Skip to main content
SpringerLink
Log in

Estimating Cascading Effects in Cyber-Physical Critical Infrastructures

  • Conference paper
  • First Online:
Book cover Critical Information Infrastructures Security (CRITIS 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11777))

Abstract

Nowadays, critical infrastructures operate a large number of highly interdependent, cyber-physical systems. Thus, incidents can have far-reaching cascading effects throughout the entire infrastructure, which need to be identified and estimated to realize a proper risk management. In this paper, we present a formal model to describe the propagation of a threat through the various physical and cyber assets within a critical infrastructure and the cascading effects this has on the entire infrastructure. We further show, how this model can be implemented into a prototypical tool, which allows to efficiently simulate the cascading effects of a given incident on the entire network of the infrastructure’s cyber-physical assets. The functionalities of the tool are demonstrated using a small demo set-up of a maritime port infrastructure. In this set-up, four incident scenarios both from the physical and cyber domain are simulated and the results are discussed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Online available at https://atlas.ait.ac.at/sauron.

References

  1. Bañuls, V.A., Turoff, M.: Scenario construction via delphi and cross-impact analysis. Technol. Forecast. Soc. Change 78(9), 1579–1602 (2011)

    Article  Google Scholar 

  2. BBC News: NHS cyber-attack: GPs and hospitals hit by ransomware (2017). http://www.bbc.com/news/health-39899646

  3. Bilis, E.I., Kroger, W., Nan, C.: Performance of electric power systems under physical malicious attacks. IEEE Syst. J. 7(4), 854–865 (2013)

    Article  Google Scholar 

  4. Burnap, P., Cherdantseva, Y., Blyth, A., Eden, P., Jones, K., Soulsby, H., Stoddart, K.: Determining and sharing risk data in distributed interdependent systems. IEEE Comput. 50(2), 72–79 (2017)

    Article  Google Scholar 

  5. Carreras, B.A., Newman, D.E., Gradney, P., Lynch, V.E., Dobson, I.: Interdependent risk in interacting infrastructure systems. In: 40th Annual Hawaii International Conference on System Sciences, 2007, HICSS 2007, pp. 112–112 (2007)

    Google Scholar 

  6. Cimpanu, C.: Maersk Reinstalled 45,000 PCs and 4,000 Servers to Recover From NotPetya Attack (2018). https://www.bleepingcomputer.com/news/security/maersk-reinstalled-45-000-pcs-and-4-000-servers-to-recover-from-notpetya-attack/

  7. Condliffe, J.: Ukraine’s power grid gets hacked again, a worrying sign for infrastructure attacks (2016). https://www.technologyreview.com/s/603262/ukraines-power-grid-gets-hacked-again-a-worrying-sign-for-infrastructure-attacks/

  8. E-ISAC: Analysis of the Cyber Attack on the Ukrainian Power Grid. Technical report, E-ISAC, Washington, USA (2016). https://ics.sans.org/media/E-ISAC_SANS_Ukraine_DUC_5.pdf

  9. Gordon, T., Hayward, H.: Initial experiments with the cross impact matrix method of forecasting. Futures 1(2), 100–116 (1968)

    Article  Google Scholar 

  10. Guo, H., Zheng, C., Iu, H.H.C., Fernando, T.: A critical review of cascading failure analysis and modeling of power system. Renew. Sustain. Energy Rev. 80, 9–22 (2017)

    Article  Google Scholar 

  11. Hasan, S., Foliente, G.: Modeling infrastructure system interdependencies and socioeconomic impacts of failure in extreme events: emerging R&D challenges. Nat. Hazards: J. Int. Soc. Prev. Mitig. Nat. Hazards 78(3), 2143–2168 (2015)

    Article  Google Scholar 

  12. Heinrich-Heine-Universität Düsseldorf: G*power: Statistical power analyses for windows and mac. http://www.psychologie.hhu.de/arbeitsgruppen/allgemeine-psychologie-und-arbeitspsychologie/gpower.html. Accessed 21 Aug 2019

  13. Koc, Y., Warnier, M., Kooij, R.E., Brazier, F.M.T.: A robustness metric for cascading failures by targeted attacks in power networks. In: 2013 10th IEEE International Conference on Networking, Sensing and Control (ICNSC). IEEE (2013)

    Google Scholar 

  14. König, S., Rass, S.: Investigating stochastic dependencies between critical infrastructures. Int. J. Adv. Syst. Meas. 11(3&4), 250–258 (2018)

    Google Scholar 

  15. König, S., Rass, S., Rainer, B., Schauer, S.: Hybrid dependencies between cyber and physical systems. In: Arai, K., Bhatia, R., Kapoor, S. (eds.) CompCom 2019. AISC, vol. 998, pp. 550–565. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-22868-2_40

    Chapter  Google Scholar 

  16. König, S., Schauer, S., Rass, S.: A stochastic framework for prediction of malware spreading in heterogeneous networks. In: Brumley, B.B., Röning, J. (eds.) NordSec 2016. LNCS, vol. 10014, pp. 67–81. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47560-8_5

    Chapter  Google Scholar 

  17. Kotzanikolaou, P., Theoharidou, M., Gritzalis, D.: Cascading effects of common-cause failures in critical infrastructures. In: Butts, J., Shenoi, S. (eds.) Critical Infrastructure Protection VII, pp. 171–182. Springer, Berlin Heidelberg, Berlin, Heidelberg (2013). https://doi.org/10.1007/978-3-642-45330-4_12

