skip to main content

DOE PAGESDOE PAGES

Title: Using Discrete Event Simulation to Model Attacker Interactions with Cyber and Physical Security Systems

The number of connections between physical and cyber security systems is rapidly increasing due to centralized control from automated and remotely connected means. As the number of interfaces between systems continues to grow, the interactions and interdependencies between them cannot be ignored. Historically, physical and cyber vulnerability assessments have been performed independently. This independent evaluation omits important aspects of the integrated system, where the impacts resulting from malicious or opportunistic attacks are not easily known or understood. Here, we describe a discrete event simulation model that uses information about integrated physical and cyber security systems, attacker characteristics and simple response rules to identify key safeguards that limit an attacker's likelihood of success. Key features of the proposed model include comprehensive data generation to support a variety of sophisticated analyses, and full parameterization of safeguard performance characteristics and attacker behaviours to evaluate a range of scenarios. Lastly, we also describe the core data requirements and the network of networks that serves as the underlying simulation structure.
Authors:
 [1] ;  [1]
  1. Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
Publication Date:
Grant/Contract Number:
AC0576RL01830
Type:
Accepted Manuscript
Journal Name:
Procedia Computer Science
Additional Journal Information:
Journal Volume: 61; Journal Issue: C; Journal ID: ISSN 1877-0509
Publisher:
Elsevier
Research Org:
Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
Sponsoring Org:
USDOE
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING; 98 NUCLEAR DISARMAMENT, SAFEGUARDS, AND PHYSICAL PROTECTION; Cyber-physical systems; vulnerability assessment; discrete event simulation; risk analysis
OSTI Identifier:
1347710

Perkins, Casey, and Muller, George. Using Discrete Event Simulation to Model Attacker Interactions with Cyber and Physical Security Systems. United States: N. p., Web. doi:10.1016/j.procs.2015.09.199.
Perkins, Casey, & Muller, George. Using Discrete Event Simulation to Model Attacker Interactions with Cyber and Physical Security Systems. United States. doi:10.1016/j.procs.2015.09.199.
Perkins, Casey, and Muller, George. 2015. "Using Discrete Event Simulation to Model Attacker Interactions with Cyber and Physical Security Systems". United States. doi:10.1016/j.procs.2015.09.199. https://www.osti.gov/servlets/purl/1347710.
@article{osti_1347710,
title = {Using Discrete Event Simulation to Model Attacker Interactions with Cyber and Physical Security Systems},
author = {Perkins, Casey and Muller, George},
abstractNote = {The number of connections between physical and cyber security systems is rapidly increasing due to centralized control from automated and remotely connected means. As the number of interfaces between systems continues to grow, the interactions and interdependencies between them cannot be ignored. Historically, physical and cyber vulnerability assessments have been performed independently. This independent evaluation omits important aspects of the integrated system, where the impacts resulting from malicious or opportunistic attacks are not easily known or understood. Here, we describe a discrete event simulation model that uses information about integrated physical and cyber security systems, attacker characteristics and simple response rules to identify key safeguards that limit an attacker's likelihood of success. Key features of the proposed model include comprehensive data generation to support a variety of sophisticated analyses, and full parameterization of safeguard performance characteristics and attacker behaviours to evaluate a range of scenarios. Lastly, we also describe the core data requirements and the network of networks that serves as the underlying simulation structure.},
doi = {10.1016/j.procs.2015.09.199},
journal = {Procedia Computer Science},
number = C,
volume = 61,
place = {United States},
year = {2015},
month = {10}
}