| Energy Informatics | |
| powerLang: a probabilistic attack simulation language for the power domain | |
| article | |
| Hacks, Simon1 Katsikeas, Sotirios1 Ling, Engla1 Lagerström, Robert1 Ekstedt, Mathias1 | |
| [1] Division of Network and Systems Engineering, KTH Royal Institute of Technology | |
| 关键词: Threat modeling; Attack simulation; Domain specific language; Power domain; Industrial control systems; | |
| DOI : 10.1186/s42162-020-00134-4 | |
| 来源: Springer | |
 PDF
|
|
【 摘 要 】
Cyber-attacks on power-related IT and OT infrastructures can have disastrous consequences for individuals, regions, as well as whole nations. In order to respond to these threats, the cyber security assessment of IT and OT infrastructures can foster a higher degree of safety and resilience against cyber-attacks. Therefore, the use of attack simulations based on system architecture models is proposed. To reduce the effort of creating new attack graphs for each system under assessment, domain-specific languages (DSLs) can be employed. DSLs codify the common attack logics of the considered domain. Previously, MAL (the Meta Attack Language) was proposed, which serves as a framework to develop DSLs and generate attack graphs for modeled infrastructures. In this article, powerLang as a MAL-based DSL for modeling IT and OT infrastructures in the power domain is proposed. Further, it allows analyzing weaknesses related to known attacks. To comprise powerLang, two existing MAL-based DSL are combined with a new language focusing on industrial control systems (ICS). Finally, this first version of the language was validated against a known cyber-attack.
【 授权许可】
CC BY
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| RO202108110000052ZK.pdf | 1496KB |  download |
878987797
028-85220240
