IDEAS home Printed from https://ideas.repec.org/a/sae/intdis/v14y2018i6p1550147718779564.html
   My bibliography  Save this article

Extended multilevel flow model-based dynamic risk assessment for cybersecurity protection in industrial production systems

Author

Listed:
  • Qianxiang Zhu
  • Yuanqing Qin
  • Chunjie Zhou
  • Weiwei Gao

Abstract

Cybersecurity protection becomes an essential requirement for industrial production systems, while industrial production systems are moving from isolation to interconnection with the development of information and communication technology. Dynamic risk assessment plays an important role in cybersecurity protection, providing the real-time security situation to the industrial production systems managers. Currently, few researches in this domain focus on the physical process of industrial production systems, let alone considering the combination of attack propagation in cyber space and the abnormal events happening in physical space for risk assessment. In this article, an extended multilevel flow model-based dynamic risk assessment approach for industrial production systems is proposed, where the extended multilevel flow model models the production process graphically and describes the relationships among devices, functions, and flows quantitatively. Based on the extended multilevel flow model of industrial production systems, a Bayesian network is built to analyze the attack propagation over time, and the consequences of cyber attack in production process are assessed quantitatively. Some simulations on a chemical process system are carried out to verify the effectiveness of the proposed approach. The results demonstrate that this approach can assess the dynamic cybersecurity risk of industrial production systems in a quantitative way.

Suggested Citation

  • Qianxiang Zhu & Yuanqing Qin & Chunjie Zhou & Weiwei Gao, 2018. "Extended multilevel flow model-based dynamic risk assessment for cybersecurity protection in industrial production systems," International Journal of Distributed Sensor Networks, , vol. 14(6), pages 15501477187, June.
    • Handle: RePEc:sae:intdis:v:14:y:2018:i:6:p:1550147718779564
    DOI: 10.1177/1550147718779564
    as

    Download full text from publisher

    File URL: https://journals.sagepub.com/doi/10.1177/1550147718779564
    Download Restriction: no
    File URL: https://libkey.io/10.1177/1550147718779564?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    References listed on IDEAS

