=Paper=
{{Paper
|id=Vol-1431/paper1
|storemode=property
|title=Resilience Assessment: Accidental and Malicious Threats
|pdfUrl=https://ceur-ws.org/Vol-1431/paper1.pdf
|volume=Vol-1431
|dblpUrl=https://dblp.org/rec/conf/vecos/Kaaniche15
}}
==Resilience Assessment: Accidental and Malicious Threats==
https://ceur-ws.org/Vol-1431/paper1.pdf
Resilience Assessment:
Accidental and Malicious Threats
Mohamed Kaâniche
CNRS; LAAS; Université de Toulouse – 7, Avenue du colonel Roche, F-31077 Toulouse, France
Université de Toulouse; UPS; INSA; INP; LAAS; F-31077 Toulouse, France
mohamed.kaaniche@laas.fr
A large body of research has been dedicated to the analysis, assessment and protection of cyber-
physical systems and critical infrastructures against potential threats that might affect the
dependability, the security or the resilience of the services delivered to the users. Traditionally,
accidental and malicious threats have been taken into account separately. In this talk we will
address the challenges raised by the resilience assessment and analysis of such systems
considering accidental and malicious threats in an integrated way and we will present some
examples of research studies carried out in this context.
Critical infrastructures, resilience, assessment, accidental threats, malicious threats
1. SUMMARY delivered to the users. The resilience term is used
differently, by different communities. It is defined in
In the past decade, several concerns have been (Laprie 2011) as the persistence of service delivery
raised about the vulnerability of critical that can justifiably be trusted, when facing
infrastructures and cyber-physical systems and changes.
their efficient protection in the presence of
accidental and malicious threats (Rahman et al. Traditionally, accidental and malicious threats have
2009). been taken into account separately. In this talk we
will address the challenges raised by the resilience
Historically, most of the efforts were dedicated to assessment and analysis of such systems
the protection of critical infrastructures against considering accidental and malicious threats in an
accidental faults and natural disasters with a integrated way and we will present some examples
specific focus on safety. The situation changed of research studies carried out in this context.
significantly after the September 11, 2001 tragic
events that led to increased international concerns In particular this objective has been addressed in
about the security and robustness of critical the context of the CRUTIAL project
infrastructures in response to evolving malicious (http://crutial.rse-web.it/) considering the example
threats of power grid critical infrastructures and the
associated information infrastructures dedicated to
The vulnerability of critical infrastructures has their management and control.
increased as a result of the wider use of open
networks and information infrastructures, and the CRUTIAL focussed on the failures resulting from
proliferation of vulnerable operating systems and interdependencies between these infrastructures.
control devices. Recent events targeting critical The characterization of such failures and the
infrastructures show that the threat is real. A widely modelling of their impact on relevant properties of
reported example is the Stuxnet sophisticated power systems have been investigated by means
malware discovered in July 2010 that targeted of models at different abstraction levels: i) from a
specific industrial computer control equipment and very abstract view expressing the essence of the
software, used for instance in nuclear power plants typical phenomena due to the presence of
in Iran [(Langner 2011). interdependencies, ii) to an intermediate detail level
representing in a rather abstract way the structure
A large body of research has been dedicated to the of the infrastructures, in some scenarios of interest,
analysis, assessment and protection of cyber- iii) to a quite detailed level where the infrastructures
physical systems and critical infrastructures against components and their interactions are investigated
potential threats that might affect the dependability, at a finer grain, considering elementary events
the security or the resilience of the services
�occurring at the components level and analysing BIO
their impact at the system level.
Mohamed Kaâniche has been at LAAS-CNRS,
Accordingly, the proposed resilience assessment Toulouse, France, since 1988 where he currently
framework (Kaâniche et al. 2009) is based on a holds a position of “Directeur de Recherche”,
hierarchical modelling approach that heading the Dependable Computing and Fault
accommodates the composition of different types of Tolerance Group. From March 1997 to February
models and formalisms, including generalized 1998, he was a Visiting Research Assistant
stochastic Petri nets, fault trees, Stochastic Well Professor at the University of Illinois at Urbana-
formed Nets, and Stochastic Activity Networks. Champaign, IL, USA.
Additionally, a new formalism called “Dependent
Automata” has been developed to provide a His research addresses the dependability and
rigorous definition of interdependencies related security assessment of hardware and software fault
failures. Also, unified models for describing tolerant computer systems and critical
cascading and escalating failures considering infrastructures, using analytical modelling and
accidental and malicious threats in an integrated experimental measurement techniques.
way have been defined (Laprie et al. 2007) He has been involved in several national and
Besides these models, the CRUTIAL project European research projects and acted as a
resilience assessment activities included consultant for companies in France and as an
architecture validation activities as well as testbed expert for the European Commission. He has
based experiments to analyse the impact of served on program and organization committees of
different attack scenarios on control applications. international dependability related conferences. He
was Program Chair of PRDC-2004, EDCC-5, DSN-
We will outline some of the results obtained in the PDS 2010, LADC-2011 and SAFECOMP- 2013. He
context of this project and discuss some open is General co-Chair of DSN-2016 that will be held
research problems. in Toulouse, France in June 2016.
3. REFERENCES
Kaâniche, et al. (2009) CRUTIAL Project
Deliverable D16 - Final version of the modelling
framework. http://crutial.rse-
web.it/Dissemination/DELIVERABLES-OF-THE-
PROJECT.asp
Laprie, Jean-Claude, Kanoun, Karama, Mohamed
Kaâniche, (2007) Modelling interdependencies
between Electricity and Information
Infrastructures. The 26th International
Conference on Computer Safety, Reliability, and
Security (SAFECOMP-2007), Nuremberg,
Germany, LNCS 4680, Springer, pp. 54-67.
Laprie, Jean-Claude “From Dependability to
Resilience”, IEEE International Conference on
Dependable Systems and Networks (DSN-
2008), Supplemental volume, Anchorage,
Alaska, USA, pp. G8-G9, 2008.
Langner, R. “Stuxnet: Dissecting a Cyberwarfare
Weapon,” IEEE Security & Privacy, vol. 9, no. 3,
2011, pp. 49–51.
Rahman, H.A., Beznosov, K., Marti, J.R.,
“Identification of sources of failures and their
propagation in critical infrastructures from 12
years of public failure reports“, Int. Journal on
Critical Infrastructures, vol.5, n°3, 2009
