Exploring the Cyber-Physical Threat Landscape of Water Systems: A Socio-Technical Modelling Approach

The identification and assessment of the cyber-physical-threat landscape that surrounds water systems in the digital era is governed by complex socio-technical dynamics and uncertainties that exceed the boundaries of traditional risk assessment. This work provides a remedy for those challenges by incorporating socio-technical modelling to account for the adaptive balance between goal-driven behaviours and available skills of adversaries, exploitable vulnerabilities of assets and utility's security posture, as well as an uncertainty-aware multi-scenario analysis to assess the risk level of any utility against cyber-physical threats. The proposed risk assessment framework, underpinned by a dedicated modelling chain, deploys a modular sequence of processes for (a) the estimation of vulnerability-induced probabilities and attack characteristics of the threat landscape under a spectrum of adversaries, (b) its formulation to a representative set of stochastically generated threat scenarios, (c) the combined cyber-physical stress-testing of the system against the generated scenarios and (d) the inference of the system's risk level at system and asset level. The proposed framework is demonstrated by exploring different configurations of a synthetic utility case study that investigate the effects and efficiency that different cyber-security practices and design traits can have over the modification of the risk level of the utility at various dimensions.

Automated summary

This study proposes a method to address the complex socio-technical dynamics and uncertainties in the digital era water system by incorporating socio-technical modeling. It uses a modular process, including estimation of vulnerability-induced probabilities and attack characteristics, generation of threat scenarios, cyber-physical stress-testing, and risk level assessment. By exploring different configurations, it investigates the effects of cyber-security practices and design traits on the modification of utility's risk level.