Modelling Cost-Effectiveness of Defenses in Industrial Control Systems.

Industrial Control Systems (ICS) play a critical role in controlling industrial processes. Wide use of modern IT technologies enables cyber attacks to disrupt the operation of ICS. Advanced Persistent Threats (APT) are the most threatening attacks to ICS due to their long persistence and destructive cyber-physical effects to ICS. This paper considers a simulation of attackers and defenders of an ICS, where the defender must consider the cost-effectiveness of implementing defensive measures within the system in order to create an optimal defense. The aim is to identify the appropriate deployment of a specific defensive strategy, such as defense-in-depth or critical component defense. The problem is represented as a strategic competitive optimisation problem, which is solved using a co-evolutionary particle swarm optimisation algorithm. Through the development of optimal defense strategy, it is possible to identify when each specific defensive strategies is most appropriate; where the optimal defensive strategy depends on the resources available and the relative effectiveness of those resources.