Cyber-physical System Risk Assessment

Abstract

Cyber Physical System (CPS) is a combination of physical systems with cyber systems, where there is a tight coupling between the two systems. It is widely used in critical national infrastructure, such as electric power, petroleum and chemical industries. Once an attack against the CPS obtains success, the consequence will be unimaginable. A well-designed risk assessment of CPS will provide an overall view of CPS security status and support efficient allocations of safeguard resources. Though there is much relationship between CPS and IT system, they are still different in various aspects, especially the requirement for real-time. Therefore, traditional risk assessment method for IT system can't be directly applied in CPS. New ideas on CPS risk assessment are in urgent need and one idea about this is addressed in this paper. Firstly, it presents a depict description of a three-level CPS architecture and makes an analysis on the corresponding security features in each level. Secondly, it sums up traditional risk assessment methods analyzes the differences between cyber physical system security and traditional IT system security. Finally, the authors blaze a trail under the new perspective of CPS after breaking the restriction of traditional risk assessment methods and propose a risk assessment idea for CPS.