Research Papers

A Framework for Development of Risk-Informed Autonomous Adaptive Cyber Controllers

[+] Author and Article Information
Arun Veeramany

Pacific Northwest National Laboratory,
902 Battelle Boulevard,
Richland, WA 99352
e-mail: arun.veeramany@pnnl.gov

William J. Hutton

Pacific Northwest National Laboratory,
902 Battelle Boulevard,
Richland, WA 99352
e-mail: william.hutton@pnnl.gov

Siddharth Sridhar

Pacific Northwest National Laboratory,
902 Battelle Boulevard,
Richland, WA 99352
e-mail: siddharth.sridhar@pnnl.gov

Sri Nikhil Gupta Gourisetti

Pacific Northwest National Laboratory,
902 Battelle Boulevard,
Richland, WA 99352
e-mail: srinikhil.gourisetti@pnnl.gov

Garill A. Coles

Pacific Northwest National Laboratory,
902 Battelle Boulevard,
Richland, WA 99352
e-mail: garill.coles@pnnl.gov

Paul M. Skare

Pacific Northwest National Laboratory,
902 Battelle Boulevard,
Richland, WA 99352
e-mail: paul.skare@pnnl.gov

1Corresponding author.

Manuscript received March 8, 2018; final manuscript received February 6, 2019; published online June 3, 2019. Assoc. Editor: Mahesh Mani. The United States Government retains, and by accepting the article for publication, the publisher acknowledges that the United States Government retains, a nonexclusive, paid-up, irrevocable, worldwide license to publish or reproduce the published form of this work, or allow others to do so, for United States government purposes.

J. Comput. Inf. Sci. Eng 19(4), 041004 (Jun 03, 2019) (10 pages) Paper No: JCISE-18-1059; doi: 10.1115/1.4043040 History: Received March 08, 2018; Accepted February 12, 2019

This article details a framework and methodology to risk-inform the decisions of an unsupervised cyber controller. A risk assessment methodology within this framework uses a combination of fault trees, event trees, and attack graphs to trace and map cyber elements with business processes. The methodology attempts to prevent and mitigate cyberattacks by using adaptive controllers that proactively reconfigure a network based on actionable risk estimates. The estimates are based on vulnerabilities and potential business consequences. A generic enterprise-control system is used to demonstrate the wide applicability of the methodology. In addition, data needs, implementation, and potential pitfalls are discussed.

Copyright © 2019 by ASME
Your Session has timed out. Please sign back in to continue.


