Using a systems-theoretic approach to analyze cyber attacks on cyber-physical systems

Author(s)
Whyte, David L., 1967-
Thumbnail
DownloadFull printable version (11.22Mb)
Other Contributors
System Design and Management Program.
Advisor
Abel Sanchez.
Terms of use
MIT theses are protected by copyright. They may be viewed, downloaded, or printed from this source but further reproduction or distribution in any format is prohibited without written permission. http://dspace.mit.edu/handle/1721.1/7582
Metadata
Show full item record
Abstract
With increased Internet connectivity and the advent of the industrial Internet, cyber-physical systems are increasingly being targeted by cyber attacks. Unlike, cyber attacks on IT networks, successfully compromising a cyber-physical environment takes considerably more time, motivation, expertise, and operational costs to the adversary. This thesis explores how a systems-theoretic approach, the Systems-Theoretic Accident Model and Processes (STAMP), can be used by an organization to complement intelligence-driven models of intrusion analysis to provide both additional insight and prioritize defensive countermeasures in order to guard against cyber-physical attacks and compromises. Specifically, in this thesis we analyze two real-world use cases of well publicized cyber-physical attacks using traditional intelligence-driven models of intrusion analysis as well as apply the Causal Analysis based on STAMP (CAST) model on one of the use cases. The STAMP/CAST based analysis afforded us deeper insights into the system causal factors that led to the successful compromise. In turn, this allowed for the generation of specific recommendations to safeguard the cyber-physical systems within the network in order to increase the overall organizational security posture. This included a recommendation to modify the existing organizational structure (i.e., the addition of a Security Operations Centre function) such that clearly defined security roles and responsibilities could be effectively implemented thus significantly improving an organization's ability to respond to cyber attacks.
Description
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, School of Engineering, System Design and Management Program, 2017.
 
Cataloged from PDF version of thesis.
 
Includes bibliographical references (pages 113-118).
 
Date issued
2017
URI
http://hdl.handle.net/1721.1/110143
Department
Massachusetts Institute of Technology. Engineering and Management ProgramSystem Design and Management Program.
Publisher
Massachusetts Institute of Technology
Keywords
Engineering and Management Program., System Design and Management Program.
Collections