Cybernetic modeling of Industrial Control Systems: Towards threat analysis of critical infrastructure

TL;DR

This paper proposes a cybernetic, recursive model based on the Viable System Model to enhance threat analysis and security decision-making in Industrial Control Systems for critical infrastructure.

Contribution

It introduces a novel cybernetic modeling framework for ICS networks, integrating VSM principles to improve threat analysis and security management.

Findings

Provides a comprehensive view of ICS subsystem interactions.

Facilitates better threat analysis and security decisions.

Lays groundwork for future cyber security strategies.

Abstract

Industrial Control Systems (ICS) encompassing resources for process automation are subjected to a wide variety of security threats. The threat landscape is arising due to increased adoption of Commercial-of-the-shelf (COTS) products as well as the convergence of Internet and legacy systems. Prevalent security approaches for protection of critical infrastructure are scattered among various subsystems and modules of ICS networks. This demands a new state-of-the-art cybernetic model of ICS networks, which can help in threat analysis by providing a comprehensive view of the relationships and interactions between the subsystems. Towards this direction, the principles of the Viable System Model (VSM) are applied to introduce a conceptual recursive model of secure ICS networks that can drive cyber security decisions.