Rotibi, Ayodeji, Saxena, Neetesh ORCID: https://orcid.org/0000-0002-6437-0807, Burnap, Peter ORCID: https://orcid.org/0000-0003-0396-633X and Reed, Craig 2024. System-level operational cyber risks identification in industrial control systems. Cyber-Physical Systems 10.1080/23335777.2024.2373388 |
Preview |
PDF
- Published Version
Available under License Creative Commons Attribution. Download (3MB) | Preview |
Abstract
In Industrial Control Systems (ICS), where complex interdependencies abound, cyber incidents can have far-reaching consequences. Dependency modelling, a valuable technique for assessing cyber risks, aims to decipher relationships among variables. However, its effectiveness is often hampered by limited data exposure, hindering the analysis of direct and indirect impacts. We present a unique method that transforms dependency modelling data into a Bayesian Network (BN) structure and leverages causality and reasoning to extract inferences from seemingly unrelated events. Using operational ICS data, we confirm our method enables stakeholders to make better decisions about system security, stability, and reliability.
Item Type: | Article |
---|---|
Date Type: | Published Online |
Status: | Published |
Schools: | Computer Science & Informatics |
Publisher: | Taylor & Francis |
ISSN: | 2333-5777 |
Funders: | EPSRC |
Date of First Compliant Deposit: | 9 July 2024 |
Date of Acceptance: | 21 June 2024 |
Last Modified: | 05 Aug 2024 15:27 |
URI: | https://orca.cardiff.ac.uk/id/eprint/170091 |
Actions (repository staff only)
Edit Item |