Fusing Vulnerabilities Spatiotemporal Characteristics into Cyber-resilience-oriented Planning of Cyber-Physical Systems

Project: Research

View graph of relations


Digitalization exposes societies and industries to new (cyber) vulnerabilities. Specific to Cyber-Physical Systems (CPSs), which benefit for the integration of cyber elements and physical processes, attacks to the cyber networks can generate cascading impacts to the interconnected physical processes. Cybersecurity risk assessment, then, becomes fundamental for CPSs. Vulnerability assessment is the basis, however, concerns arise on the snapshot scenario modelling of attack-defense interactive behavior, which neglects the real-life threats posed by intelligent (sequential) attacks and fails to analyze their timing and sequencing nature; thus, they remain unknown known. As a consequence, the realism of cyber-resilience-oriented decision analysis is weakened, leading to incorrect cost-benefit assessment of a range of options.  In this project, we propose to develop a methodology for enabling cyber-resilience-oriented planning of CPSs, so as to provide the system with the ability of withstanding, absorbing, recovering from, and adapting to the consequences of cascades from uncertain attacks, whilst minimizing the investment costs and the recovery time. First, we will cluster the stochastic operation characteristics of a CPS, which is dynamically influenced by the uncertainty originating from multiple physical and environmental factors. Second, we will uncover the spatiotemporal characteristics related to CPS vulnerabilities, in relation to their relevance for the cascading impacts on the system physical process. To give due account to this, we will analyze the centrality of the different vulnerabilities and their interdependencies. Third, we will optimize the cyber-resilience- oriented planning. On one hand, a redundancy planning will be sought to enable the system to avoid and withstand potential damage from uncertain sequential attacks. The cost-optimal decision will be acquired by the integration of dynamic graphical modelling into game theory, capable of trading off the decision robustness against the uncertainty of sequential attack behavior. On the other hand, a response and recovery planning will be sought to enable the system to absorb, recover from, and adapt to attack-provoked cascading failures. The cost- and time-optimal decision will be reached when the countermeasures preferentially cut off cascade paths for gracefully degrading the system functionality and, then, reestablish the operation within an acceptable duration. The proposed methodology will be demonstrated on real-world CPS applications, with the underlying aim of mining new information and knowledge to cybersecurity protection and resilience enhancements of CPSs in dealing with cyber vulnerable scenarios. 


Project number9043545
Grant typeGRF
Effective start/end date1/01/24 → …