An architecture for HESTIA: high-level and extensible system for training and infrastructure risk assessment

Currently, preventing and mitigating cyber-attacks on cyber-physical control systems (CPCS) is a major challenge. A successful process for cyber-attack prevention and mitigation requires continuous vulnerability identification, threat modelling, risk assessment, hardening strategy design, and timely and correct implementation. These processes require a complete and detailed model of the CPCS plus knowledge of possible attacks and applicable defences. In this article, we describe the architecture of HESTIA: high-level and extensible system for training and infrastructure risk assessment. HESTIA is an iterative and adversarial-based modelling and risk assessment process and accompanying tool-set. We also describe the non-trivial design hurdles and concrete strategies for addressing these hurdles. Once fully developed, HESTIA will be able to: 1) completely specify a CPCS infrastructure; 2) check a specification for consistency; 3) identify applicable attacks and defences from a library; 4) enable the iterati...