Building the Scientific Basis for Cyber Resilience of Critical Infrastructure

Rigorous methods and models are needed to quantify, measure, and increase the cyber resilience of critical infrastructure. An adversary may exploit vulnerabilities in the vital networks such as industrial control systems (ICS) associated with critical infrastructure (e.g., energy, financial, transportation, security), in order to achieve harmful consequences. In cyber systems, the number of vulnerabilities may be large, the attack surface changes over time, and the problem consists of both technical and non-technical factors (e.g., errors in software and human error). Given this complex and dynamic landscape, strategically mitigating risk is important, where “risk” considers both the probability of an event and the consequences if that event occurs. One way to decrease risk is to address consequences by ensuring that critical infrastructure is resilient. In this context, resilience is characterized by the magnitude and duration of a deviation from targeted performance levels, given a disruption. Increasing resilience decreases the consequences of a successful attack.