Utne, I. B., Sørensen, A. J., and Schjølberg, I., 2017, “Risk Management of Autonomous Marine Systems and Operations,” ASME 2017 36th International Conference on Ocean, Offshore and Arctic Engineering, American Society of Mechanical Engineers, New York.
Hassani, V., Crasta, N., and Pascoal, A. M., 2017, “Cyber Security Issues in Navigation Systems of Marine Vessels From a Control Perspective,” ASME 2017 36th International Conference on Ocean, Offshore and Arctic Engineering. American Society of Mechanical Engineers, New York.
Radisavljevic-Gajic, V., Park, S., and Chasaki, D., 2017, “Vulnerabilities of Cyber-Physical Linear Control Systems to Sophisticated Attacks,” ASME 2017 Dynamic Systems and Control Conference. American Society of Mechanical Engineers, New York.
Zelinko, I., Kharchenko, V., and Leontiev, K., 2017, Cyber Security Assessment of Component Off-the-Shelf Based NPP I&C System Using IMECA Technique,” 2017 25th International Conference on Nuclear Engineering. American Society of Mechanical Engineers, New York.
Minoli, D., and Occhiogrosso, B., 2017, “Internet of Things (IoT)-Based Apparatus and Method for Rail Crossing Alerting of Static or Dynamic Rail Track Intrusions,” 2017 Joint Rail Conference. American Society of Mechanical Engineers, New York.
Cybenko, G., Jajodia, S., Wellman, M. P., and Liu, P., 2014, “Adversarial and Uncertain Reasoning for Adaptive Cyber Defense: Building the Scientific Foundation,” International Conference on Information Systems Security, Springer, New York, pp. 1–8.
Sarkar, S., 2011, Autonomous Perception and Decision Making in Cyber-Physical Systems, Doctoral dissertation, The Pennsylvania State University, PA.
Ezell, B. C., 1998, Risks of Cyber Attack to Supervisory Control and Data Acquisition for Water Supply, M.S. thesis, University of Virginia, Charlottesville, VA.
Boyer, S. A., 1993, SCADA: Supervisory Control and Data Acquisition, Instrumentation Society of America, Research Triangle Park, Research Triangle, NC.
Oveisi, S., and Ravanmehr, R., 2017, “SFTA-Based Approach for Safety/Reliability Analysis of Operational Use-Cases in Cyber-Physical Systems,” ASME J. Comput. Inf. Sci. Eng., 17(3), p. 031018. [CrossRef]
Ralston, P. A., Graham, J. H., and Hieb, J. L., 2007, “Cyber Security Risk Assessment for SCADA and DCS Networks,” ISA Trans., 46(4), pp. 583–594. [CrossRef] [PubMed]
Kaplan, S., and Garrick, B. J., 1981, “On the Quantitative Definition of Risk,” Risk Anal., 1(1), pp. 11–27. [CrossRef]
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., and Stoddart, K., 2016, “A Review of Cyber Security Risk Assessment Methods for SCADA Systems,” Comput. Secur., 56, pp. 1–27. [CrossRef]
Verma, A. K., Ajit, S., and Karanki, D. R., 2010, Reliability and Safety Engineering, Vol. 43, Springer, New York.
Wu, W., Kang, R., and Li, Z., 2015, “Risk Assessment Method for Cybersecurity of Cyber-Physical Systems Based on Inter-Dependency of Vulnerabilities,” 2015 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM), IEEE, New York.
Mosleh, A., 2014, “PRA: A Perspective on Strengths, Current Limitations, and Possible Improvements,” Nucl. Eng. Technol., 46(1), pp. 1–10. [CrossRef]
Wood, R. T., Upadhyaya, B. R., and Floyd, D. C., 2017, “An Autonomous Control Framework for Advanced Reactors,” Nucl. Eng. Technol., 49(5), pp. 896–904. [CrossRef]
Cahn, A., Hoyos, J., Hulse, M., and Keller, E., 2013, “Software-Defined Energy Communication Networks: From Substation Automation to Future Smart Grids,” 2013 IEEE International Conference on Smart Grid Communications (SmartGridComm), IEEE, New York.
Moreira, N., Molina, E., Lázaro, J., Jacob, E., and Astarloa, A., 2016, “Cyber-Security in Substation Automation Systems,” Renew. Sustainable Energy Rev., 54, pp. 1552–1562. [CrossRef]
Helgoson, M., Westlin, P., and Kalhori, V., 2017, “Cyber Integrated Metrology, Learning and Evaluation System: An Approach Towards Smart Factories,” ASME 2017 International Mechanical Engineering Congress and Exposition, American Society of Mechanical Engineers, New York.
Jeschke, S., Brecher, C., Meisen, T., Özdemir, D., and Eschert, T., 2017, “Industrial Internet of Things and Cyber Manufacturing Systems,” Industrial Internet of Things, Springer, New York, pp. 3–19.
Wells, L. J., Camelio, J. A., Williams, C. B., and White, J., 2014, “Cyber-Physical Security Challenges in Manufacturing Systems,” Manuf. Lett., 2(2), pp. 74–77. [CrossRef]
Odonkor, P., Ball, Z., and Chowdhury, S., 2017, “A Distributed Intelligence Approach to Using Collaborating Unmanned Aerial Vehicles for Oil Spill Mapping,” ASME 2017 International Design Engineering Technical Conferences and Computers and Information in Engineering Conference, American Society of Mechanical Engineers, New York.
Ueland, E. S., Skjetne, R., and Dahl, A. R., 2017, “Marine Autonomous Exploration Using a Lidar and SLAM,” ASME 2017 36th International Conference on Ocean, Offshore and Arctic Engineering, American Society of Mechanical Engineers, New York.
Church, P., Mueller, H., Ryan, C., Gogouvitis, S. V., Goscinski, A., Haitof, H., and Tari, Z., 2017, “SCADA Systems in the Cloud,” Handbook of Big Data Technologies, Springer, New York, pp. 691–718.