    Chapter  Google Scholar 

  18. Laprie, J.-C., Kanoun, K., Kaâniche, M.: Modelling interdependencies between the electricity and information infrastructures. In: Saglietti, F., Oster, N. (eds.) SAFECOMP 2007. LNCS, vol. 4680, pp. 54–67. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-75101-4_5

    Chapter  Google Scholar 

  19. Little, R.G.: Controlling cascading failure: understanding the vulnerabilities of interconnected infrastructures. J. Urban Technol. 9(1), 109–123 (2002)

    Article  Google Scholar 

  20. Luiijf, E., Nieuwenhuijs, A., Klaver, M., van Eeten, M., Cruz, E.: Empirical findings on critical infrastructure dependencies in Europe. In: Setola, R., Geretshuber, S. (eds.) CRITIS 2008. LNCS, vol. 5508, pp. 302–310. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03552-4_28

    Chapter  Google Scholar 

  21. McGee, S., Frittman, J., James Ahn, S., Murray, S.: Implications of cascading effects for the hyogo framework. Int. J. Disaster Resilience Built Environ. 7, 144–157 (2016)

    Article  Google Scholar 

  22. Ouyang, M.: Review on modeling and simulation of interdependent critical infrastructure systems. Reliab. Eng. Syst. Saf. 121, 43–60 (2014)

    Article  Google Scholar 

  23. Pagani, G.A., Aiello, M.: The power grid as a complex network: a survey. Phys. A: Stat. Mech. Appl. 392(11), 2688–2700 (2013)

    Article  MathSciNet  Google Scholar 

  24. Plummer, M., Best, N., Cowles, K., Vines, K.: Coda: Convergence diagnosis and output analysis for MCMC. R News 6(1), 7–11 (2006). https://journal.r-project.org/archive/

  25. PTI: New malware hits JNPT operations as APM Terminals hacked globally | The Indian Express (2017). http://indianexpress.com/article/india/cyber-attack-new-malware-hits-jnpt-ops-as-apm-terminals-hacked-globally-4725102/

  26. Qi, J., Dobson, I., Mei, S.: Towards estimating the statistics of simulated cascades of outages with branching processes. IEEE Trans. Power Syst. 28(3), 3410–3419 (2013)

    Article  Google Scholar 

  27. Rahnamay-Naeini, M., Hayat, M.M.: Cascading failures in interdependent infrastructures: an interdependent markov-chain approach. IEEE Trans. Smart Grid 7(4), 1997–2006 (2016)

    Article  Google Scholar 

  28. Rahnamay-Naeini, M., Wang, Z., Ghani, N., Mammoli, A., Hayat, M.M.: Stochastic analysis of cascading-failure dynamics in power grids. IEEE Trans. Power Syst. 29(4), 1767–1779 (2014)

    Article  Google Scholar 

  29. Schauer, S., Rainer, B., Museux, N., Faure, D., Hingant, J., Rodrigo, F.J.C., Beyer, S., Peris, R.C., Lopez, S.Z.: Conceptual Framework for Hybrid Situational Awareness in Critical Port Infrastructures. In: Luiijf, E., Zutautaite, I., Hämmerli, B.M. (eds.) Critical Information Infrastructures Security, pp. 191–203. Springer International Publishing, Lecture Notes in Computer Science (2019). https://doi.org/10.1007/978-3-030-05849-4_15

    Chapter  Google Scholar 

  30. Seppänen, H., Luokkala, P., Zhang, Z., Torkki, P., Virrantaus, K.: Critical infrastructure vulnerability—a method for identifying the infrastructure service failure interdependencies. IJCIP 22, 25–38 (2018)

    Google Scholar 

  31. Vasilevskaya, M., Nadjm-Tehrani, S.: Quantifying risks to data assets using formal metrics in embedded system design. In: Koornneef, F., van Gulijk, C. (eds.) SAFECOMP 2015. LNCS, vol. 9337, pp. 347–361. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24255-2_25

    Chapter  Google Scholar 

  32. Wang, Z., Scaglione, A., Thomas, R.J.: A Markov-transition model for cascading failures in power grids. In: 2012 45th Hawaii International Conference on System Sciences, IEEE (2012)

    Google Scholar 

  33. Wu, S.J., Chu, M.T.: Markov chains with memory, tensor formulation, and the dynamics of power iteration. Appl. Math. Comput. 303(C), 226–239 (2017)

    MathSciNet  MATH  Google Scholar 

Download references

Acknowledgement

This work was supported by the European Commission’s Project SAURON (Scalable multidimensional situation awareness solution for protecting European ports) under the HORIZON 2020 Framework (Grant No. 740477).

Author information

Authors and Affiliations

  1. AIT Austrian Institute of Technology GmbH, Vienna, Austria

    Stefan Schauer, Thomas Grafenauer, Sandra König & Manuel Warum

  2. Alpen-Adria-Universität Klagenfurt, Klagenfurt, Austria

    Stefan Rass

Authors
  1. Stefan Schauer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thomas Grafenauer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sandra König
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Manuel Warum
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Stefan Rass
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Stefan Schauer .

Editor information

Editors and Affiliations

  1. Linköping University, Linköping, Sweden

    Simin Nadjm-Tehrani

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Schauer, S., Grafenauer, T., König, S., Warum, M., Rass, S. (2020). Estimating Cascading Effects in Cyber-Physical Critical Infrastructures. In: Nadjm-Tehrani, S. (eds) Critical Information Infrastructures Security. CRITIS 2019. Lecture Notes in Computer Science(), vol 11777. Springer, Cham. https://doi.org/10.1007/978-3-030-37670-3_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-37670-3_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-37669-7

  • Online ISBN: 978-3-030-37670-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation