Quantifying availability in SCADA environments using the cyber ...

9th Cyber and Information Security Research Conference

Quantifying availability in SCADA environments using the cyber security metric MFC Anis Ben Aissa National Engineering School of Tunis ENIT [email protected]

Latifa Ben Arfa Rabai Higher Institute of Management ISG [email protected]

Robert K. Abercrombie, Frederick T. Sheldon Oak Ridge National Laboratory SIEMENS Industry US CS VS [email protected] [email protected]

Ali Mili College of Computing Sciences New Jersey Institute of Technology [email protected]

Outline

1 Introduction

2 Cybersecurity for SCADA systems

3 The Relationship between Availability and Mean Failure Cost 4 Cyber Econometric Availability (CEA) 5 Conclusion 1 …

Introduction Cybersecurity for SCADA systems The relationship between Availability and MFC Cyber Econometric Availability CEA Conclusion

Introduction

 SCADA systems are distributed Networks over large geographic areas.  Used in the management of critical infrastructures such as electricity, energy systems, water distribution, and oil production.  The architecture of SCADA systems is based on internet connection and wireless technologies that makes it more critical.

2 …

Introduction Cybersecurity for SCADA systems The relationship between Availability and MFC Cyber Econometric Availability CEA Conclusion

Cybersecurity for SCADA systems  Availability of SCADA systems has become a basic issue to assure the safety and the security.

 Availability + Confidentiality + integrity Security  Examples of SCADA security incidents :

 In 2006, an overload of network traffic cause a failure of a number of reactor recirculation pumps in the Browns Ferry nuclear plant in Alabama, US.  In 2009, Chinese and Russian spies have penetrated in the U.S electrical power grid, and have left disruptive software programs using network mapping tools 3 …

Introduction Cybersecurity for SCADA systems The relationship between Availability and MFC Cyber Econometric Availability CEA Conclusion

Classical Formula of Availability MFC a metric for Availability

The relationship between Availability and MFC

 Availability is a measure of the amount of time a system or component performs its specified function.

 For a single component, this can be computed by:

Availcomp 

MTTF MTTF  MTTR

 For a system is written as :

Availsys 

4 …

MTBF MTBF  MTTR

Introduction Cybersecurity for SCADA systems The relationship between Availability and MFC Cyber Econometric Availability CEA Conclusion

Classical Formula of Availability MFC a metric for Availability

 We noticed that the formula of availability has some downsides:  Independence of threats which have caused the unavailability.  Independence of the components which have failed to ensure the availability.

 Independence with respect stakeholders.

5…

Introduction Cybersecurity for SCADA systems The relationship between Availability and MFC Cyber Econometric Availability CEA Conclusion

Classical Formula of Availability MFC a metric for Availability

 The Mean Failure Cost  Stakeholders  Security Requirements  Components  Threats

MFC  ST DP IM PT

6 …

Introduction Cybersecurity for SCADA systems The relationship between Availability and MFC Cyber Econometric Availability CEA Conclusion

DP

Security Requirements

…Hi…

Stakeholders

×

The stake of stakeholder Hi for the security requirements

IM

R1

PT Tp+1

7 …

…Tq…

Probability that threat Tq materializes during a unit of operational time (e.g. 1 hour)

1

×

Tp+

…Ck…

Probability that component Ci is compromised if threat Ti has materialized

Threats

C1

T1

…Tq…

1

Ch+

Components

Probability of failure with respect to a requirement Ri given that a component Ck has failed

Threats T1

×

…Ck…

Rn

Hm

MFC=

Components C1

Rn

…Ri…

…Rj…

H1

R1

Security requirements

ST

Classical Formula of Availability MFC a metric for Availability

Ch+1

Introduction Cybersecurity for SCADA systems The relationship between Availability and MFC Cyber Econometric Availability CEA Conclusion

