EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Model-Based Cybersecurity Analysis

Yuning Jiang (), Manfred Jeusfeld, Jianguo Ding and Elin Sandahl
Additional contact information
Yuning Jiang: Nanyang Technological University
Jianguo Ding: Blekinge Institute of Technology
Elin Sandahl: Norgald AB

Business & Information Systems Engineering: The International Journal of WIRTSCHAFTSINFORMATIK, 2023, vol. 65, issue 6, No 3, 643-676

Abstract: Abstract Critical infrastructure (CIs) such as power grids link a plethora of physical components from many different vendors to the software systems that control them. These systems are constantly threatened by sophisticated cyber attacks. The need to improve the cybersecurity of such CIs, through holistic system modeling and vulnerability analysis, cannot be overstated. This is challenging since a CI incorporates complex data from multiple interconnected physical and computation systems. Meanwhile, exploiting vulnerabilities in different information technology (IT) and operational technology (OT) systems leads to various cascading effects due to interconnections between systems. The paper investigates the use of a comprehensive taxonomy to model such interconnections and the implied dependencies within complex CIs, bridging the knowledge gap between IT security and OT security. The complexity of CI dependence analysis is harnessed by partitioning complicated dependencies into cyber and cyber-physical functional dependencies. These defined functional dependencies further support cascade modeling for vulnerability severity assessment and identification of critical components in a complex system. On top of the proposed taxonomy, the paper further suggests power-grid reference models that enhance the reproducibility and applicability of the proposed method. The methodology followed was design science research (DSR) to support the designing and validation of the proposed artifacts. More specifically, the structural, functional adequacy, compatibility, and coverage characteristics of the proposed artifacts are evaluated through a three-fold validation (two case studies and expert interviews). The first study uses two instantiated power-grid models extracted from existing architectures and frameworks like the IEC 62351 series. The second study involves a real-world municipal power grid.

Keywords: Critical infrastructure; Domain-specific language; Cybersecurity; Power grids (search for similar items in EconPapers)
Date: 2023
References: Add references at CitEc
Citations:

Downloads: (external link)
http://link.springer.com/10.1007/s12599-023-00811-0 Abstract (text/html)
Access to the full text of the articles in this series is restricted.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:spr:binfse:v:65:y:2023:i:6:d:10.1007_s12599-023-00811-0

Ordering information: This journal article can be ordered from
http://www.springer.com/economics/journal/12599

DOI: 10.1007/s12599-023-00811-0

Access Statistics for this article

Business & Information Systems Engineering: The International Journal of WIRTSCHAFTSINFORMATIK is currently edited by Martin Bichler

More articles in Business & Information Systems Engineering: The International Journal of WIRTSCHAFTSINFORMATIK from Springer, Gesellschaft für Informatik e.V. (GI)
Bibliographic data for series maintained by Sonal Shukla () and Springer Nature Abstracting and Indexing ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-22
Handle: RePEc:spr:binfse:v:65:y:2023:i:6:d:10.1007_s12599-023-00811-0