Cybersecurity Evaluation Framework for Industrial Control Systems

Evaluating the cybersecurity of a complex Industrial Control Systems (ICS), such as the Railway Transportation System (RTS), against a variety of cyber threats is a significantly hard and multi-faceted problem. To address this problem: (1) a semantically correct model-driven tool is needed for engineering of the ICS; (2) the cyber threat models must also be formally defined and the associated risks to the ICS and potential mitigation actions must be thoroughly analyzed; (3) assumptions about the ICS, its environment, and the adversary must be explicitly specified; (4) operational metrics suitable for analyzing operational impact of cyber threats must be identified and formally defined; (5) realistic data must be used for the quantitative cybersecurity evaluation; and (6) methods are needed that enable the ICS design and analysis tool to exchange relevant information with the risk assessment and mitigation tool. This project will develop a comprehensive tool-suite that aims to provide: (a) a model-based "networked" co-simulation/emulation platform for the railway infrastructure; (2) hardware-in-the-loop simulation; (3) a Risk Analysis Framework (RAF) that enables prioritization of vulnerabilities to secure against and evaluation of risk mitigation workflows against adversarial attack plans; and (4) an integration architecture for symbiotically combining and using the simulation framework with the risk analysis framework.


The project has been successfully transitioned to the Communications Technology Laboratory (CTL) within the US National Institute of Standards and Technology (NIST).

National Institute of Standards and Technology
Lead PI
Himanshu Neema
Xenofon Koutsoukos