Johns Hopkins University Applied Physics Laboratory, Laurel, MD, USA.
A Comprehensive Network Security Risk Model for Process Control Networks
Article first published online: 24 OCT 2008
© 2008 Society for Risk Analysis
Volume 29, Issue 2, pages 223–248, February 2009
How to Cite
Henry, M. H. and Haimes, Y. Y. (2009), A Comprehensive Network Security Risk Model for Process Control Networks. Risk Analysis, 29: 223–248. doi: 10.1111/j.1539-6924.2008.01151.x
- Issue published online: 23 JAN 2009
- Article first published online: 24 OCT 2008
- Cyber attack modeling;
- network security;
- risk assessment
The risk of cyber attacks on process control networks (PCN) is receiving significant attention due to the potentially catastrophic extent to which PCN failures can damage the infrastructures and commodity flows that they support. Risk management addresses the coupled problems of (1) reducing the likelihood that cyber attacks would succeed in disrupting PCN operation and (2) reducing the severity of consequences in the event of PCN failure or manipulation. The Network Security Risk Model (NSRM) developed in this article provides a means of evaluating the efficacy of candidate risk management policies by modeling the baseline risk and assessing expectations of risk after the implementation of candidate measures. Where existing risk models fall short of providing adequate insight into the efficacy of candidate risk management policies due to shortcomings in their structure or formulation, the NSRM provides model structure and an associated modeling methodology that captures the relevant dynamics of cyber attacks on PCN for risk analysis. This article develops the NSRM in detail in the context of an illustrative example.