Security Indices for Path Rankings
- NP-View provides the “cost” for each cyber path, p(i), that leads to a critical asset:
Cost(p(i))
- Each critical asset is assigned a reward based on attached physical contingencies:
PerformanceIndex(p(i))
- CyPSA ranks low cost, high impact attacks by: SecurityIndex(p(i))
-
-
CyPSA Analysis. Click image to enlarge.
-
-
Example Attack Path. Click image to enlarge.
Asset Ranking
- Rank based on both impact and cyber exposure”
- impact: power system performance index
- cyber exposure: different metrics
- number of potential attack paths
- ease of realizing at attack
- Rank cyber and physical assets
- cyber: hosts in the network – e.g., Jump Host
- physical: relays
Potential Use Cases
- Inventory Management
- Securely view and manage confidential cyber-physical interconnection data
- Visualize Cyber-to-Physical
- Mapping, State. Follows from inventory management.
- Aggregate Exposure
- Based on similar assets and/or due to a shared vulnerability
- Prioritizing Multiple Contingencies
- N-1-1: Exposed line is 1st and rest of the lines are 2nd
- Exposure of Substations to Cyber Attack
- Identify exposed assets that will lead to multi-substation attack
- Proximity to Cascading Outages
- Track cyber-exposure of cascading outages
- Looking Beyond Line Outages
- Loss of situational awareness
- Loss of EMS functionality