Sciweavers

DSN
2008
IEEE

Automatic security assessment of critical cyber-infrastructures

14 years 6 months ago
Automatic security assessment of critical cyber-infrastructures
This research investigates the automation of security assessment of the static and dynamic properties of cyberinfrastructures, with emphasis on the electrical power grid. We describe a network model representing the static elements of a cyberinfrastructure including devices, services, network connectivity, vulnerabilities, and access controls. The dynamic elements include workflow models of the operating procedures, processes and the state of a working power grid. We introduce a toolkit that with a little manual assistance can automatically generate these models from specifications, continuously update attributes from online event aggregators, and perform security assessment. The assessment reveals whether observed anomalies about the system could indicate possible security problems and permit dynamic ranking of alternative recovery procedures to minimize the total risk. We motivate the use of the tool-chain by showing an example scenario where the recovery procedure recommended to ...
Zahid Anwar, Ravinder Shankesi, Roy H. Campbell
Added 29 May 2010
Updated 29 May 2010
Type Conference
Year 2008
Where DSN
Authors Zahid Anwar, Ravinder Shankesi, Roy H. Campbell
Comments (0)