Abstract
Critical National Infrastructure (CNI) is vital and critical to the delivery of essential services to society and is necessary for a country to function properly. CNI are increasingly being connected to the internet to improve operational efficiency and reduce costs. The adoption of the Industrial Internet of Things (IoT) introduced new attack vectors which have necessitated a need to build and improve cyber resilience in CNI. The quantification of cyber resilience via metrics is one of the ways to improve resilience. However, there is currently no standard methodology and metrics to quantitatively measure cyber resilience in CNI. This paper proposes a list of suitable cyber resilience metrics for IoT-enabled CNI. Smart grid is considered as a CNI case study to measure the effectiveness of the proposed cyber resilience metrics. Evaluation of the systemic impact metric on smart grid showed that the performance of the system under an attack is dependent on the recovery time; hence, the higher the systemic impact, the lower the resilience of the CNI and vice versa. Quantifying the resilience of CNI is crucial to determining the security control defenses required to reduce the impact of a cyber attack.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Hammoudeh, M., et al.: A service-oriented approach for sensing in the internet of things: intelligent transportation systems and privacy use cases. IEEE Sens. J. 21(14), 15753–15761 (2020)
Lloyd’s Register Foundation. Foresight review of cyber security for the industrial IoT (2020). Accessed 7 Nov 2023
Gunduz, M.Z., Das, R.: Analysis of cyber-attacks on smart grid applications. In: 2018 International Conference on Artificial Intelligence and Data Processing (IDAP), pp. 1–5. IEEE (2018)
Muncaster, P.: Nine in 10 CNI providers damaged by cyber-attacks (2019). Accessed 8 Nov 2023
Walshe, M., Epiphaniou, G., Al-Khateeb, H., Hammoudeh, M., Katos, V., Dehghantanha, A.: Non-interactive zero knowledge proofs for the authentication of IoT devices in reduced connectivity environments. Ad Hoc Netw. 95, 101988 (2019)
Epiphaniou, G., Mohammad Hammoudeh, H., Yuan, C.M., Ani, U.: Digital twins in cyber effects modelling of IoT/CPS points of low resilience. Simul. Model. Pract. Theory 125, 102744 (2023)
Critical national infrastructure (2023). Accessed 8 Nov 2023
Bodeau, D., Graubart, R., Picciotto, J., McQuaid, R.: Cyber resiliency engineering framework. MTR110237, MITRECorporation (2011)
Cutter, S.L., et al.: Disaster resilience: a national imperative. Environ. Sci. Policy Sustain. Dev. 55(2), 25–29 (2013)
Ross, R., Pillitteri, V., Graubart, R., Bodeau, D., McQuaid, R.: Developing cyber resilient systems: a systems security engineering approach. Technical report, National Institute of Standards and Technology (2019)
Mihalache, S.F., Pricop, E., Fattahi, J.: Resilience enhancement of cyber-physical systems: a review. In: Mahdavi Tabatabaei, N., Najafi Ravadanegh, S., Bizon, N. (eds.) Power Systems Resilience. PS, pp. 269–287. Springer, Cham (2019). https://doi.org/10.1007/978-3-319-94442-5_11
Murino, G., Armando, A., Tacchella, A.: Resilience of cyber-physical systems: an experimental appraisal of quantitative measures. In: 11th International Conference on Cyber Conflict (CyCon), vol. 900, pp. 1–19. IEEE (2019)
Cassottana, B., Roomi, M.M., Mashima, D., Sansavini, G.: Resilience analysis of cyber-physical systems: a review of models and methods. Risk Anal. 43(11), 2359–2379 (2023)
Fang, Y.-P., Pedroni, N., Zio, E.: Resilience-based component importance measures for critical infrastructure network systems. IEEE Trans. Reliab. 65(2), 502–512 (2016)
Francis, R., Bekera, B.: A metric and frameworks for resilience analysis of engineered and infrastructure systems. Reliab. Eng. Syst. Saf. 121, 90–103 (2014)
Hassell, S., et al.: Evaluating network cyber resiliency methods using cyber threat, vulnerability and defense modeling and simulation. In: MILCOM 2012-2012 IEEE Military Communications Conference, pp. 1–6. IEEE (2012)
Hossain-McKenzie, S., Lai, C., Chavez, A., Vugrin, E.: Performance-based cyber resilience metrics: an applied demonstration toward moving target defense. In: IECON 2018-44th Annual Conference of the IEEE Industrial Electronics Society, pp. 766–773. IEEE (2018)
Haque, M.A., De Teyou, G.K., Shetty, S., Krishnappa, B.: Cyber resilience framework for industrial control systems: concepts, metrics, and insights. In: 2018 IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 25–30. IEEE (2018)
Segovia, M., Rubio-Hernan, J., Cavalli, A.R., Garcia-Alfaro, J.: Cyber-resilience evaluation of cyber-physical systems. In: 2020 IEEE 19th International Symposium on Network Computing and Applications (NCA), pp. 1–8. IEEE (2020)
Bruneau, M., et al.: A framework to quantitatively assess and enhance the seismic resilience of communities. Earthq. Spectra 19(4), 733–752 (2003)
Cimellaro, G.P., Reinhorn, A.M., Bruneau, M.: Framework for analytical quantification of disaster resilience. Eng. Struct. 32(11), 3639–3649 (2010)
Vugrin, E.D., Warren, D.E., Ehlen, M.A.: A resilience assessment framework for infrastructure and economic systems: quantitative and qualitative resilience analysis of petrochemical supply chains to a hurricane. Process Saf. Prog. 30(3), 280–290 (2011)
Hamilton, D.L., Walker, I.D., Bennett, J.K.: Fault tolerance versus performance metrics for robot systems. Reliab. Eng. Syst. Saf. 53(3), 309–318 (1996)
Smart grids. Accessed 7 Oct 2023
What are the basic components of smart grids (2021). Accessed 7 Oct 2023
Matey, A.H., Danquah, P., Koi-Akrofi, G.Y., Asampana, I.: Critical infrastructure cybersecurity challenges: IoT in perspective. Int. J. Netw. Secur. Appl. 13(4), 41–58 (2021)
Zheng, L., Yang, H.: Unlocking the Power of OPNET Modeler. Cambridge University Press, Cambridge (2012)
AlMajali, A., Viswanathan, A., Neuman, C.: Analyzing resiliency of the smart grid communication architectures under cyber attack. In: CSET (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Adewumi, A., Hammoudeh, M., Dargahi, T., Jogunola, O. (2024). Measuring Cyber Resilience of IoT-Enabled Critical National Infrastructures. In: Andreoni, M. (eds) Applied Cryptography and Network Security Workshops. ACNS 2024. Lecture Notes in Computer Science, vol 14586. Springer, Cham. https://doi.org/10.1007/978-3-031-61486-6_16
Download citation
DOI: https://doi.org/10.1007/978-3-031-61486-6_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-61485-9
Online ISBN: 978-3-031-61486-6
eBook Packages: Computer ScienceComputer Science (R0)