A Modified Layer of Protection Analysis for Cyber-Physical Systems Security

Abstract

Layer of Protection Analysis (LOPA) is the most commonly used approach for quantitative safety risk assessment in the process control industry to protect a Cyber- Physical System (CPS) from accidental hazards-causing failures. The LOPA approach does not take into account failures due to intentional security attacks, hence yielding partially-protected systems. With security breaches on the rise for critical infrastructure, the LOPA methodology needs to be revisited to verify its underlying assumptions and synchronize safety and security lifecycles. In this paper, we study the LOPA methodology and identify the key mathematical assumptions that are violated in the presence of security attacks. We present a mathematical formulation for a modified LOPA to incorporate the probability of a security attack on a CPS and apply it to a testbed case study.