Quantifying the Impact of External Attacks on a Distributed Automatic Track Warning System

2015 IEEE International Conference on Dependable Systems and Networks Workshops Pub Date : 2015-06-22 DOI:10.1109/DSN-W.2015.22

Leonardo Montecchi, P. Lollini, A. Bondavalli

{"title":"Quantifying the Impact of External Attacks on a Distributed Automatic Track Warning System","authors":"Leonardo Montecchi, P. Lollini, A. Bondavalli","doi":"10.1109/DSN-W.2015.22","DOIUrl":null,"url":null,"abstract":"For several years, the vulnerability of Critical Infrastructures (CIs) to cyber-threats has been limited, since they were mostly isolated systems, using proprietary protocols. Nowadays, CIs are increasingly threatened by external attacks: the use of off-the-shelf components is common, they have become interconnected, and sometimes also connected to the Internet. This problem is exacerbated by the recent trend towards the adoption of wireless connectivity and mobile devices, which is gaining interest also in this domain. One of the main challenges is to quantify the impact that external attacks may have on the infrastructure, and ensure that its dependability and safety requirements can still be fulfilled. In this paper we focus on the ALARP system, which protects workers on the railway infrastructure using distributed mobile terminals, and evaluate the impact of two attacks to the communication infrastructure. In performing such analysis, we experiment with a new method, which combines a stochastic model of the system with a model of the attacker, and quantifies the impact of specific attacks on precise safety and availability metrics.","PeriodicalId":202329,"journal":{"name":"2015 IEEE International Conference on Dependable Systems and Networks Workshops","volume":"118 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE International Conference on Dependable Systems and Networks Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSN-W.2015.22","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

For several years, the vulnerability of Critical Infrastructures (CIs) to cyber-threats has been limited, since they were mostly isolated systems, using proprietary protocols. Nowadays, CIs are increasingly threatened by external attacks: the use of off-the-shelf components is common, they have become interconnected, and sometimes also connected to the Internet. This problem is exacerbated by the recent trend towards the adoption of wireless connectivity and mobile devices, which is gaining interest also in this domain. One of the main challenges is to quantify the impact that external attacks may have on the infrastructure, and ensure that its dependability and safety requirements can still be fulfilled. In this paper we focus on the ALARP system, which protects workers on the railway infrastructure using distributed mobile terminals, and evaluate the impact of two attacks to the communication infrastructure. In performing such analysis, we experiment with a new method, which combines a stochastic model of the system with a model of the attacker, and quantifies the impact of specific attacks on precise safety and availability metrics.

查看原文本刊更多论文

量化外部攻击对分布式自动航迹预警系统的影响

几年来，关键基础设施(ci)对网络威胁的脆弱性一直很有限，因为它们大多是使用专有协议的孤立系统。如今，ci越来越多地受到外部攻击的威胁:现成组件的使用很常见，它们已经相互连接，有时还连接到Internet。最近无线连接和移动设备的采用趋势加剧了这一问题，这也引起了人们对这一领域的兴趣。主要挑战之一是量化外部攻击可能对基础设施产生的影响，并确保其可靠性和安全性需求仍然可以得到满足。本文重点研究了利用分布式移动终端保护铁路基础设施工作人员的ALARP系统，并评估了两种攻击对通信基础设施的影响。在进行此类分析时，我们尝试了一种新方法，该方法将系统的随机模型与攻击者的模型相结合，并量化特定攻击对精确安全性和可用性指标的影响。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2015 IEEE International Conference on Dependable Systems and Networks Workshops

自引率

0.00%

发文量