Title :
Modeling the Stuxnet attack with BDMP: Towards more formal risk assessments
Author :
Kriaa, S. ; Bouissou, M. ; Pietre-Cambacedes, L.
Author_Institution :
Grenoble Inst. of Technol., Grenoble, France
Abstract :
Attack modeling has recently been adopted by security analysts as a useful tool in risk assessment of cyber-physical systems. We propose in this paper to model the Stuxnet attack with BDMP (Boolean logic Driven Markov Processes) formalism and to show the advantages of such modeling. After a description of the architecture targeted by Stuxnet, we explain the steps of the attack and model them formally with a BDMP. Based on estimated values of the success probabilities and rates of the elementary attack steps, we give a quantification of the main possible sequences leading to the physical destruction of the targeted industrial facility. This example completes a series of papers on BDMP applied to security by modeling a real case study. It highlights the advantages of BDMP compared to attack trees often used in security assessment.
Keywords :
Boolean functions; Markov processes; computer crime; formal logic; probability; risk management; BDMP; Boolean logic driven Markov processes; Stuxnet attack; attack modeling; attack trees; cyber-physical systems; formal risk assessments; industrial facility; physical destruction; real case modeling; risk assessment; security analysts; security assessment; Logic gates; Malware; Process control; Risk management; SCADA systems; Servers; BDMP; Stuxnet; attack trees; cyber-physical systems; risk assessment; security modeling;
Conference_Titel :
Risk and Security of Internet and Systems (CRiSIS), 2012 7th International Conference on
Conference_Location :
Cork
Print_ISBN :
978-1-4673-3087-9
Electronic_ISBN :
978-1-4673-3088-6
DOI :
10.1109/CRISIS.2012.6378942
