Cyber-Physical Security Assessment (CyPSA) Toolset

Garcia, Luis; Patapanchala, Panini; Zonouz, Saman; Davis, Kate; Davis, Matt; Berthier, Robin; Bamba, Mouna; Soubigou, Olivier; Rayala, Vishnu Priya; Weaver, Gabe; Rogers, Edmond; Bobba, Rakesh; Nicol, David; Sauer, Pete

doi:10.11578/dc.20220718.101

Title: Cyber-Physical Security Assessment (CyPSA) Toolset

Software · Wed Aug 31 00:00:00 EDT 2016

DOI:https://doi.org/10.11578/dc.20220718.101· OSTI ID:1341011 · Code ID:76717

Garcia, Luis ^[1]; Patapanchala, Panini ^[2]; Zonouz, Saman ^[1]; Davis, Kate ^[3]; Davis, Matt ^[4]; Berthier, Robin ^[3]; Bamba, Mouna ^[3]; Soubigou, Olivier ^[3]; Rayala, Vishnu Priya ^[5]; Weaver, Gabe ^[3]; Rogers, Edmond ^[3]; Bobba, Rakesh ^[2]; Nicol, David ^[3]; Sauer, Pete ^[6]

Rutgers University
Oregon State University
Univ. of Illinois
PowerWorld Corp.
Oregon State Univ.
Univ. of Illinois.

CyPSA seeks to organize and gain insight into the diverse sets of data that a critical infrastructure provider must manage. Specifically CyPSA inventories, manages, and analyzes assets and relations among those assets. A variety of interfaces are provided. CyPSA inventories assets (both cyber and physical). This may include the cataloging of assets through a common interface. Data sources used to generate a catalogue of assets include PowerWorld, NPView, NMap Scans, and device configurations. Depending upon the role of the person using the tool the types of assets accessed as well as the data sources through which asset information is accessed may vary. CyPSA allows practitioners to catalogue relations among assets and these may either be manually or programmatically generated. For example, some common relations among assets include the following: Topological Network Data: Which devices and assets are connected and how? Data sources for this kind of information include NMap scans, NPView topologies (via Firewall rule analysis). Security Metrics Outputs: The output of various security metrics such as overall exposure. Configure Assets:CyPSA may eventually include the ability to configure assets including relays and switches. For example, a system administrator would be able to configure and alter the state of a relay via the CyPSA interface. Annotate Assets: CyPSA also allows practitioners to manually and programmatically annotate assets. Sources of information with which to annotate assets include provenance metadata regarding the data source from which the asset was loaded, vulnerability information from vulnerability databases, configuration information, and the output of an analysis in general.

View Publicly Accessible Repository

Cite

Export

Save

Short Name / Acronym:: CyPSA

Project Type:: Open Source, Publicly Available Repository

Site Accession Number:: 7343

Software Type:: Scientific

License(s):: Other

Programming Language(s):: Java, Python

Research Organization:: Univ. of Illinois at Urbana-Champaign, IL (United States)

Sponsoring Organization:: USDOE Advanced Research Projects Agency - Energy (ARPA-E)

Primary Award/Contract Number:

AR0000342

DOE Contract Number:: AR0000342

Code ID:: 76717

OSTI ID:: 1341011

Country of Origin:: United States

Similar Records

Evaluation Report on "The Department's Unclassified Cyber Security Program"

Technical Report · Thu Oct 01 00:00:00 EDT 2009 · OSTI ID:1341011

Cyber Friendly Fire

Technical Report · Thu Sep 01 00:00:00 EDT 2011 · OSTI ID:1341011

Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

Constructing vulnerabilty and protective measures indices for the enhanced critical infrastructure protection program.

Technical Report · Wed Oct 14 00:00:00 EDT 2009 · OSTI ID:1341011

Fisher, R E; Buehring, W A; Whitfield, R G; +6 more

Title: Cyber-Physical Security Assessment (CyPSA) Toolset

Citation Formats

Similar Records

Related Subjects