On the Identification and Analysis of Previously Unknown Linkages in Critical Infrastructure Systems
On the Identification and Analysis of Previously Unknown Linkages in Critical Infrastructure Systems
Monday, December 5, 201611:30 AM - 1:00 PM (Pacific)
Encina Hall, 2nd floor
Abstract: Critical infrastructure systems including manufacturing facilities, ports, transportation systems, communications networks, and energy and water distribution systems often consist of many interacting components linked in complex ways. This can lead to unforeseen interactions among components that may not be expected or intended by the designers and operators of the system. These interactions constitute linkages within a system of which designers are generally unaware, and that therefore constitute a security vulnerability. In this talk, I will present and discuss a formal approach for identifying and analyzing the existence and severity of security vulnerabilities resulting from these previously unknown linkages (so-called implicit interactions) in critical infrastructure systems. The presence of these implicit interactions in a system can indicate unforeseen flaws that, if not mitigated, could be exploited by an attacker. This can have severe consequences in terms of the safety, security, and reliability of the system. Therefore, this notion of implicit interactions must be carefully managed in order to have systems that operate as intended, and that are resistant to cyber-attacks and failures.