Behavior-based critical cyber asset identification in Process Control Systems under Cyber Attacks

The accelerated advancement of Process Control Systems (PCS) transformed the traditional and completely isolated systems view into a networked inter-connected “system of systems” perspective, where off-the-shelf Information and Communication Technologies (ICT) are deeply embedded into the heart of PCS. This has brought significant economical and operational benefits, but it also provided new opportunities for malicious actors targeting critical PCS. To address these challenges, in this work we employ our previously developed Cyber Attack Impact Assessment (CAIA) technique to provide a systematic mechanism to help PCS designers and industry operators to assess the impact severity of various cyber threats. Moreover, the question of why a device is more critical than others, and also the motivation of this work, are answered through extensive numerical results showing the significance of systems dynamics in the context of closed-loop PCS. The CAIA approach is validated against the simulated Tennessee Eastman chemical process, including 41 observed variables and 12 control variables, involved in cascade controller structures. The results show the application possibilities and effectiveness of CAIA for various attack scenarios.