网络物理电力系统动态跨层安全风险评估与缓解

IF 9.4 1区工程技术 Q1 ENGINEERING, INDUSTRIAL

Reliability Engineering & System Safety Pub Date : 2025-03-25 DOI:10.1016/j.ress.2025.111027

Pengchao Yao , Qiang Yang , Wenhai Wang

{"title":"网络物理电力系统动态跨层安全风险评估与缓解","authors":"Pengchao Yao , Qiang Yang , Wenhai Wang","doi":"10.1016/j.ress.2025.111027","DOIUrl":null,"url":null,"abstract":"<div><div>Cyber-attacks targeting cyber-physical power systems (CPPSs) are increasingly recognized as complex and persistent cyber-to-physical (C2P) security threats, which introduce substantial cross-layer risks to critical power infrastructures. However, existing security frameworks fail to provide a comprehensive approach for risk assessment and mitigation against these ongoing and stealthy cross-layer attacks in CPPSs. This paper presents a cross-layer security risk management method that enables dynamic evaluation of cyber-physical security risks and the formulation of optimal defense strategies to reduce those risks. Specifically, an Extended Hierarchical Bayesian Attack Graph (EHBAG) is introduced to model the C2P attack risk propagation, which can infer the probability of physical-space incidents occurring based on detected attack nodes in the cyber layer. Observation nodes are incorporated into the EHBAG to represent uncertainty in the detected evidence. An attack surface generation algorithm is used to identify the most dangerous set of detected attack nodes within the EHBAG that require immediate attention. Then, a multi-objective security decision-making approach is presented to derive the optimal strategy for defending the highest-value nodes within the attack surface, aiming to reduce the cyber-physical security risks of the system. The proposed approach is implemented and evaluated using a real-world CPPS testbed and the numerical results confirmed its feasibility and effectiveness for risk assessment and mitigation.</div></div>","PeriodicalId":54500,"journal":{"name":"Reliability Engineering & System Safety","volume":"261 ","pages":"Article 111027"},"PeriodicalIF":9.4000,"publicationDate":"2025-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Dynamic cross-layer security risk assessment and mitigation for cyber-physical power systems\",\"authors\":\"Pengchao Yao , Qiang Yang , Wenhai Wang\",\"doi\":\"10.1016/j.ress.2025.111027\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Cyber-attacks targeting cyber-physical power systems (CPPSs) are increasingly recognized as complex and persistent cyber-to-physical (C2P) security threats, which introduce substantial cross-layer risks to critical power infrastructures. However, existing security frameworks fail to provide a comprehensive approach for risk assessment and mitigation against these ongoing and stealthy cross-layer attacks in CPPSs. This paper presents a cross-layer security risk management method that enables dynamic evaluation of cyber-physical security risks and the formulation of optimal defense strategies to reduce those risks. Specifically, an Extended Hierarchical Bayesian Attack Graph (EHBAG) is introduced to model the C2P attack risk propagation, which can infer the probability of physical-space incidents occurring based on detected attack nodes in the cyber layer. Observation nodes are incorporated into the EHBAG to represent uncertainty in the detected evidence. An attack surface generation algorithm is used to identify the most dangerous set of detected attack nodes within the EHBAG that require immediate attention. Then, a multi-objective security decision-making approach is presented to derive the optimal strategy for defending the highest-value nodes within the attack surface, aiming to reduce the cyber-physical security risks of the system. The proposed approach is implemented and evaluated using a real-world CPPS testbed and the numerical results confirmed its feasibility and effectiveness for risk assessment and mitigation.</div></div>\",\"PeriodicalId\":54500,\"journal\":{\"name\":\"Reliability Engineering & System Safety\",\"volume\":\"261 \",\"pages\":\"Article 111027\"},\"PeriodicalIF\":9.4000,\"publicationDate\":\"2025-03-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Reliability Engineering & System Safety\",\"FirstCategoryId\":\"5\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0951832025002285\",\"RegionNum\":1,\"RegionCategory\":\"工程技术\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"ENGINEERING, INDUSTRIAL\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Reliability Engineering & System Safety","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0951832025002285","RegionNum":1,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, INDUSTRIAL","Score":null,"Total":0}

引用次数: 0

摘要

针对网络物理电力系统（CPPSs）的网络攻击越来越被认为是复杂和持续的网络对物理（C2P）安全威胁，它给关键的电力基础设施带来了巨大的跨层风险。然而，现有的安全框架无法提供全面的风险评估和缓解方法，以应对CPPSs中正在进行的隐形跨层攻击。本文提出了一种跨层安全风险管理方法，能够动态评估网络物理安全风险，并制定最优防御策略来降低这些风险。具体而言，引入扩展层次贝叶斯攻击图（EHBAG）模型对C2P攻击风险传播进行建模，该模型可以根据检测到的网络层攻击节点推断出物理空间事件发生的概率。观测节点被纳入EHBAG来表示检测到的证据的不确定性。攻击面生成算法用于识别EHBAG中检测到的最危险、需要立即关注的攻击节点集。然后，提出了一种多目标安全决策方法，推导出防御攻击面内最高值节点的最优策略，以降低系统的网络物理安全风险。在实际的CPPS测试平台上对所提出的方法进行了实施和评估，数值结果证实了该方法在风险评估和缓解方面的可行性和有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Dynamic cross-layer security risk assessment and mitigation for cyber-physical power systems

Cyber-attacks targeting cyber-physical power systems (CPPSs) are increasingly recognized as complex and persistent cyber-to-physical (C2P) security threats, which introduce substantial cross-layer risks to critical power infrastructures. However, existing security frameworks fail to provide a comprehensive approach for risk assessment and mitigation against these ongoing and stealthy cross-layer attacks in CPPSs. This paper presents a cross-layer security risk management method that enables dynamic evaluation of cyber-physical security risks and the formulation of optimal defense strategies to reduce those risks. Specifically, an Extended Hierarchical Bayesian Attack Graph (EHBAG) is introduced to model the C2P attack risk propagation, which can infer the probability of physical-space incidents occurring based on detected attack nodes in the cyber layer. Observation nodes are incorporated into the EHBAG to represent uncertainty in the detected evidence. An attack surface generation algorithm is used to identify the most dangerous set of detected attack nodes within the EHBAG that require immediate attention. Then, a multi-objective security decision-making approach is presented to derive the optimal strategy for defending the highest-value nodes within the attack surface, aiming to reduce the cyber-physical security risks of the system. The proposed approach is implemented and evaluated using a real-world CPPS testbed and the numerical results confirmed its feasibility and effectiveness for risk assessment and mitigation.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Reliability Engineering & System Safety 管理科学-工程：工业

CiteScore

15.20

自引率

39.50%

发文量

621

审稿时长

67 days

期刊介绍： Elsevier publishes Reliability Engineering & System Safety in association with the European Safety and Reliability Association and the Safety Engineering and Risk Analysis Division. The international journal is devoted to developing and applying methods to enhance the safety and reliability of complex technological systems, like nuclear power plants, chemical plants, hazardous waste facilities, space systems, offshore and maritime systems, transportation systems, constructed infrastructure, and manufacturing plants. The journal normally publishes only articles that involve the analysis of substantive problems related to the reliability of complex systems or present techniques and/or theoretical results that have a discernable relationship to the solution of such problems. An important aim is to balance academic material and practical applications.