Mission-Oriented Security Framework: An Approach to Embrace Cyber Resilience in Design and Action

Abstract

The rapid development in IT and OT system makes interactions among themselves and with humans immerse in the information flows from the physical to cyberspace. The traditional view of cyber-security faces challenges of deliberate cyber-attacks and unpredictable failures. Hence, cyber resilience is a fundamental property that protects critical missions. In this paper, we presented a mission-oriented security framework to establish and enhance cyber-resilience in design and action. The definition of mission-oriented security is given to extend CIA metrics of cyber-security, and the process of mission executions is analyzed to distinguish the critical factors of cyber-resilience. The cascading failures in inter-domain networks and false data injection in the cyber-physical system are analyzed in the case study to demonstrate how the mission-oriented security framework can enhance cyber resilience.