Taxonomy-Driven Graph-Theoretic Framework for Manufacturing Cybersecurity Risk Modeling and Assessment

Habibor Rahman; Erfan Yazdandoost Hamedani; Young Jun Son; Mohammed Shafae

doi:10.1115/1.4063729

Taxonomy-Driven Graph-Theoretic Framework for Manufacturing Cybersecurity Risk Modeling and Assessment

Habibor Rahman, Erfan Yazdandoost Hamedani, Young Jun Son, Mohammed Shafae

Systems and Industrial Engineering

Research output: Contribution to journal › Article › peer-review

3 Scopus citations

Abstract

Identifying, analyzing, and evaluating cybersecurity risks are essential to devise effective decision-making strategies to secure critical manufacturing against potential cyberattacks. However, a manufacturing-specific quantitative approach is lacking to effectively model threat events and evaluate the unique cybersecurity risks in discrete manufacturing systems. In response, this paper introduces the first taxonomy-driven graph-theoretic model and framework to formally represent this unique cybersecurity threat landscape and identify vulnerable manufacturing assets requiring prioritized control. First, the proposed framework characterizes threat actors’ techniques, tactics, and procedures using taxonomical classifications of manufacturing-specific threat attributes and integrates these attributes into cybersecurity risk modeling. This facilitates the systematic generation of comprehensive and generalizable cyber-physical attack graphs for discrete manufacturing systems. Second, using the attack graph formalism, the proposed framework enables concurrent modeling and analysis of a wide variety of cybersecurity threats comprising varying attack vectors, locations, vulnerabilities, and consequences. The risk model captures the cascading attack impact of varying attack methods through different cyber and physical entities in manufacturing systems, leading to specific consequences. Then, the constructed cyber-physical attack graphs are analyzed to comprehend threat propagation through the discrete manufacturing value chain and identify potential attack paths. Third, a quantitative risk assessment approach is presented to evaluate the cybersecurity risk associated with potential attack paths. It also identifies the attack path with the maximum likelihood of success, pointing out critical manufacturing assets requiring prioritized control. Finally, the proposed risk modeling and assessment framework is demonstrated using an illustrative example.

Original language	English (US)
Article number	071003
Journal	Journal of Computing and Information Science in Engineering
Volume	24
Issue number	7
DOIs	https://doi.org/10.1115/1.4063729
State	Published - Jul 1 2024

Keywords

attack graph
cyber-physical security for factories
cyber-physical system design and operation
cyberattacks
cybermanufacturing
cybersecurity
graph-theoretic methods
industrial internet of things
industry 4.0
manufacturing automation
risk assessment
risk modeling
smart manufacturing

ASJC Scopus subject areas

Software
Computer Science Applications
Computer Graphics and Computer-Aided Design
Industrial and Manufacturing Engineering

Access to Document

10.1115/1.4063729

Cite this

@article{f2ed5b7155f44cd590fa01225693b74b,

title = "Taxonomy-Driven Graph-Theoretic Framework for Manufacturing Cybersecurity Risk Modeling and Assessment",

abstract = "Identifying, analyzing, and evaluating cybersecurity risks are essential to devise effective decision-making strategies to secure critical manufacturing against potential cyberattacks. However, a manufacturing-specific quantitative approach is lacking to effectively model threat events and evaluate the unique cybersecurity risks in discrete manufacturing systems. In response, this paper introduces the first taxonomy-driven graph-theoretic model and framework to formally represent this unique cybersecurity threat landscape and identify vulnerable manufacturing assets requiring prioritized control. First, the proposed framework characterizes threat actors{\textquoteright} techniques, tactics, and procedures using taxonomical classifications of manufacturing-specific threat attributes and integrates these attributes into cybersecurity risk modeling. This facilitates the systematic generation of comprehensive and generalizable cyber-physical attack graphs for discrete manufacturing systems. Second, using the attack graph formalism, the proposed framework enables concurrent modeling and analysis of a wide variety of cybersecurity threats comprising varying attack vectors, locations, vulnerabilities, and consequences. The risk model captures the cascading attack impact of varying attack methods through different cyber and physical entities in manufacturing systems, leading to specific consequences. Then, the constructed cyber-physical attack graphs are analyzed to comprehend threat propagation through the discrete manufacturing value chain and identify potential attack paths. Third, a quantitative risk assessment approach is presented to evaluate the cybersecurity risk associated with potential attack paths. It also identifies the attack path with the maximum likelihood of success, pointing out critical manufacturing assets requiring prioritized control. Finally, the proposed risk modeling and assessment framework is demonstrated using an illustrative example.",

keywords = "attack graph, cyber-physical security for factories, cyber-physical system design and operation, cyberattacks, cybermanufacturing, cybersecurity, graph-theoretic methods, industrial internet of things, industry 4.0, manufacturing automation, risk assessment, risk modeling, smart manufacturing",

author = "Habibor Rahman and Hamedani, {Erfan Yazdandoost} and Son, {Young Jun} and Mohammed Shafae",

note = "Publisher Copyright: Copyright {\textcopyright} 2024 by ASME.",

year = "2024",

month = jul,

day = "1",

doi = "10.1115/1.4063729",

language = "English (US)",

volume = "24",

journal = "Journal of Computing and Information Science in Engineering",

issn = "1530-9827",

publisher = "The American Society of Mechanical Engineers(ASME)",

number = "7",

}

TY - JOUR

T1 - Taxonomy-Driven Graph-Theoretic Framework for Manufacturing Cybersecurity Risk Modeling and Assessment

