The Impact of Network Design Interventions on the Security of Interdependent Systems

TL;DR

This paper investigates how network design interventions can enhance the security of interdependent cyber-physical systems, proposing algorithms and evaluating strategies like adding nodes and redundancies to improve defense against attacks.

Contribution

It introduces an algorithm to simplify CPS attack graphs and evaluates four network design interventions, providing insights into effective security strategies beyond traditional perimeter defenses.

Findings

Interventions strengthening internal components can outperform perimeter defenses.

Adding nodes and redundancies can significantly improve CPS security.

Approach aligns with security organization recommendations.

Abstract

We study the problem of defending a Cyber-Physical System (CPS) consisting of interdependent components with heterogeneous sensitivity to investments. In addition to the optimal allocation of limited security resources, we analyze the impact of an orthogonal set of defense strategies in the form of network design interventions in the CPS to protect it against the attacker. We first propose an algorithm to simplify the CPS attack graph to an equivalent form which reduces the computational requirements for characterizing the defender's optimal security investments. We then evaluate four types of design interventions in the network in the form of adding nodes in the attack graph, interpreted as introducing additional safeguards, introducing structural redundancies, introducing functional redundancies, and introducing new functionalities. We identify scenarios in which interventions that strengthen internal components of the CPS may be more beneficial than traditional approaches such as perimeter defense. We showcase our proposed approach in two practical use cases: a remote attack on an industrial CPS and a remote attack on an automotive system. We highlight how our results closely match recommendations made by security organizations and discuss the implications of our findings for CPS design.