Automatic Security Assessment of Control Systems for Critical Cyber -Infrastructures
Anwar, Zahid
This item is only available for download by members of the University of Illinois community. Students, faculty, and staff at the U of I may log in with your NetID and password to view the item. If you are trying to access an Illinois-restricted dissertation or thesis, you can request a copy through your library's Inter-Library Loan office or purchase a copy directly from ProQuest.
Permalink
https://hdl.handle.net/2142/81842
Description
Title
Automatic Security Assessment of Control Systems for Critical Cyber -Infrastructures
Author(s)
Anwar, Zahid
Issue Date
2008
Doctoral Committee Chair(s)
Campbell, Roy H.
Department of Study
Computer Science
Discipline
Computer Science
Degree Granting Institution
University of Illinois at Urbana-Champaign
Degree Name
Ph.D.
Degree Level
Dissertation
Keyword(s)
Computer Science
Language
eng
Abstract
This research attempts to bridge this gap by investigating the automation of security assessment of the static and dynamic properties of critical infrastructures. We describe first-order logic based models of the static elements including power and control devices, services and connectivity, and re-writing logic based models of the dynamic elements such as operating procedure workflows, and the state of a working power grid. We introduce a tool-chain that, with a little manual assistance, can automatically generate these models from specifications, continuously update attributes from online event aggregators, and perform security assessment. Aside from checking whether the system configuration conforms to recommended best-practices for establishing security controls, the assessment also reveals whether the observed anomalies about the system could indicate possible security problems and permits dynamic ranking of alternative recovery procedures to minimize the total risk. Moreover the tool-chain can recommend an optimal selection of security schemes to apply to various vulnerable parts of the Power Grid network to maximize security when faced with a budget constraint. A case study on security hardening the IEEE power system 118-bus test case from a pool of five different best-practice schemes is used to demonstrate the feasibility of the tool chain implementation.
Use this login method if you
don't
have an
@illinois.edu
email address.
(Oops, I do have one)
IDEALS migrated to a new platform on June 23, 2022. If you created
your account prior to this date, you will have to reset your password
using the forgot-password link below.
