Risk assessment method for cyber security of cyber physical systems

Cyber security is one of the most important risks for all types of cyber-physical systems (CPS). To evaluate the cyber security risk of CPS, a quantitative hierarchized assessment model consists of attack severity, attack success probability and attack consequence is proposed, which can assess the risk caused by an ongoing attack at host level and system level. Then the definitions and calculation methods of the three indexes are discussed in detail. Finally, this paper gives the risk assessment algorithm which describes the steps of implementation. Numerical example shows that the model can response to the attack timely and obtain the system security risk change curve. So that it can help users response to the risk timely. The risk change curve can also be used to predict the risk for the future time.