IDEAS home Printed from https://ideas.repec.org/a/eee/reensy/v134y2015icp208-217.html
   My bibliography  Save this article

Development of a cyber security risk model using Bayesian networks

Author

Listed:
  • Shin, Jinsoo
  • Son, Hanseong
  • Khalil ur, Rahman
  • Heo, Gyunyoung

Abstract

Cyber security is an emerging safety issue in the nuclear industry, especially in the instrumentation and control (I&C) field. To address the cyber security issue systematically, a model that can be used for cyber security evaluation is required. In this work, a cyber security risk model based on a Bayesian network is suggested for evaluating cyber security for nuclear facilities in an integrated manner. The suggested model enables the evaluation of both the procedural and technical aspects of cyber security, which are related to compliance with regulatory guides and system architectures, respectively. The activity-quality analysis model was developed to evaluate how well people and/or organizations comply with the regulatory guidance associated with cyber security. The architecture analysis model was created to evaluate vulnerabilities and mitigation measures with respect to their effect on cyber security. The two models are integrated into a single model, which is called the cyber security risk model, so that cyber security can be evaluated from procedural and technical viewpoints at the same time. The model was applied to evaluate the cyber security risk of the reactor protection system (RPS) of a research reactor and to demonstrate its usefulness and feasibility.

Suggested Citation

  • Shin, Jinsoo & Son, Hanseong & Khalil ur, Rahman & Heo, Gyunyoung, 2015. "Development of a cyber security risk model using Bayesian networks," Reliability Engineering and System Safety, Elsevier, vol. 134(C), pages 208-217.
    • Handle: RePEc:eee:reensy:v:134:y:2015:i:c:p:208-217
    DOI: 10.1016/j.ress.2014.10.006
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0951832014002464
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ress.2014.10.006?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Lorena Isabel Barona López & Ángel Leonardo Valdivieso Caraguay & Jorge Maestre Vidal & Marco Antonio Sotelo Monge & Luis Javier García Villalba, 2017. "Towards Incidence Management in 5G Based on Situational Awareness," Future Internet, MDPI, vol. 9(1), pages 1-14, January.
    2. Tao, Tao & Zio, Enrico & Zhao, Wei, 2018. "A novel support vector regression method for online reliability prediction under multi-state varying operating conditions," Reliability Engineering and System Safety, Elsevier, vol. 177(C), pages 35-49.
    3. Paolo Giudici & Emanuela Raffinetti, 2021. "Cyber risk ordering with rank-based statistical models," AStA Advances in Statistical Analysis, Springer;German Statistical Society, vol. 105(3), pages 469-484, September.
    4. Konstantinos Ntafloukas & Liliana Pasquale & Beatriz Martinez-Pastor & Daniel P. McCrum, 2023. "A Vulnerability Assessment Approach for Transportation Networks Subjected to Cyber–Physical Attacks," Future Internet, MDPI, vol. 15(3), pages 1-23, February.
    5. Liu, Jie & Zio, Enrico, 2017. "System dynamic reliability assessment and failure prognostics," Reliability Engineering and System Safety, Elsevier, vol. 160(C), pages 21-36.
    6. Henriques de Gusmão, Ana Paula & Mendonça Silva, Maisa & Poleto, Thiago & Camara e Silva, Lúcio & Cabral Seixas Costa, Ana Paula, 2018. "Cybersecurity risk analysis model using fault tree analysis and fuzzy decision theory," International Journal of Information Management, Elsevier, vol. 43(C), pages 248-260.
    7. Monzer, Mohamad-Houssein & Beydoun, Kamal & Ghaith, Alaa & Flaus, Jean-Marie, 2022. "Model-based IDS design for ICSs," Reliability Engineering and System Safety, Elsevier, vol. 225(C).
    8. Dipankar Dasgupta & Zahid Akhtar & Sajib Sen, 2022. "Machine learning in cybersecurity: a comprehensive survey," The Journal of Defense Modeling and Simulation, , vol. 19(1), pages 57-106, January.
    9. Kim, Hee Eun & Son, Han Seong & Kim, Jonghyun & Kang, Hyun Gook, 2017. "Systematic development of scenarios caused by cyber-attack-induced human errors in nuclear power plants," Reliability Engineering and System Safety, Elsevier, vol. 167(C), pages 290-301.
    10. Zio, E., 2018. "The future of risk assessment," Reliability Engineering and System Safety, Elsevier, vol. 177(C), pages 176-190.
    11. Christoph Werner & Tim Bedford & John Quigley, 2018. "Sequential Refined Partitioning for Probabilistic Dependence Assessment," Risk Analysis, John Wiley & Sons, vol. 38(12), pages 2683-2702, December.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:reensy:v:134:y:2015:i:c:p:208-217. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/reliability-engineering-and-system-safety .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.