While networked systems are becoming increasingly critical to the operations and efficiency of Industrial Control Systems (ICS), such as in Columbia Class Hull Mechanical and Electrical Systems, they also make the ICS systems susceptible to cyber physical attacks that could impact system performance or have catastrophic consequences. Software modeling of the ICS and associated processes and operations provides an easy-to-use and efficient method to assess the cyber resilience of the Cyber Physical System (CPS) infrastructure and to identify and mitigate risks in a cost-efficient manner. SCALABLE proposes to develop an ICS resiliency modeling tool called Intelligent Software CPS Resiliency Evaluation and Mitigation (iSCream). iSCream is being developed to efficiently model existing CPS systems-of-systems including technology, processes, cyber attacks and their impact. iSCream will model the configuration, topology, traffic load and dynamics of military ICS at sufficient fidelity to accurately reproduce the behavior of the physical system. These software models will be scalable to a large number of network and infrastructure devices and real-word application traffic. iSCreams comprehensive device and cyber physical model library, ability to integrate with live software/hardware components and live operators will provide the means to efficiently assess realistic operational scenarios.
Benefit: There are numerous commercial ICS systems being used across all branches of the armed forces and commercial industry, but the few tools that are available for their cyber resilience analysis are cumbersome or expensive to use. The technology developed under this effort will provide a way to improve the resilience of industrial control systems (ICSs) while reducing procurement and sustainment costs of unnecessary cybersecurity technical initiatives. The system will log and measure cyber-attack progression, defensive actions, and evolving cyber-physical system states, enabling assessment of the individual contributions of each defensive strategy and tactic to overall system resiliency. By using iSCream, the system-of-system resiliency can be safely, realistically, and rapidly evaluated in the face of cyberspace attacks and configurable combinations of technical, procedural, and human operator defenses. In addition to Navy cyber-physical systems, iSCream can be used to assess cyber resilience of ICS systems, e.g., factory automation, power grid control, and chemical process control. As ICS systems have been increasingly integrated into complex networks, including the Internet, cybersecurity assessment to aid protect networks is of huge importance to the Department of Homeland Security and private enterprises as well. The proposed iSCream will be developed such that it is adaptable to ICS systems and will be used to investigate the corresponding cybersecurity issues.
Keywords: Industrial Control Systems, Industrial Control Systems, Resilience, Critical Infrastructure, Cybersecurity Defense-in-depth, high-fidelity simulation models, Scalability, System of Systems, Cyber physical systems