Classical Formula of Availability MFC a metric for Availability

Availability + Confidentiality + integrity Security

 The Mean Failure Cost extension  ST′ is an extension of the stakes matrix, in which we consider the availability

as a column vector  DP′ Is an extension of the dependency matrix, in which we consider the availability as a line vector

MFC  ST ' DP ' IM PT ( n 1)

(1h )

( h  p ) ( p 1)

8 …

Introduction Cybersecurity for SCADA systems The relationship between Availability and MFC Cyber Econometric Availability CEA Conclusion

ST’

Classical Formula of Availability MFC a metric for Availability

DP’

Availability

Components …Ck…

Ch+1

Probability of unavailability Caused by the component Ck

Probability of availability

×

Availability

The stake of stakeholder Hi for the availability

Hm

MFC’=

…Hi…

Stakeholders

H1

C1

IM

Threats …Tq…

PT Tp+1

9 …

…Tq…

Probability that threat Tq materializes during a unit of operational time (e.g. 1 hour)

1

Threats

×

Tp+

…Ck…

Probability that component Ci is compromised if threat Ti has materialized

1

Ch+

×

Components

C1

T1

T1

Introduction Cybersecurity for SCADA systems The relationship between Availability and MFC Cyber Econometric Availability CEA Conclusion

Cyber Econometric Availability CEA

 If we want to redefine availability in value-oriented terms, we may want to consider three factors:

The gain, per unit of time, achieved by stakeholder H from the system being operational; we denote this by G(H). The loss, per unit of time, incurred by stakeholder K from the system being

down; we denote this by MFC’(H)  AVAIL: The availability value

10 …

Introduction Cybersecurity for SCADA systems The relationship between Availability and MFC Cyber Econometric Availability CEA Conclusion

Cyber Econometric Availability CEA

Using these quantities MFC’(H), Avail and G(H)  we can define a value-oriented version of availability named Cyber Econometric Availability as:

CEA( H )  ( AVAIL  G( H ))  (1  AVAIL)  MFC ( H ) or

CEA( H )  ( AVAIL  G( H ))  ( AVAIL  MFC ( H ))

11 …

Introduction Cybersecurity for SCADA systems The relationship between Availability and MFC Cyber Econometric Availability CEA Conclusion

 CEA (H) =G(H): the system is available with an average of 100% gain per unit of time

 CEA (H) = MFC’ (H): the system is unavailable and the MFC (H) is the average loss per unit of time. (Avail-1)×MFC’< CEA (H) < 0: The system is available but not profitable.

Avail×G(H) > CEA(H) > 0 : The system is available and profitable.

1 www.steg.com.tn 12 …

Introduction Cybersecurity for SCADA systems The relationship between Availability and MFC Cyber Econometric Availability CEA Conclusion

Illustration Cyber Security Econometric case study STEG1 (company of electric power and natural gas in Tunisia).

The number of failures is very high and the mean time between failures is around 182,5 hours. The maintenance teams need around 3hour to repair the system.

Applying the classic formula of the availability for one hour:

Avail 

MTBF 182,5   98,382% MTBF  MTTR 182,5  3 1 www.steg.com.tn 12 …

Introduction Cybersecurity for SCADA systems The relationship between Availability and MFC Cyber Econometric Availability CEA Conclusion

Stakeholders

Maintenance Personnel System Administrator Technical staff Controllers

MFC

Gain

CEA

($/hour)

($/hour)

($/hour)

5 210,73

340,15

250,23

1 152,94

197,83

175,17

2 315,88

170,07

129,80

4 631,76

620,34

535,07

1 www.steg.com.tn 14 …

Introduction Cybersecurity for SCADA systems The relationship between Availability and MFC Cyber Econometric Availability CEA Conclusion

 The SCADA systems have a critical infrastructure therefore high availability is needed for all stakeholders  The classical formula doesn’t satisfy dependences of system (stakeholders, components and threats).  The Cyber Econometric Availability based on MFC and Avail can be more significant .

15 …

Thank You