    as
    1. Genge, Béla & Kiss, István & Haller, Piroska, 2015. "A system dynamics approach for assessing the impact of cyber attacks on critical infrastructures," International Journal of Critical Infrastructure Protection, Elsevier, vol. 10(C), pages 3-17.
    2. Emmanuel Garbolino & Jean‐Pierre Chery & Franck Guarnieri, 2016. "A Simplified Approach to Risk Assessment Based on System Dynamics: An Industrial Case Study," Risk Analysis, John Wiley & Sons, vol. 36(1), pages 16-29, January.
    3. Stanley Kaplan & B. John Garrick, 1981. "On The Quantitative Definition of Risk," Risk Analysis, John Wiley & Sons, vol. 1(1), pages 11-27, March.
    4. Matthew H. Henry & Yacov Y. Haimes, 2009. "A Comprehensive Network Security Risk Model for Process Control Networks," Risk Analysis, John Wiley & Sons, vol. 29(2), pages 223-248, February.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Pavlos Cheimonidis & Konstantinos Rantos, 2023. "Dynamic Risk Assessment in Cybersecurity: A Systematic Literature Review," Future Internet, MDPI, vol. 15(10), pages 1-25, September.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Alexander A. Ganin & Phuoc Quach & Mahesh Panwar & Zachary A. Collier & Jeffrey M. Keisler & Dayton Marchese & Igor Linkov, 2020. "Multicriteria Decision Framework for Cybersecurity Risk Assessment and Management," Risk Analysis, John Wiley & Sons, vol. 40(1), pages 183-199, January.
    2. Tzu Yang Loh & Mario P. Brito & Neil Bose & Jingjing Xu & Kiril Tenekedjiev, 2020. "Fuzzy System Dynamics Risk Analysis (FuSDRA) of Autonomous Underwater Vehicle Operations in the Antarctic," Risk Analysis, John Wiley & Sons, vol. 40(4), pages 818-841, April.
    3. Gundula Glowka & Andreas Kallmünzer & Anita Zehrer, 2021. "Enterprise risk management in small and medium family enterprises: the role of family involvement and CEO tenure," International Entrepreneurship and Management Journal, Springer, vol. 17(3), pages 1213-1231, September.
    4. Benischke, Mirko H. & Guldiken, Orhun & Doh, Jonathan P. & Martin, Geoffrey & Zhang, Yanze, 2022. "Towards a behavioral theory of MNC response to political risk and uncertainty: The role of CEO wealth at risk," Journal of World Business, Elsevier, vol. 57(1).
    5. S. Cucurachi & E. Borgonovo & R. Heijungs, 2016. "A Protocol for the Global Sensitivity Analysis of Impact Assessment Models in Life Cycle Assessment," Risk Analysis, John Wiley & Sons, vol. 36(2), pages 357-377, February.
    6. K. Karthikeyan & S. Bharath & K. Ranjith Kumar, 2012. "An Empirical Study on Investors’ Perception towards Mutual Fund Products through Banks with Reference to Tiruchirapalli City, Tamil Nadu," Vision, , vol. 16(2), pages 101-108, June.
    7. Nicola Paltrinieri & Nicolas Dechy & Ernesto Salzano & Mike Wardman & Valerio Cozzani, 2012. "Lessons Learned from Toulouse and Buncefield Disasters: From Risk Analysis Failures to the Identification of Atypical Scenarios Through a Better Knowledge Management," Risk Analysis, John Wiley & Sons, vol. 32(8), pages 1404-1419, August.
    8. Louis Anthony (Tony) Cox, Jr., 2012. "Community Resilience and Decision Theory Challenges for Catastrophic Events," Risk Analysis, John Wiley & Sons, vol. 32(11), pages 1919-1934, November.
    9. Chen, Fuzhong & Hsu, Chien-Lung & Lin, Arthur J. & Li, Haifeng, 2020. "Holding risky financial assets and subjective wellbeing: Empirical evidence from China," The North American Journal of Economics and Finance, Elsevier, vol. 54(C).
    10. Niël Almero Krüger & Natanya Meyer, 2021. "The Development of a Small and Medium-Sized Business Risk Management Intervention Tool," JRFM, MDPI, vol. 14(7), pages 1-14, July.
    11. Hayes, Darren R. & Cappa, Francesco, 2018. "Open-source intelligence for risk assessment," Business Horizons, Elsevier, vol. 61(5), pages 689-697.
    12. James H. Lambert & Rachel K. Jennings & Nilesh N. Joshi, 2006. "Integration of risk identification with business process models," Systems Engineering, John Wiley & Sons, vol. 9(3), pages 187-198, September.
    13. Johnson, Caroline A. & Flage, Roger & Guikema, Seth D., 2021. "Feasibility study of PRA for critical infrastructure risk analysis," Reliability Engineering and System Safety, Elsevier, vol. 212(C).
    14. Kasai, Naoya & Matsuhashi, Shigemi & Sekine, Kazuyoshi, 2013. "Accident occurrence model for the risk analysis of industrialfacilities," Reliability Engineering and System Safety, Elsevier, vol. 114(C), pages 71-74.
    15. Siwar Kriaa & Marc Bouissou & Youssef Laarouchi, 2019. "A new safety and security risk analysis framework for industrial control systems," Journal of Risk and Reliability, , vol. 233(2), pages 151-174, April.
    16. J. C. Helton & F. J. Davis, 2002. "Illustration of Sampling‐Based Methods for Uncertainty and Sensitivity Analysis," Risk Analysis, John Wiley & Sons, vol. 22(3), pages 591-622, June.
    17. Michael Greenberg & Paul Lioy & Birnur Ozbas & Nancy Mantell & Sastry Isukapalli & Michael Lahr & Tayfur Altiok & Joseph Bober & Clifton Lacy & Karen Lowrie & Henry Mayer & Jennifer Rovito, 2013. "Passenger Rail Security, Planning, and Resilience: Application of Network, Plume, and Economic Simulation Models as Decision Support Tools," Risk Analysis, John Wiley & Sons, vol. 33(11), pages 1969-1986, November.
    18. Sahar AlMashaqbeh & Jose Eduardo Munive-Hernandez, 2023. "Risk Analysis under a Circular Economy Context Using a Systems Thinking Approach," Sustainability, MDPI, vol. 15(5), pages 1-17, February.
    19. González, Santiago G. & Dormido Canto, S. & Sánchez Moreno, José, 2020. "Obtaining high preventive and resilience capacities in critical infrastructure by industrial automation cells," International Journal of Critical Infrastructure Protection, Elsevier, vol. 29(C).
    20. Felipe Aguirre & Mohamed Sallak & Walter Schön & Fabien Belmonte, 2013. "Application of evidential networks in quantitative analysis of railway accidents," Journal of Risk and Reliability, , vol. 227(4), pages 368-384, August.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:sae:intdis:v:14:y:2018:i:6:p:1550147718779564. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: SAGE Publications (email available below). General contact details of provider: .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.