A Model-Based Safety-Security Risk Analysis Framework for Interconnected Critical Infrastructures

Abstract

Interconnected infrastructures are complex due to their temporal evolution, component dependencies and dynamic interdependencies, coupled with the presence of adversaries. Much research has focused on safety and security risk assessments of isolated infrastructures. However, extending these techniques to interconnected infrastructures is infeasible due to their complex interdependencies and the lack of generic modeling tools.This chapter presents a framework for modeling and analyzing interconnected infrastructures. The framework has a two layers. One is the higher modeling layer that expresses the functional dependencies of infrastructures, where each infrastructure is refined to capture component-level disruptions and is represented using a novel combination of dynamic reliability block diagrams and attack-fault trees. The other is the lower analysis layer based on stochastic timed automata that serves as a semantic framework for the higher layer. While the higher layer graphically represents complex dependencies and interdependencies, and temporal and cascading disruption scenarios, the lower analysis layer provides a rigorous foundation for investigating the relationships using formal verification, in particular, statistical model checking. The lower layer also provides a flexible means for incorporating quantitative system attributes such as probability, time and cost. The efficacy of the framework is demonstrated using a real disruption scenario involving interconnected electric power and industrial communications networks, where an analyst can identify weak links, evaluate alternative protection measures and make transparent decisions about risk management investments.