Sajid, A., Abbas, H., and Saleem, K., 2016, “Cloud-Assisted IoT-Based SCADA Systems Security: A review of the State of the Art and Future Challenges,” IEEE Access, 4, pp. 1375–1384. [CrossRef]
Williams, T., 1998, “The Purdue Enterprise Reference Architecture and Methodology (PERA),” Handbook of Life Cycle Engineering: Concepts, Models, and Technologies, Purdue University, West Lafayette, IN.
Wang, L., Islam, T., Long, T., Singhal, A., and Jajodia, S., 2008, “An Attack Graph-Based Probabilistic Security Metric,” Lect. Notes Comput. Sci., 5094, pp. 283–296. [CrossRef]
Byres, E. J., Franz, M., and Miller, D., 2004, “The Use of Attack Trees in Assessing Vulnerabilities in SCADA Systems,” Proceedings of the International Infrastructure Survivability Workshop (IISW'04), Lisbon, Portugal, Dec. 5–8.
Karnouskos, S., 2011, “Stuxnet Worm Impact on Industrial Cyber-Physical System Security,” IECON 2011-37th Annual Conference on IEEE Industrial Electronics Society, IEEE, New York, pp. 4490–4494.
Lu, W., Miller, M., and Xue, L., 2017, “Detecting Command and Control Channel of Botnets in Cloud,” International Conference on Intelligent, Secure, and Dependable Systems in Distributed and Cloud Environments, Springer, New York.
Atighetchi, M., Pal, P., Webber, F., and Jones, C., 2003, “Adaptive use of Network-Centric Mechanisms in Cyber-Defense,” Object-Oriented Real-Time Distributed Computing, 2003. Sixth IEEE International Symposium on, IEEE, New York, pp. 183–192.
Macaulay, T., and Singer, B. L., 2011, Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS, CRC Press, Boca Raton.
Cebula, J. L., and Young, L. R., 2010, A Taxonomy of Operational Cyber Security Risks, Carnegie-Mellon Univ, Software Engineering Institute, Pittsburgh, PA.
Garrick, B. J., Hall, J. E., Kilger, M., McDonald, J. C., O’Toole, T., Probst, P. S., Parker, E. R., Rosenthal, R., Trivelpiece, A. W., and Van Arsdale, L. A., 2004, “Confronting the Risks of Terrorism: Making the Right Decisions,” Reliab. Eng. Syst. Saf., 86(2), pp. 129–176. [CrossRef]
Whyte, D. L., 2017, Using a Systems-Theoretic Approach to Analyze Cyber Attacks on Cyber-Physical Systems, Massachusetts Institute of Technology, Cambridge, MA.
Team, C., 2015, Common Vulnerability Scoring System v3.0: Specification Document. First.org.
FIRST. Common Vulnerability Scoring System Version 3.0 Calculator. [cited 2018 09/02/2018]; CVSSv3 score for Sandworm vulnerability in Windows OLE (CVE-2014-4114) with CVSS vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]. Available from: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C.
Frigault, M., Wang, L., Singhal, A., and Jajodia, S.,2008, “Measuring Network Security Using Dynamic Bayesian Network,” Proceedings of the 4th ACM Workshop on Quality of Protection, Alexandria, VA.
Reddy, R. K. D., Doddi, S. R., Kutare, M. K., and Briguet, C., 2017, Security Feature Extraction for a Network, Google Patents 15/331,650.
Rosa, L., Alves, P., Cruz, T., Simões, P., and Monteiro, E., 2015, “A Comparative Study of Correlation Engines for Security Event Management,” ICCWS 2015-The Proceedings of the 10th International Conference on Cyber Warfare and Security: ICCWS2015, Academic Conferences Limited.
Chakrabarti, A., and Lindemann, U., 2016, Impact of Design Research on Industrial Practice, Springer, New York.
Russell, K., Kvarfordt, K., and Hoffman, C. 1995, Systems Analysis Programs for Hands-on Integrated Reliability Evaluations (SAPHIRE), Version 5.0. EG and G Idaho, Inc., Idaho Falls, ID (United States); Nuclear Regulatory Commission, Washington, DC. Office of Nuclear Regulatory Research.
EPRI, 2014, Computer Aided Fault Tree Analysis System (CAFTA), Version 6.0b. Available from: https://www.epri.com/#/pages/product/3002004316/.
Ruijters, E., and Stoelinga, M., 2015, “Fault Tree Analysis: A Survey of the State-of-the-Art in Modeling, Analysis and Tools,” Comput. Sci. Rev., 15, pp. 29–62. [CrossRef]
Turk, R. J., 2005, Cyber Incidents Involving Control Systems, Idaho National Laboratory (INL), Idaho Falls, ID.


Grahic Jump Location
Fig. 1

A framework for risk-informed autonomous adaptive controller

Grahic Jump Location
Fig. 2

A methodology to trace cyberattacks through an enterprise-control system

Grahic Jump Location
Fig. 3

Event tree illustrating possible attack scenarios penetrating through an enterprise-control system

Grahic Jump Location
Fig. 4

Fault tree representation for enterprise level failure

Grahic Jump Location
Fig. 5

Fault tree representation for operations level failure

Grahic Jump Location
Fig. 6

Fault tree representation for control center level failure

Grahic Jump Location
Fig. 7

Fault tree representation for process level failure

Grahic Jump Location
Fig. 8

Fault tree representation for remote station level failure

Grahic Jump Location
Fig. 9

Attack graph identifies cybersecurity linkages to business functions (fault tree nodes)



Some tools below are only available to our subscribers or users with an online account.

Related Content

Customize your page view by dragging and repositioning the boxes below.

Related Journal Articles
Related eBook Content
Topic Collections

Sorry! You do not have access to this content. For assistance or to subscribe, please contact us:

  • TELEPHONE: 1-800-843-2763 (Toll-free in the USA)
  • EMAIL: asmedigitalcollection@asme.org
Sign In