A method for quantitatively vulnerability evaluation of Cyberphysical system based on generalized profit was proposed. The vulnerability was analyzed from the network point of view, and physical devices were used to access the rationality. Component profit, physical profit and link profit, which can be calculated based on the topological structure of Cyberphysical system, were combined to evaluate the vulnerability of the whole system. By comparing ideal network with real network, some indicators, such as transmission cost function, network equilibrium condition, network connectivity performance and link importance, were used to calculate link profit. Later, component profit was quantified by offensive and defensive game model. Attack strategy set and defense strategy set should be both considered. The quantification of physical profit was based on vulnerability criteria. Generalized profit was calculated after quantifying the link profit, component profit and physical profit. Finally, a case of substation system network was analyzed and simulated to verify the rationality of this method. The experimental results show that this method can analyze the vulnerability of each path more comprehensively and obtain a path with the largest generalized profit (i.e. highest vulnerability).
HUANG Jia hui, FENG Dong qin. Method for vulnerability evaluation of Cyberphysical system based on generalized profit. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2016, 50(6): 1119-1125.
[1] VENKATASUBRAMANIAN K K. Security solutions for Cyberphysical systems [D]. Phoenix: Arizona State University, 2009.
[2] LAPRIE J C, KANOUN K, KANICHE M. Modelling interdependencies between the electricity and information infrastructures [J]. Lecture Notes in Computer Science, 2008, 4680: 54-67.
[3] VALENTE J, BARRETO C, CRDENAS A A. Cyberphysical systems attestation [C]∥ IEEE International Conference on Distributed Computing in Sensor Systems. Marina Del Rey: IEEE, 2014: 354-357.
[4] SWILER L P, PHILLIPS C, GAYLOR T. A graphbased networkvulnerability analysis system [J]. Sandia National Laboratories Albuquerque New, 1970: 973010.
[5] YAMANE S, NAKAMURA K. Modelchecking method based on binary decision diagram for realtime systems [J]. Technical Report of Ieice, 1997, 96: 18.
[6] OROJLOO H, AZGOMI M A. A method for modeling and evaluation of the security of cyberphysical systems [C]∥ 11th International ISC Conference on Information Security and Cryptology. Tehran: IEEE, 2014: 131-136.
[7] BINDA L, MOLINA C. Building materials durability: semimarkov approach [J]. Journal of Materials in Civil Engineering, 2014, 2(4):223-239.
[8] RASS S, SCHARTNER P. A unified framework for the analysis of availability, reliability and security, with applications to quantum networks [J]. IEEE Transactions on Systems Man and Cybernetics Part C Applications and Reviews, 2011, 41(1):107-119.
[9] ASHOK A, HAHN A, GOVINDARARASU M. Cyberphysical security of widearea monitoring, protection and control in a smart grid environment [J]. Journal of Advanced Research, 2014, 5(4):481-489.
[10] KEARNS M, LITTMAN M L, SINGH S. Graphical mjodels for game theory [J]. Uai, 2013: 253-260.
[11] YU JX, MAO A J, GUO Z Z. Vulnerability assessment of cyber security in power industry [C]∥ IEEE PES Power Systems Conference and Exposition. Piscataway: IEEE, 2006: 2200-2205.
[12] PIGGIN R S H. Development of industrial cyber security standards: IEC 62443 for SCADA and Industrial Control System security [C]∥ Conference on Control and Automation: Uniting Problems and Solutions. Birmingham: IET, 2013: 16.
[13] YOUNES M, KHERFANE R L. A new hybrid method for mulitiobjective economic power/emission dispatch in wind energy baased power system \[J\]. International Journal of System Assurance Engineering and Managament. 2014,5(4): 577-590.
[14] HUANG X, ZHANG T, MA Y, et al. Reinforced protection design forr replay attack of intelligent substation GOOSE/SMV Based on IEC62351 [C]∥ International Conference on Chemical, Material and Food Engineering. Kunming: Atlantis Press, 2015: 49-55.
[15] KHALILI A, SAMI A, AZIMI M, et al. Employing secure coding practices into industrial applications: a case study [J]. Empirical Software Engineering, 2016,21(1):1-13.
[16] HOLME P. Epidemiologically optimal static networks from temporal network data [J]. Plos Computational Biology, 2013, 9(7):3529-3546.
[17] DORON K W, BASSETT D S, GAZZANIGA M S. Dynamic network structure of interhemispheric coordination [J]. Proceedings of the National Academy of Sciences, 2012, 109(46): 18661-18668.
[18] PERELMAN L, AMIN S. A network interdiction model for analyzing the vulnerability of water distribution systems [C]∥ Proceedings of the 3rd international conference on High confidence networked systems. Berlin: ACM, 2014: 135-144.
[19] LATORA V, MARCHIORI M. Efficient behavior of smallworld networks [J]. Physical review letters, 2001, 87(19): 198701.
[20] BLANCKAERT K, VRIEND H J. Nonlinear modeling of mean flow redistribution in curved open channels [J]. Water Resources Research, 2003, 39(12):21-26.
[21] RICHARD L, MARIA P, RICHARD S. Identifying critical infrastructure: the median and covering facility interdiction problems [J]. Annals of the Association of American Geographers, 2004, 94(3):491-502.
[22] NAGURNEY A, QIANG Q. A network efficiency measure with application to critical infrastructure networks [J]. Journal of Global Optimization, 2008, 40(13):261-275.
[23] JIA L, THOMAS R J, TONG L. Malicious data attack on realtime electricity market [C]∥ 2011 IEEE International Conference on Acoustics, Speech and Signal Processing. Prague: IEEE, 2011: 5952-5955.
[24] MA C Y T, YAU D K Y, LOU X, et al. Markov game analysis for attackdefense of power networks under possible misinformation [J]. IEEE Transactions on Power Systems, 2013,28(2): 1676-1686.
[25] LIU Y, SHAO C H, YAN C Z, et al. Dynamic game theory with incomplete information in opinion dynamic [J]. Journal of Convergence Information Technology, 2012, 7(1):297-306.
[26] 徐漪楠, 朱荣旭. 从上海电力网络试论大城市供电网络的若干基本原则[J]. 华东电力, 1981, 12: 002.
XU Yinan, ZHU Rongxu. Some basic principles of power network based on Shanghai power network [J]. East China Power, 1981, 12: 002.
