Modeling the Stuxnet attack with BDMP: Towards more formal risk assessments

Author

Kriaa, S. ; Bouissou, M. ; Pietre-Cambacedes, L.

Author_Institution

Grenoble Inst. of Technol., Grenoble, France

fYear

2012

fDate

10-12 Oct. 2012

Firstpage

1

Lastpage

8

Abstract

Attack modeling has recently been adopted by security analysts as a useful tool in risk assessment of cyber-physical systems. We propose in this paper to model the Stuxnet attack with BDMP (Boolean logic Driven Markov Processes) formalism and to show the advantages of such modeling. After a description of the architecture targeted by Stuxnet, we explain the steps of the attack and model them formally with a BDMP. Based on estimated values of the success probabilities and rates of the elementary attack steps, we give a quantification of the main possible sequences leading to the physical destruction of the targeted industrial facility. This example completes a series of papers on BDMP applied to security by modeling a real case study. It highlights the advantages of BDMP compared to attack trees often used in security assessment.

Keywords

Boolean functions; Markov processes; computer crime; formal logic; probability; risk management; BDMP; Boolean logic driven Markov processes; Stuxnet attack; attack modeling; attack trees; cyber-physical systems; formal risk assessments; industrial facility; physical destruction; real case modeling; risk assessment; security analysts; security assessment; Logic gates; Malware; Process control; Risk management; SCADA systems; Servers; BDMP; Stuxnet; attack trees; cyber-physical systems; risk assessment; security modeling;

fLanguage

English

Publisher

ieee

Conference_Titel

Risk and Security of Internet and Systems (CRiSIS), 2012 7th International Conference on

Conference_Location

Cork

Print_ISBN

978-1-4673-3087-9

Electronic_ISBN

978-1-4673-3088-6

Type

conf

DOI

10.1109/CRISIS.2012.6378942

Filename

6378942