AU - Rahman, Habibor

AU - Hamedani, Erfan Yazdandoost

AU - Son, Young Jun

AU - Shafae, Mohammed

PY - 2024/7/1

Y1 - 2024/7/1

N2 - Identifying, analyzing, and evaluating cybersecurity risks are essential to devise effective decision-making strategies to secure critical manufacturing against potential cyberattacks. However, a manufacturing-specific quantitative approach is lacking to effectively model threat events and evaluate the unique cybersecurity risks in discrete manufacturing systems. In response, this paper introduces the first taxonomy-driven graph-theoretic model and framework to formally represent this unique cybersecurity threat landscape and identify vulnerable manufacturing assets requiring prioritized control. First, the proposed framework characterizes threat actors’ techniques, tactics, and procedures using taxonomical classifications of manufacturing-specific threat attributes and integrates these attributes into cybersecurity risk modeling. This facilitates the systematic generation of comprehensive and generalizable cyber-physical attack graphs for discrete manufacturing systems. Second, using the attack graph formalism, the proposed framework enables concurrent modeling and analysis of a wide variety of cybersecurity threats comprising varying attack vectors, locations, vulnerabilities, and consequences. The risk model captures the cascading attack impact of varying attack methods through different cyber and physical entities in manufacturing systems, leading to specific consequences. Then, the constructed cyber-physical attack graphs are analyzed to comprehend threat propagation through the discrete manufacturing value chain and identify potential attack paths. Third, a quantitative risk assessment approach is presented to evaluate the cybersecurity risk associated with potential attack paths. It also identifies the attack path with the maximum likelihood of success, pointing out critical manufacturing assets requiring prioritized control. Finally, the proposed risk modeling and assessment framework is demonstrated using an illustrative example.

AB - Identifying, analyzing, and evaluating cybersecurity risks are essential to devise effective decision-making strategies to secure critical manufacturing against potential cyberattacks. However, a manufacturing-specific quantitative approach is lacking to effectively model threat events and evaluate the unique cybersecurity risks in discrete manufacturing systems. In response, this paper introduces the first taxonomy-driven graph-theoretic model and framework to formally represent this unique cybersecurity threat landscape and identify vulnerable manufacturing assets requiring prioritized control. First, the proposed framework characterizes threat actors’ techniques, tactics, and procedures using taxonomical classifications of manufacturing-specific threat attributes and integrates these attributes into cybersecurity risk modeling. This facilitates the systematic generation of comprehensive and generalizable cyber-physical attack graphs for discrete manufacturing systems. Second, using the attack graph formalism, the proposed framework enables concurrent modeling and analysis of a wide variety of cybersecurity threats comprising varying attack vectors, locations, vulnerabilities, and consequences. The risk model captures the cascading attack impact of varying attack methods through different cyber and physical entities in manufacturing systems, leading to specific consequences. Then, the constructed cyber-physical attack graphs are analyzed to comprehend threat propagation through the discrete manufacturing value chain and identify potential attack paths. Third, a quantitative risk assessment approach is presented to evaluate the cybersecurity risk associated with potential attack paths. It also identifies the attack path with the maximum likelihood of success, pointing out critical manufacturing assets requiring prioritized control. Finally, the proposed risk modeling and assessment framework is demonstrated using an illustrative example.

KW - attack graph

KW - cyber-physical security for factories

KW - cyber-physical system design and operation

KW - cyberattacks

KW - cybermanufacturing

KW - cybersecurity

KW - graph-theoretic methods

KW - industrial internet of things

KW - industry 4.0

KW - manufacturing automation

KW - risk assessment

KW - risk modeling

KW - smart manufacturing

UR - http://www.scopus.com/inward/record.url?scp=85186122746&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85186122746&partnerID=8YFLogxK

U2 - 10.1115/1.4063729

DO - 10.1115/1.4063729

M3 - Article

AN - SCOPUS:85186122746

SN - 1530-9827

VL - 24

JO - Journal of Computing and Information Science in Engineering

JF - Journal of Computing and Information Science in Engineering

IS - 7

M1 - 071003

ER -

Taxonomy-Driven Graph-Theoretic Framework for Manufacturing Cybersecurity Risk Modeling and Assessment

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this