Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Exploiting Submodularity in Security Measure Allocation for Industrial Control Systems
KTH.
2017 (English)In: Proceedings of the 1st ACM Workshop on the Internet of Safe Things, ACM , 2017, p. 64-69Conference paper, Published paper (Refereed)
Abstract [en]

Industrial control systems are cyber-physical systems that are used to operate critical infrastructures such as smart grids, traffic systems, industrial facilities, and water distribution networks. The digitalization of these systems increases their efficiency and decreases their cost of operation, but also makes them more vulnerable to cyber-attacks. In order to protect industrial control systems from cyber-attacks, the installation of multiple layers of security measures is necessary. In this paper, we study how to allocate a large number of security measures under a limited budget, such as to minimize the total risk of cyber-attacks. The security measure allocation problem formulated in this way is a combinatorial optimization problem subject to a knapsack (budget) constraint. The formulated problem is NP-hard, therefore we propose a method to exploit submodularity of the objective function so that polynomial time algorithms can be applied to obtain solutions with guaranteed approximation bounds. The problem formulation requires a preprocessing step in which attack scenarios are selected, and impacts and likelihoods of these scenarios are estimated. We discuss how the proposed method can be applied in practice.

Place, publisher, year, edition, pages
ACM , 2017. p. 64-69
Series
SafeThings’17
Keywords [en]
Control Systems, Cyber-attacks, Security measure allocation, Submodularity
National Category
Control Engineering
Identifiers
URN: urn:nbn:se:kth:diva-223238DOI: 10.1145/3137003.3137011Scopus ID: 2-s2.0-85041383091OAI: oai:DiVA.org:kth-223238DiVA, id: diva2:1185390
Conference
15th ACM Conference on Embedded Networked Sensor Systems (SenSys 2017)
Projects
CERCES
Note

QC 20180312

Available from: 2018-02-23 Created: 2018-02-23 Last updated: 2018-03-12Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopushttp://doi.acm.org/10.1145/3137003.3137011

Authority records BETA

Tanaka, TakashiSandberg, HenrikJohansson, Karl H.

Search in DiVA

By author/editor
Milošević, JezdimirTanaka, TakashiSandberg, HenrikJohansson, Karl H.
By organisation
KTH
Control Engineering

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 164 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf