Dependencies and interdependencies between critical infrastructures are difficult to identify and model because their effects appear infrequently with unpredictable consequences. The addition of cyber attacks in this context makes the analysis even more complex. Integrating the consequences of cyber attacks and interdependencies requires detailed knowledge about both concepts at a common level of abstraction. CISIApro is a critical infrastructure simulator that was created to evaluate the consequences of faults and failures in interdependent infrastructures. This chapter demonstrates the use of CISIApro to evaluate the effects of cyber attacks on physical equipment and infrastructure services. A complex environment involving three interconnected infrastructures is considered: a medium voltage power grid managed by a control center over a SCADA network that is interconnected with a general-purpose telecommunications network. The functionality of the simulator is showcased by subjecting the interconnected infrastructures to an ARP spoofing attack and worm infection. The simulation demonstrates the utility of CISIApro in supporting decision making by electric grid operators, in particular, helping choose between alternative fault isolation and system restoration procedures.

Foglietta, C., Palazzo, C., Santini, R., Panzieri, S. (2015). Assessing cyber risk using the CISIApro simulator. In IFIP Advances in Information and Communication Technology (pp.315-331). Springer New York LLC [10.1007/978-3-319-26567-4_19].

Assessing cyber risk using the CISIApro simulator

FOGLIETTA, CHIARA;PALAZZO, COSIMO;SANTINI, RICCARDO;PANZIERI, Stefano
2015-01-01

Abstract

Dependencies and interdependencies between critical infrastructures are difficult to identify and model because their effects appear infrequently with unpredictable consequences. The addition of cyber attacks in this context makes the analysis even more complex. Integrating the consequences of cyber attacks and interdependencies requires detailed knowledge about both concepts at a common level of abstraction. CISIApro is a critical infrastructure simulator that was created to evaluate the consequences of faults and failures in interdependent infrastructures. This chapter demonstrates the use of CISIApro to evaluate the effects of cyber attacks on physical equipment and infrastructure services. A complex environment involving three interconnected infrastructures is considered: a medium voltage power grid managed by a control center over a SCADA network that is interconnected with a general-purpose telecommunications network. The functionality of the simulator is showcased by subjecting the interconnected infrastructures to an ARP spoofing attack and worm infection. The simulation demonstrates the utility of CISIApro in supporting decision making by electric grid operators, in particular, helping choose between alternative fault isolation and system restoration procedures.
2015
9783319265667
Foglietta, C., Palazzo, C., Santini, R., Panzieri, S. (2015). Assessing cyber risk using the CISIApro simulator. In IFIP Advances in Information and Communication Technology (pp.315-331). Springer New York LLC [10.1007/978-3-319-26567-4_19].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11590/299490
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 9
  • ???jsp.display-item.citation.isi??? 7
social impact