicles for Oil Spill Mapping
  • Odonkor, Philip; Ball, Zachary; Chowdhury, Souma
  • ASME 2017 International Design Engineering Technical Conferences and Computers and Information in Engineering Conference, Volume 2A: 43rd Design Automation Conference https://doi.org/10.1115/DETC2017-68320
conference November 2017
Marine Autonomous Exploration Using a Lidar and SLAM
  • Ueland, Einar S.; Skjetne, Roger; Dahl, Andreas R.
  • ASME 2017 36th International Conference on Ocean, Offshore and Arctic Engineering, Volume 6: Ocean Space Utilization https://doi.org/10.1115/OMAE2017-61880
conference September 2017
Cloud-Assisted IoT-Based SCADA Systems Security: A Review of the State of the Art and Future Challenges journal January 2016
Confronting the risks of terrorism: making the right decisions journal November 2004
Measuring network security using dynamic bayesian network conference January 2008
Fault tree analysis: A survey of the state-of-the-art in modeling, analysis and tools journal February 2015

Similar Records

Related Subjects

reconfiguration
fault tree
event tree
attack graph
cybersecurity
controller
adaptive