Criticality based Optimal Cyber Defense Remediation in Energy Delivery Systems

Kamrul Hasan; Sachin Shetty; Md. Ullah; Amin Hassanzadeh; Tariqul Islam

doi:10.4108/eai.10-9-2021.170949

EAI Endorsed Transactions on Security and Safety (Sep 2021)

Criticality based Optimal Cyber Defense Remediation in Energy Delivery Systems

Kamrul Hasan,
Sachin Shetty,
Md. Ullah,
Amin Hassanzadeh,
Tariqul Islam

Affiliations

Kamrul Hasan: Tennessee State University, Nashville, TN, USA
Sachin Shetty: Old Dominion University, Norfolk, VA, USA
Md. Ullah: Old Dominion University, Norfolk, VA, USA
Amin Hassanzadeh: Accenture Labs, Cyber Fusion Center, Accenture
Tariqul Islam: Syracuse University, Syracuse, NY, USA

DOI: https://doi.org/10.4108/eai.10-9-2021.170949
Journal volume & issue: Vol. 8, no. 28

Abstract

Read online

A prioritized cyber defense remediation plan is critical for effective risk management in Energy DeliverySystem (EDS). Due to the complexity of EDS in terms of heterogeneous nature blending InformationTechnology (IT) and Operation Technology (OT) and Industrial Control System (ICS), scale and criticalprocesses tasks, prioritized remediations should be applied gradually to protect critical assets. In this work,we propose a methodology for a prioritized cyber risk remediation plan by detecting and evaluating pathsto critical nodes in EDS. We propose critical nodes characteristics evaluation based on nodes’ architecturalpositions, a measure of centrality based on nodes’ connectivity and frequency of network traffic, as well as thecontrolled amount of physical loads. The paper also examines the relationship between cost models of budgetallocation for the removal of vulnerabilities on critical nodes and its impact on gradual readiness.

Published in EAI Endorsed Transactions on Security and Safety

ISSN: 2032-9393 (Online)
Publisher: European Alliance for Innovation (EAI)
Country of publisher: Belgium
LCC subjects: Technology
Website: https://eudl.eu/journal/sesa

About the journal

Abstract

Keywords